CI/CD pipeline Swiss Army knife — replace fragile bash one-liners with a single, portable Go binary.
# BEFORE # AFTER
for key in $(jq -r 'keys[]' config.json); pipekit env from-json config.json \
do --uppercase-keys --to-github
value=$(jq -r ".[\"$key\"]" config.json)
echo "${key^^}=$value" >> "$GITHUB_ENV"
doneOne static binary, no runtime deps, works the same on Linux, macOS, and Windows.
# Linux x86_64
curl -L https://github.com/AxeForging/pipekit/releases/latest/download/pipekit-linux-amd64.tar.gz | tar xz
sudo mv pipekit-linux-amd64 /usr/local/bin/pipekitARM64, macOS, Windows, source builds → docs/INSTALL.md
# Extract JSON config into GITHUB_ENV as UPPER_SNAKE_CASE
pipekit env from-json config.json --flatten --uppercase-keys --to-github
# Fail fast if required vars are missing
pipekit assert env-exists DEPLOY_TOKEN CLUSTER_NAME IMAGE_TAG
# Wait for a service to be ready
pipekit wait url http://localhost:8080/healthz --timeout 150s
# Retry a flaky command with exponential backoff
pipekit retry run --attempts 5 --delay 5s --backoff -- helm upgrade --install myapp ./chart
# Notify Slack on success/failure
pipekit notify slack --status success --title "Deploy v1.2.3 to prod"More end-to-end recipes → docs/EXAMPLES.md
| Command | What it does | Reference |
|---|---|---|
env |
Parse JSON / YAML / dotenv into env vars (GITHUB_ENV, GITHUB_OUTPUT, GitLab) | ↗ |
mask |
Hide secrets in logs (regex patterns, partial reveal, GitHub ::add-mask::) |
↗ |
transform |
base64, URL-encode, case conversion, regex replace, templates, hash, slug | ↗ |
summary |
Append markdown / tables / badges / collapsibles to $GITHUB_STEP_SUMMARY |
↗ |
assert |
Pipeline guards: env vars, files, JSON paths, semver, URL health | ↗ |
matrix |
Build GitHub Actions matrix JSON from dirs / files / JSON / Cartesian product | ↗ |
notify |
Slack / Discord / Teams / generic webhook with status formatting | ↗ |
wait |
Poll a URL / TCP port / shell command until ready | ↗ |
diff |
Detect changed files / dirs / services between git refs (monorepo-friendly) | ↗ |
version |
Get / bump / compare versions across package.json, Cargo.toml, Chart.yaml, etc. |
↗ |
retry |
Run any command with attempt count, delay, backoff, exit-code filtering | ↗ |
cache-key |
Deterministic SHA256 cache keys from files / globs / composite parts | ↗ |
checksum |
Generate / verify release checksums for artifact files | ↗ |
artifact |
Assert artifacts exist and generate size/SHA256 manifests | ↗ |
git |
CI-friendly git metadata: ref, SHA, tags, dirty state | ↗ |
changelog |
Generate release notes from git commit ranges | ↗ |
config |
Resolve env-specific config maps; map branches to environments | ↗ |
parse |
Pull fenced code blocks / YAML / frontmatter out of issue bodies, PR comments, markdown | ↗ |
comment |
Render, inspect, select, and amend hidden-anchor PR comments | ↗ |
json / yaml |
Get / set / del / deep-merge / convert / pretty / table on JSON, YAML, TOML, CSV | ↗ |
render |
Render Go templates with a sprig-like FuncMap and stacked --values files |
↗ |
exec |
Unified retry + mask + tee + timeout command runner | ↗ |
url parse |
Split a URL into SCHEME / HOST / PORT / USER / PASSWORD / PATH / QUERY env vars |
↗ |
image parse |
Split a container image ref into registry / repository / tag / digest | ↗ |
time |
RFC3339 / unix / tag / compact / iso timestamps; format conversion; arithmetic | ↗ |
port free · uuid · random |
Tiny generators for ephemeral resource names and ports | ↗ |
doctor |
Diagnose CI platform, env-var contract, tool availability | ↗ |
Full flag reference → docs/COMMANDS.md
| Doc | When to read |
|---|---|
| INSTALL.md | Install on Linux / macOS / Windows, build from source |
| REQUIREMENTS.md | Supported platforms, runtime deps, CI env vars contract |
| COMMANDS.md | Full reference: every command, every flag, copy-pasteable examples |
| EXAMPLES.md | End-to-end pipeline recipes (GitHub Actions, GitLab CI, Jenkins) |
| CONTRIBUTING.md | Repo layout, adding a command, testing, releasing |
| AI/README.md | Architecture reference for AI assistants working in this repo |
MIT — see LICENSE.