playbooks

home / skills / julianobarbosa / claude-code-skills / external-urls-skill

external-urls-skill skill

/skills/external-urls-skill

This skill helps you quickly locate and verify external URLs, endpoints and repositories across hub, dev, prd environments and multiple clusters.

npx playbooks add skill julianobarbosa/claude-code-skills --skill external-urls-skill

Review the files below or copy the command above to add this skill to your agents.

Files (4)
SKILL.md
6.3 KB
---
name: external-urls
description: Hypera infrastructure URLs and endpoints reference. Use when user asks about URLs, domains, ingress endpoints, cluster API servers, application URLs, Helm repositories, Git repositories, or needs to check connectivity to services. Provides quick lookup of all external URLs across all environments (hub, dev, prd) and clusters (cafehyna, loyalty, painelclientes, sonora).
---

# External URLs Skill

Quick reference for all external URLs and endpoints in Hypera's multi-cluster GitOps infrastructure.

## Quick URL Lookup

### Application URLs by Environment

**Hub (Shared Services)**

| Service | URL | Purpose |
|---------|-----|---------|
| ArgoCD | `https://argocd.cafehyna.com.br` | GitOps UI & API |
| Sentry | `https://sentry-hub.cafehyna.hypera.com.br` | Error tracking |
| SonarQube | `https://sonarqube-hub.cafehyna.com.br` | Code quality |
| phpMyAdmin | `https://dba.cafehyna.com.br` | MySQL admin |
| Adminer | `https://dba2.cafehyna.com.br` | Multi-DB admin |
| Mimir | `https://mimir-hub.cafehyna.com.br` | Metrics storage |

**Development**

| Service | URL | Purpose |
|---------|-----|---------|
| Sentry | `https://sentry.adocyl.com.br` | Error tracking |
| SonarQube | `https://sonarqube.hypera.com.br` | Code quality |
| Grafana OnCall | `https://oncall-dev.cafehyna.com` | On-call management |
| phpMyAdmin | `https://dev-dba.cafehyna.com.br` | MySQL admin |
| RabbitMQ | `https://rabbitmq-painelclientes-dev.cafehyna.com.br` | Message queue |

**Production**

| Service | URL | Purpose |
|---------|-----|---------|
| Sentry | `https://sentry.cafehyna.hypera.com.br` | Error tracking |

## Cluster API Endpoints

All clusters use Azure Private Link (VPN required):

| Cluster | API Server | Region |
|---------|------------|--------|
| cafehyna-hub | `https://aks-cafehyna-default-b2ie56p8.5bbf1042-d320-432c-bd11-cea99f009c29.privatelink.eastus.azmk8s.io:443` | East US |
| cafehyna-dev | `https://aks-cafehyna-dev-hlg-q3oga63c.30041054-9b14-4852-9bd5-114d2fac4590.privatelink.eastus.azmk8s.io:443` | East US |
| cafehyna-prd | `https://aks-cafehyna-prd-hsr83z2k.c7d864af-cbd7-481b-866b-8559e0d1c1ea.privatelink.eastus.azmk8s.io:443` | East US |
| painelclientes-dev | `https://akspainelclientedev-dns-vjs3nd48.hcp.eastus2.azmk8s.io:443` | East US 2 |
| painelclientes-prd | `https://akspainelclientesprd-dns-kezy4skd.hcp.eastus2.azmk8s.io:443` | East US 2 |
| loyalty-dev | `https://loyaltyaks-qas-dns-d330cafe.hcp.eastus.azmk8s.io:443` | East US |

## Repository URLs

### Git Repositories (Azure DevOps)

| Repository | URL |
|------------|-----|
| infra-team | `https://[email protected]/hypera/Cafehyna%20-%20Desenvolvimento%20Web/_git/infra-team` |
| argo-cd-helm-values | `https://[email protected]/hypera/Cafehyna%20-%20Desenvolvimento%20Web/_git/argo-cd-helm-values` |
| kubernetes-configuration | `https://[email protected]/hypera/Cafehyna%20-%20Desenvolvimento%20Web/_git/kubernetes-configuration` |

### Helm Repositories

| Repository | URL | Charts |
|------------|-----|--------|
| ingress-nginx | `https://kubernetes.github.io/ingress-nginx` | ingress-nginx |
| jetstack | `https://charts.jetstack.io` | cert-manager |
| bitnami | `https://charts.bitnami.com/bitnami` | external-dns, phpmyadmin, rabbitmq |
| prometheus-community | `https://prometheus-community.github.io/helm-charts` | kube-prometheus-stack |
| robusta | `https://robusta-charts.storage.googleapis.com` | robusta |
| cetic | `https://cetic.github.io/helm-charts` | adminer |
| defectdojo | `https://raw.githubusercontent.com/DefectDojo/django-DefectDojo/helm-charts` | defectdojo |

## Domain Reference

| Domain | Usage | Environment |
|--------|-------|-------------|
| `*.cafehyna.com.br` | Primary applications | All |
| `*.cafehyna.hypera.com.br` | Hypera-branded services | Hub/Prd |
| `*.adocyl.com.br` | Development services | Dev |
| `*.hypera.com.br` | Corporate services | All |

