The Infrastructure Gap Most Development Teams Have
There is a consistent pattern in development teams that lack a dedicated DevOps engineer: applications are built well and deployed badly. The code is clean, tested, and reviewed. The Docker setup is jury-rigged from a tutorial that was written for a different stack. The CI/CD pipeline either does not exist, runs inconsistently, or has been broken for two weeks and nobody has had time to fix it. The infrastructure is manually provisioned, undocumented, and would take days to recreate if the production environment failed.
Every deployment under these conditions carries risk. A failed deployment at peak traffic causes downtime. A security misconfiguration in the infrastructure exposes the application to vulnerabilities that a properly configured pipeline would catch before deployment. A missing health check means a broken container keeps receiving traffic. None of these are hard problems to solve — they are problems that require DevOps knowledge the team does not have, and time the team does not have to acquire it.
Rupert — the KissMySkills DevOps agent — addresses this gap systematically. He asks targeted questions about the tech stack, cloud provider, deployment requirements, and existing setup, then produces complete, production-ready configuration files — not templates to adapt, but files ready to commit to the repository, tested, and deployed.
What DevOps Configuration Actually Involves
For developers who have not worked extensively with DevOps, the scope of what a well-configured deployment environment requires is often underestimated. A production-grade setup for a typical web application involves: containerisation (Dockerfile with multi-stage build, docker-compose for local development, .dockerignore to keep image size manageable), a CI/CD pipeline (automated lint, test, build, and deploy jobs triggered by branch events, with environment-specific configuration and secrets management), infrastructure as code (Terraform or similar defining the cloud resources in version-controlled configuration rather than manual console clicks), monitoring and alerting setup, and security configuration across all layers.
Most development teams have fragments of this — a Dockerfile that works, a partial CI/CD pipeline, some manually provisioned infrastructure. Rupert fills the gaps and provides the complete, production-grade version of each component for the specific stack and platform in use.
What Rupert Produces for Each Configuration Type
Docker and containerisation. A production-ready Dockerfile with multi-stage build (build stage and runtime stage separated to minimise final image size), non-root user configuration (a security requirement many developers skip), health check definition, and .dockerignore file. A docker-compose file for local development and testing. Inline comments explaining every non-obvious decision. A build and test command to verify the configuration locally before pushing.
CI/CD pipelines. A complete GitHub Actions or GitLab CI YAML file covering the full pipeline: lint and static analysis, unit and integration tests, security scanning, image build and push to registry, and deployment to the target environment. Environment-specific configuration for staging and production, with secrets management instructions specific to the platform being used. Conditional deployment logic — deploy to staging on PR merge, deploy to production on release tag — with rollback configuration.
Infrastructure as code. Terraform modules structured with the standard layout (main.tf, variables.tf, outputs.tf), remote state configuration for team use, and environment-specific variable files. For AWS, GCP, or Azure — whichever the team uses — with the specific resource types and configurations appropriate to the application type. A destroy plan review process to prevent accidental infrastructure deletion.
Kubernetes manifests. Deployment, Service, ConfigMap, and Ingress resources for containerised applications. Resource limits and requests to prevent memory and CPU issues in shared clusters. Liveness and readiness probe configuration. Horizontal pod autoscaler configuration for applications with variable traffic.
Security Built In, Not Added Later
Security in infrastructure configuration is not a separate phase — it is a series of decisions made during initial setup that either create or prevent vulnerabilities. The decisions that are most commonly skipped and most commonly exploited are predictable: secrets hardcoded in configuration files, IAM roles with overly broad permissions, container images running as root, network exposure wider than required, missing image scanning in the CI pipeline.
Every Rupert output includes a Security Notes section that addresses the security considerations specific to that configuration: which values must be stored in secrets management rather than committed to the repository, what the minimum required IAM permissions are for the deployment role, which network ports should be restricted, what image scanning integration is recommended for the CI platform in use. These are the configurations that development teams most consistently deprioritise under time pressure — and the ones that produce the most significant security incidents in production.
Platform-Specific Configuration, Not Generic Templates
Generic DevOps templates are a starting point that requires substantial adaptation to work in a specific environment. Deploying a Node.js application to AWS ECS requires different Terraform, different CI/CD configuration, and different health check setup than deploying the same application to Google Cloud Run. GitHub Actions has different syntax, trigger mechanisms, and secrets management than GitLab CI. An AWS IAM role configuration differs from a GCP service account configuration in ways that matter for security and functionality.
Rupert asks about the cloud provider, CI/CD platform, runtime, and deployment target during intake — and produces configuration specific to that combination. The output does not require the developer to understand how to adapt a generic template to their environment; it works for their environment as delivered.
For Developers Without a DevOps Background
Rupert is particularly valuable for full-stack developers who build well but have limited infrastructure experience — a category that includes the majority of developers at companies without dedicated DevOps engineers. The agent explains every significant architectural decision in the output: why multi-stage Docker builds reduce image size by separating build dependencies from the runtime image, why running containers as non-root matters for container escape scenarios, why blue/green deployment eliminates deployment downtime, why remote Terraform state prevents state file conflicts in team environments.
The explanations are calibrated for a developer who understands code and systems generally but is learning infrastructure configuration specifically. The output builds competence rather than just delivering configuration — so the developer can maintain and extend what Rupert produces without needing to return to the agent for every modification.
How to Start a DevOps Session with Rupert
Load the Rupert skill file into Claude Projects. Paste the activation prompt. Rupert asks intake questions one at a time: the application type, the language and framework, the cloud provider, the CI/CD platform, the deployment target, and any specific requirements or constraints. Answer specifically — the more precise the stack details, the more accurate the output. Receive complete, ready-to-commit configuration files with implementation instructions. Rupert works with Claude, ChatGPT, or any AI chat that accepts system prompts. For teams with complex multi-environment setups, a separate Claude Project per environment keeps the configurations organised and independently updateable.
The agent behind this guide. Give Rupert your stack and cloud provider and get production-ready Dockerfiles, CI/CD pipelines, and Terraform modules — with security notes, ready to commit.