> spring-boot-deployment
Deploy Spring Boot apps with Docker, GraalVM native images, and graceful shutdown. Use when deploying Spring Boot apps as GraalVM native images, containers, or configuring shutdown. (triggers: Dockerfile, compose.yml, docker-layer, native-image, graceful-shutdown)
curl "https://skillshub.wtf/HoangNguyen0403/agent-skills-standard/spring-boot-deployment?format=md"Spring Boot Deployment Standards
Priority: P0
Containerize with Docker
- Buildpacks: Use
bootBuildImage(Gradle) orspring-boot:build-image(Maven) for OCI-compliant images. - Layered JAR: Use
Layered JARsupport to optimize Build Cache. Use multi-stageDockerfile. - Security: Run as
non-rootuser. Useeclipse-temurinor Distroless as base image. - Secrets: NEVER commit secrets to Git. Inject via environment variables, Kubernetes Secrets, or Vault (spring.config.import). Never bake secrets into image layers.
See implementation examples for multi-stage layered Dockerfile and graceful shutdown configuration.
Build GraalVM Native Images (AOT)
- Use Case: Serverless or CLI tools requiring instant startup and low memory footprint.
- Constraints: Use
AOTtransformations. Register reflection withRuntimeHintsif needed. - Health Checks: Include
Actuatorendpoints specifically for Liveness and Readiness probes.
Tune Resources and Shutdown
- Graceful Shutdown: Enable
server.shutdown=gracefulwith a 30s timeout. - Memory: Use
-XX:+UseContainerSupportand-XX:MaxRAMPercentage=75.0. - Log Management: Log to
stdoutin Structured JSON for log aggregators.
Anti-Patterns
- No Fat JARs in Docker: Use Layered JAR support for better caching.
- No root container user: Run as restricted user (appuser/nobody).
- No baked-in secrets: Use Env vars or ConfigMaps, never image layers.
References
> related_skills --same-repo
> common-store-changelog
Generate user-facing release notes for the Apple App Store and Google Play Store by collecting git history, triaging user-impacting changes, and drafting store-compliant changelogs. Enforces character limits (App Store ≤4000, Google Play ≤500), tone, and bullet format. Use when generating release notes, app store changelog, play store release, what's new, or version release notes for any mobile app. (triggers: generate changelog, app store notes, play store release, what's new, release notes, ve
> golang-tooling
Go developer toolchain — gopls LSP diagnostics, linting, formatting, and vet. Use when setting up Go tooling, running linters, or integrating gopls with Claude Code. (triggers: gopls, golangci-lint, golangci.yml, go vet, goimports, staticcheck, go tooling, go lint)
> common-ui-design
Design distinctive, production-grade frontend UI with bold aesthetic choices. Use when building web components, pages, interfaces, dashboards, or applications in any framework (React, Next.js, Angular, Vue, HTML/CSS). (triggers: build a page, create a component, design a dashboard, landing page, UI for, build a layout, make it look good, improve the design, build UI, create interface, design screen)
> common-owasp
OWASP Top 10 audit checklist for Web Applications (2021) and APIs (2023). Load during any security review, PR review, or codebase audit touching web, mobile backend, or API code. (triggers: security review, OWASP, broken access control, IDOR, BOLA, injection, broken auth, API review, authorization, access control)