Deployment Automation with Claude Code

Your team just merged a big feature branch. The staging deploy went fine, but production requires a different Docker tag, three environment variables you can never remember, a database migration that has to run before the new code starts, and a Slack notification when it’s done. Last time somebody fat-fingered the image tag and rolled out last Tuesday’s build. The time before that, the migration ran after the deploy and users saw 500 errors for eleven minutes. Deployments should not require a checklist taped to the monitor.

What You’ll Walk Away With

• A repeatable prompt workflow for generating deploy scripts, Dockerfiles, and GitHub Actions pipelines with Claude Code
• Copy-paste prompts that produce environment-specific configuration, blue-green rollout steps, and automated rollback triggers
• A CLAUDE.md-driven deployment standard that Claude Code follows every time, so new engineers get the same quality output on day one

Generating a Production Dockerfile

Most Node.js Dockerfiles start as a copy-paste from Stack Overflow and never improve. Claude Code can generate an optimized, multi-stage build directly from your package.json and source layout.

Tip

Copy-paste prompt — production Dockerfile:

Look at my package.json, tsconfig, and source directory structure. Generate a production Dockerfile with a multi-stage build: stage 1 installs and compiles, stage 2 copies only the compiled output and production node_modules. Use node:20-alpine, create a non-root user, add a HEALTHCHECK on /health, and use tini as the entrypoint for proper signal handling. Put a .dockerignore next to the Dockerfile.

Claude Code reads your project files, detects whether you use npm, yarn, or pnpm based on the lockfile present, and produces a Dockerfile tailored to your actual stack — not a generic template. If you have a prisma/ directory it will add the Prisma generate step; if you have a public/ folder it will copy static assets into the right place.

After Claude generates the file, verify it locally:

docker build -t myapp:test . && docker run --rm -p 3000:3000 myapp:test

Then ask Claude Code to iterate:

The image is 340 MB. Reduce the size by switching the runtime stage to distroless or alpine with only the minimal packages needed.

This loop — generate, build, measure, refine — is where Claude Code shines. Each iteration takes seconds because Claude already has the full context.

Scripting Multi-Environment Deploys

Real projects have at least three environments: development, staging, production. The configuration differences between them are a constant source of bugs.

Tip

Copy-paste prompt — deploy script with environment matrix:

Generate a deploy.sh script that accepts an environment argument (dev, staging, prod). For each environment, it should: 1) source the correct .env file from deploy/envs/, 2) build and push the Docker image tagged with the git SHA and environment name, 3) run database migrations against the environment's DATABASE_URL, 4) deploy to the correct Kubernetes namespace using kubectl set image, 5) wait for the rollout to complete, 6) run a smoke test against the health endpoint. If any step fails, print a clear error and exit 1 without continuing. Use our existing ECR registry at 123456789.dkr.ecr.us-east-1.amazonaws.com.

Claude Code produces a shell script that handles the full lifecycle. Crucially, it exits early on failure rather than plowing through and creating a half-deployed state. You can pipe the output of this script into Slack or your CI log.

For teams using infrastructure-as-code, ask Claude Code to generate the Terraform or Pulumi equivalent:

Convert this deploy.sh approach into a Pulumi TypeScript program that manages the same three environments as stacks. Use the aws and kubernetes providers.

GitHub Actions Pipeline from Scratch

Claude Code has deep knowledge of GitHub Actions syntax, including reusable workflows, environment protection rules, and concurrency controls. Rather than copying a YAML file from another repo and hoping it works, describe what you need.

Tip

Copy-paste prompt — full CI/CD pipeline:

Create a GitHub Actions workflow at .github/workflows/deploy.yml. On pull request to main, run lint, type-check, and test jobs in parallel. On push to main (after merge), build a Docker image, push to GHCR, deploy to staging automatically, wait 5 minutes, run integration tests against staging, then require a manual approval step before deploying to production. Use OIDC for AWS authentication instead of static keys. Tag the Docker image with both the git SHA and 'latest'. Add a concurrency group so only one deploy runs at a time.