## Certificate & DNS

- **Certificate Issuer:** Let's Encrypt
- **DNS Provider:** Cloudflare
- **ClusterIssuers:** `letsencrypt-prod`, `letsencrypt-staging`
- **Contact:** `[email protected]`

## SMTP Services

| Service | Host | Environment |
|---------|------|-------------|
| Office 365 | `smtp.office365.com` | Hub |
| SendGrid | `smtp.sendgrid.net` | Production |

## Quick Commands

### Check Application URL Health

```bash
# Check ArgoCD
curl -sI https://argocd.cafehyna.com.br | head -1

# Check all hub services
for url in argocd.cafehyna.com.br sentry-hub.cafehyna.hypera.com.br sonarqube-hub.cafehyna.com.br dba.cafehyna.com.br; do
  echo -n "$url: "; curl -sI "https://$url" -o /dev/null -w "%{http_code}\n" --connect-timeout 5 2>/dev/null || echo "FAILED"
done
```

### Check Cluster Connectivity

```bash
# Test cluster API (requires VPN)
curl -sk https://aks-cafehyna-default-b2ie56p8.5bbf1042-d320-432c-bd11-cea99f009c29.privatelink.eastus.azmk8s.io:443/healthz

# Using kubectl
kubectl --kubeconfig ~/.kube/aks-rg-hypera-cafehyna-hub-config cluster-info
```

### Check Helm Repository

```bash
# Add and update
helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
helm repo update ingress-nginx

# Search charts
helm search repo ingress-nginx
```

## Configuration File Locations

URLs are defined in these configuration files:

| Category | Path Pattern |
|----------|--------------|
| Application Ingress | `argo-cd-helm-values/kube-addons/<service>/<cluster>/values.yaml` |
| Cluster Endpoints | `infra-team/argocd-clusters/<cluster>.yaml` |
| Git Repositories | `infra-team/argocd-repos/base/git-repositories/*.yaml` |
| Helm Repositories | `infra-team/argocd-repos/base/helm-repositories/*.yaml` |

## Troubleshooting

| Issue | Resolution |
|-------|------------|
| Application URL not reachable | Check ingress-nginx pods, verify DNS in Cloudflare |
| Cluster API timeout | Verify VPN connection, check Azure AKS status |
| Certificate error | Verify cert-manager ClusterIssuer, check Let's Encrypt rate limits |
| DNS not resolving | Check external-dns logs, verify Cloudflare API token |

## Scripts

- `scripts/check-urls.sh` - Health check all application URLs
- `scripts/list-urls.sh` - List URLs by environment or category

## Detailed Reference

For complete URL inventory with source file locations:

- **[references/urls-detail.md](references/urls-detail.md)** - Complete URL reference
- **[docs/external-urls-reference.md](../../../docs/external-urls-reference.md)** - Full documentation

Overview

This skill provides a quick, centralized reference of all external URLs, domains, ingress endpoints, cluster API servers, Git and Helm repositories, and SMTP hosts across Hypera environments and clusters. It’s designed for fast lookups, connectivity checks, and operational troubleshooting when you need to find or verify an external endpoint.

How this skill works

It catalogs application URLs by environment (hub, dev, prd), cluster API endpoints (VPN/Private Link), Git and Helm repository URLs, DNS and certificate providers, and SMTP hosts. It also includes example CLI commands to check URL health, verify cluster connectivity, and validate Helm repository access. Use the lookup to copy endpoints, run quick health checks, or follow troubleshooting steps for DNS, certificates, and cluster access.

When to use it

  • Finding an application URL or ingress endpoint for a given service or environment
  • Verifying cluster API server endpoints before connecting over VPN
  • Checking which Git or Helm repository hosts a chart or configuration
  • Running quick health checks for application URLs and ingress controllers
  • Troubleshooting DNS, certificate, or SMTP issues across environments

Best practices

  • Always test cluster API access from a VPNed environment when endpoints are Private Link
  • Use provided curl/kubectl/helm commands for quick verification before escalating
  • Keep DNS and certificate issuers (Cloudflare, Let’s Encrypt) in sync with ingress/ClusterIssuer configs
  • Store repo and helm URLs in GitOps values to avoid hardcoding in scripts
  • Verify ExternalDNS and ingress-nginx logs when DNS or routing issues appear

Example use cases

  • Copy ArgoCD or Sentry URL for a support ticket or incident runbook
  • Run the curl health check loop to validate hub service availability after a deployment
  • Confirm the correct AKS API server URL before running kubectl commands from a bastion or VPN
  • Add or update a Helm repo and search charts during a deployment planning session
  • Check SMTP host details when validating outbound email from hub or production apps

FAQ

Do I need VPN to reach cluster API endpoints?

Yes. All cluster API servers are exposed via Azure Private Link and require VPN or private network access to reach them.

Who to contact for certificate or DNS issues?

Certificate issuer and DNS provider details are listed; contact [email protected] for operational issues with certificates or Cloudflare DNS.