julianobarbosa/external-urls
skills/external-urls/SKILL.md
Hypera infrastructure URLs and endpoints reference. Use when user asks about URLs, domains, ingress endpoints, cluster API servers, application URLs, Helm repositories, Git repositories, or needs to check connectivity to services. Provides quick lookup of all external URLs across all environments (hub, dev, prd) and clusters (cafehyna, loyalty, painelclientes, sonora).
$ install --global
skillsauthnpx skillsauth add julianobarbosa/claude-code-skills external-urlsInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: May 21, 2026, 7:25 AM189.1s4 files scanned
SKILL.md
- name:
- external-urls
- description:
- Hypera infrastructure URLs and endpoints reference. Use when user asks about URLs, domains, ingress endpoints, cluster API servers, application URLs, Helm repositories, Git repositories, or needs to check connectivity to services. Provides quick lookup of all external URLs across all environments (hub, dev, prd) and clusters (cafehyna, loyalty, painelclientes, sonora).
External URLs Skill
Quick reference for all external URLs and endpoints in Hypera's multi-cluster GitOps infrastructure.
Quick URL Lookup
Application URLs by Environment
Hub (Shared Services)
| Service | URL | Purpose |
|---------|-----|---------|
| ArgoCD | https://argocd.cafehyna.com.br | GitOps UI & API |
| Sentry | https://sentry-hub.cafehyna.hypera.com.br | Error tracking |
| SonarQube | https://sonarqube-hub.cafehyna.com.br | Code quality |
| phpMyAdmin | https://dba.cafehyna.com.br | MySQL admin |
| Adminer | https://dba2.cafehyna.com.br | Multi-DB admin |
| Mimir | https://mimir-hub.cafehyna.com.br | Metrics storage |
Development
| Service | URL | Purpose |
|---------|-----|---------|
| Sentry | https://sentry.adocyl.com.br | Error tracking |
| SonarQube | https://sonarqube.hypera.com.br | Code quality |
| Grafana OnCall | https://oncall-dev.cafehyna.com | On-call management |
| phpMyAdmin | https://dev-dba.cafehyna.com.br | MySQL admin |
| RabbitMQ | https://rabbitmq-painelclientes-dev.cafehyna.com.br | Message queue |
Production
| Service | URL | Purpose |
|---------|-----|---------|
| Sentry | https://sentry.cafehyna.hypera.com.br | Error tracking |
Cluster API Endpoints
All clusters use Azure Private Link (VPN required):
| Cluster | API Server | Region |
|---------|------------|--------|
| cafehyna-hub | https://aks-cafehyna-default-b2ie56p8.5bbf1042-d320-432c-bd11-cea99f009c29.privatelink.eastus.azmk8s.io:443 | East US |
| cafehyna-dev | https://aks-cafehyna-dev-hlg-q3oga63c.30041054-9b14-4852-9bd5-114d2fac4590.privatelink.eastus.azmk8s.io:443 | East US |
| cafehyna-prd | https://aks-cafehyna-prd-hsr83z2k.c7d864af-cbd7-481b-866b-8559e0d1c1ea.privatelink.eastus.azmk8s.io:443 | East US |
| painelclientes-dev | https://akspainelclientedev-dns-vjs3nd48.hcp.eastus2.azmk8s.io:443 | East US 2 |
| painelclientes-prd | https://akspainelclientesprd-dns-kezy4skd.hcp.eastus2.azmk8s.io:443 | East US 2 |
| loyalty-dev | https://loyaltyaks-qas-dns-d330cafe.hcp.eastus.azmk8s.io:443 | East US |
Repository URLs
Git Repositories (Azure DevOps)
| Repository | URL |
|------------|-----|
| infra-team | https://[email protected]/hypera/Cafehyna%20-%20Desenvolvimento%20Web/_git/infra-team |
| argo-cd-helm-values | https://[email protected]/hypera/Cafehyna%20-%20Desenvolvimento%20Web/_git/argo-cd-helm-values |
| kubernetes-configuration | https://[email protected]/hypera/Cafehyna%20-%20Desenvolvimento%20Web/_git/kubernetes-configuration |
Helm Repositories
| Repository | URL | Charts |
|------------|-----|--------|
| ingress-nginx | https://kubernetes.github.io/ingress-nginx | ingress-nginx |
| jetstack | https://charts.jetstack.io | cert-manager |
| bitnami | https://charts.bitnami.com/bitnami | external-dns, phpmyadmin, rabbitmq |
| prometheus-community | https://prometheus-community.github.io/helm-charts | kube-prometheus-stack |
| robusta | https://robusta-charts.storage.googleapis.com | robusta |
| cetic | https://cetic.github.io/helm-charts | adminer |
| defectdojo | https://raw.githubusercontent.com/DefectDojo/django-DefectDojo/helm-charts | defectdojo |
Domain Reference
| Domain | Usage | Environment |
|--------|-------|-------------|
| *.cafehyna.com.br | Primary applications | All |
| *.cafehyna.hypera.com.br | Hypera-branded services | Hub/Prd |
| *.adocyl.com.br | Development services | Dev |
| *.hypera.com.br | Corporate services | All |
Certificate & DNS
- Certificate Issuer: Let's Encrypt
- DNS Provider: Cloudflare
- ClusterIssuers:
letsencrypt-prod,letsencrypt-staging - Contact:
[email protected]
SMTP Services
| Service | Host | Environment |
|---------|------|-------------|
| Office 365 | smtp.office365.com | Hub |
| SendGrid | smtp.sendgrid.net | Production |
Quick Commands
Check Application URL Health
# Check ArgoCD
curl -sI https://argocd.cafehyna.com.br | head -1