Claude Code generates the complete workflow file. A few things to verify after generation:

1. Check that the permissions block includes id-token: write for OIDC and packages: write for GHCR.
2. Confirm the environment: production block is present on the production deploy job — this is what enables the manual approval gate in GitHub.
3. Verify that the concurrency group uses ${{ github.workflow }}-${{ github.ref }} so that PR deploys and main deploys do not block each other.

Blue-Green Deployments

Zero-downtime deployment sounds great until you have to implement the traffic switch yourself. Claude Code can generate the full blue-green orchestration script including health validation.

We run two Kubernetes deployments: myapp-blue and myapp-green. Write a blue-green deploy script that determines which deployment is currently receiving traffic from the myapp Service, deploys the new image to the inactive deployment, waits for all pods to pass readiness checks, switches the Service selector to the new deployment, then monitors error rates for 2 minutes via our Prometheus endpoint. If the error rate exceeds 1%, switch traffic back to the old deployment and exit 1.

The key insight here is telling Claude Code about your monitoring endpoint. Without that, the script would just switch traffic and hope. With it, you get automatic rollback based on real data.

Rollback Procedures

Every deploy script should have a corresponding rollback. Claude Code can generate both at the same time.

Tip

Copy-paste prompt — deploy + rollback pair:

Generate two scripts: deploy.sh and rollback.sh. deploy.sh should record the current image tag in a .last-deploy file before deploying the new version. rollback.sh should read .last-deploy and redeploy that image, then run the reverse database migration if one exists. Both scripts should send a notification to our #deploys Slack channel using the SLACK_WEBHOOK_URL environment variable.

This pattern — recording state before changing it — is something experienced engineers build instinctively but juniors often forget. Claude Code includes it when you ask for a rollback pair because the style guide in your CLAUDE.md (or the prompt itself) makes the requirement explicit.

Encoding Standards in CLAUDE.md

The real power of Claude Code for deployment is consistency. Add deployment standards to your project’s CLAUDE.md:

## Deployment Standards

- All Docker images must use multi-stage builds with a non-root user
- Production deploys require a health check validation step
- Every deploy script must have a corresponding rollback script
- Database migrations run BEFORE the new code is deployed
- All deploy scripts exit on first error (set -euo pipefail)
- Image tags use git SHA, never 'latest' in production
- Secrets come from environment variables, never hardcoded

With these rules in place, every prompt to Claude Code about deployment automatically inherits these constraints. A new engineer asking “create a deploy script for the payments service” gets the same quality output as a senior engineer would write.

When This Breaks

Claude generates a Dockerfile that works locally but fails in CI. This usually happens because the CI runner has a different architecture (ARM vs x86). Add --platform linux/amd64 to the build step or ask Claude Code to add a docker buildx multi-platform build.

The deploy script succeeds but the app crashes on startup. Claude Code cannot see runtime behavior. After generating a deploy script, always run it against a non-production environment first. Add a smoke test step (curl the health endpoint, check the exit code) and ask Claude to include it if it did not.

The GitHub Actions workflow burns too many minutes. Claude Code tends to be thorough, which sometimes means running tests sequentially when they could be parallel. Tell Claude your constraint: “Our GitHub Actions budget is limited, so use a matrix strategy and run lint/type-check/test as separate jobs that start simultaneously.”

Environment variables are missing in production. Claude Code generates references to environment variables but cannot verify they exist in your deployment target. After generating a deploy script, run grep -oP 'DOLLAR_SIGN{?\K[A-Z_]+' deploy.sh (replacing DOLLAR_SIGN with the actual character) to list all referenced variables and confirm each one is set.

What’s Next

CI/CD Pipeline Configuration Deep dive into pipeline design with Claude Code including test parallelization and caching

Containerization with Docker and Kubernetes From Dockerfile to Helm chart -- full container workflow with Claude Code

Monitoring and Observability Wire up the alerts and dashboards that tell you whether your deploy actually worked