# Check all hub services
for url in argocd.cafehyna.com.br sentry-hub.cafehyna.hypera.com.br sonarqube-hub.cafehyna.com.br dba.cafehyna.com.br; do
echo -n "$url: "; curl -sI "https://$url" -o /dev/null -w "%{http_code}\n" --connect-timeout 5 2>/dev/null || echo "FAILED"
done
Check Cluster Connectivity
# Test cluster API (requires VPN)
curl -sk https://aks-cafehyna-default-b2ie56p8.5bbf1042-d320-432c-bd11-cea99f009c29.privatelink.eastus.azmk8s.io:443/healthz
# Using kubectl
kubectl --kubeconfig ~/.kube/aks-rg-hypera-cafehyna-hub-config cluster-info
Check Helm Repository
# Add and update
helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
helm repo update ingress-nginx
# Search charts
helm search repo ingress-nginx
Configuration File Locations
URLs are defined in these configuration files:
| Category | Path Pattern |
|----------|--------------|
| Application Ingress | argo-cd-helm-values/kube-addons/<service>/<cluster>/values.yaml |
| Cluster Endpoints | infra-team/argocd-clusters/<cluster>.yaml |
| Git Repositories | infra-team/argocd-repos/base/git-repositories/*.yaml |
| Helm Repositories | infra-team/argocd-repos/base/helm-repositories/*.yaml |
Troubleshooting
| Issue | Resolution | |-------|------------| | Application URL not reachable | Check ingress-nginx pods, verify DNS in Cloudflare | | Cluster API timeout | Verify VPN connection, check Azure AKS status | | Certificate error | Verify cert-manager ClusterIssuer, check Let's Encrypt rate limits | | DNS not resolving | Check external-dns logs, verify Cloudflare API token |
Scripts
scripts/check-urls.sh- Health check all application URLsscripts/list-urls.sh- List URLs by environment or category
Detailed Reference
For complete URL inventory with source file locations:
- references/urls-detail.md - Complete URL reference
- docs/external-urls-reference.md - Full documentation
Gotchas
- Private Link API endpoints require VPN, not just kubeconfig: All
privatelink.eastus.azmk8s.ioURLs resolve only inside the corporate network.kubectlwill hang for 30s then time out — not produce a clear DNS error — when VPN is dropped. cafehyna.com.brandcafehyna.hypera.com.brare different zones: Records added to the wrong zone propagate fine and resolve fine in browsers, but cert-manager DNS-01 challenges fail because the ACME validator queries the apex zone's NS records. Verify the zone withdig NS <domain>before adding records.adocyl.com.bris the dev-only domain — don't reuse for hub: Cross-environment hostname reuse breaks Let's Encrypt staging vs prod issuer scoping, and SonarQube/Sentry session cookies leak across envs if they share the apex.- Azure DevOps Git URLs need URL-encoded project names:
Cafehyna%20-%20Desenvolvimento%20Webmust keep the encoding — raw spaces breakgit clonewith a cryptic 404. The Azure DevOps UI hides this; copy from the SSH tab or use the encoded form. smtp.office365.comrequires modern auth (OAuth2) since Oct 2022: Basic auth on port 587 is disabled tenant-wide. Apps still configured with username/password silently fail with535 5.7.139. Use SendGrid or app passwords with MFA bypass.- East US vs East US 2 cluster mix breaks cross-region pod traffic: painelclientes (EUS2) and cafehyna (EUS) clusters can't share private DNS zones without explicit VNet peering — ingress hostnames resolve but pod-to-pod fails. Check the region column before assuming connectivity.
Related Skills
julianobarbosa/your-skill-name
testing
VerifiedTrustedCommunity
Brief description of what this skill does. Include specific triggers - when should Claude use this skill? Example triggers, file types, or keywords that indicate this skill applies.
76SKILL.mdUpdated May 30, 2026
julianobarbosa/zsh-path
tools
VerifiedTrustedCommunity
Manage and troubleshoot PATH configuration in zsh. Use when adding tools to PATH (bun, nvm, Python venv, cargo, go), diagnosing "command not found" errors, validating PATH entries, or organizing shell configuration in .zshrc and .zshrc.local files.
76SKILL.mdUpdated May 30, 2026
julianobarbosa/zabbix-api
tools
VerifiedTrustedCommunity
Zabbix monitoring system automation via API and Python. Use when: (1) Managing hosts, templates, items, triggers, or host groups, (2) Automating monitoring configuration, (3) Sending data via Zabbix trapper/sender, (4) Querying historical data or events, (5) Bulk operations on Zabbix objects, (6) Maintenance window management, (7) User/permission management
76SKILL.mdUpdated May 30, 2026
julianobarbosa/yt-music
development
VerifiedTrustedCommunity
Operate YouTube Music via natural language. Search songs, artists, albums, playlists, lyrics, charts, recommendations, and control playback. Browse personal library, manage playlists, rate tracks, and inspect account info. Use this skill whenever the user asks about YouTube Music, wants to play music, manage playlists, search by song or artist name, inspect lyrics, or control playback.
76SKILL.mdUpdated May 30, 2026