{"id":48300051,"url":"https://github.com/paulanunes85/three-horizons-accelerator","last_synced_at":"2026-04-04T23:43:45.134Z","repository":{"id":335767466,"uuid":"1114623604","full_name":"paulanunes85/three-horizons-accelerator","owner":"paulanunes85","description":"Platform Engineering accelerator with Agentic DevOps. Includes 12 Terraform modules, 20 intelligent agents, and 21 Golden Path templates for AKS, AI Foundry, Defender, and Purview. LATAM-optimized with GitOps, T-shirt sizing, and automated deployments via GitHub Issues. Built for production-ready infrastructure. ","archived":false,"fork":false,"pushed_at":"2026-03-04T22:32:48.000Z","size":25159,"stargazers_count":1,"open_issues_count":1,"forks_count":2,"subscribers_count":1,"default_branch":"main","last_synced_at":"2026-03-05T03:40:33.324Z","etag":null,"topics":["agentic-devops","agents","ai","azure-foundry","claude-code","coding-agents","github-copilot","platform-engineering","skills"],"latest_commit_sha":null,"homepage":"","language":"HCL","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/paulanunes85.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":"CODEOWNERS","security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":"AGENTS.md","dco":null,"cla":null}},"created_at":"2025-12-11T16:32:43.000Z","updated_at":"2026-02-23T14:11:29.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/paulanunes85/three-horizons-accelerator","commit_stats":null,"previous_names":["paulanunes85/three-horizons-accelerator-v4","paulanunes85/three-horizons-accelerator"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/paulanunes85/three-horizons-accelerator","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/paulanunes85%2Fthree-horizons-accelerator","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/paulanunes85%2Fthree-horizons-accelerator/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/paulanunes85%2Fthree-horizons-accelerator/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/paulanunes85%2Fthree-horizons-accelerator/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/paulanunes85","download_url":"https://codeload.github.com/paulanunes85/three-horizons-accelerator/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/paulanunes85%2Fthree-horizons-accelerator/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31419543,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-04T20:09:54.854Z","status":"ssl_error","status_checked_at":"2026-04-04T20:09:44.350Z","response_time":60,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["agentic-devops","agents","ai","azure-foundry","claude-code","coding-agents","github-copilot","platform-engineering","skills"],"created_at":"2026-04-04T23:43:45.044Z","updated_at":"2026-04-04T23:43:45.115Z","avatar_url":"https://github.com/paulanunes85.png","language":"HCL","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Three Horizons Implementation Accelerator\n\n\u003e **A solution created in partnership with Microsoft, GitHub, and Red Hat**\n\n## Overview\n\nThe **Three Horizons Implementation Accelerator** is a complete kit of Infrastructure as Code (IaC), GitOps, and developer templates designed to implement the Three Horizons platform.\n\n### What's Included\n\n| Component | Quantity | Description |\n|-----------|----------|-------------|\n| **Terraform Modules** | 16 | Complete Azure infrastructure |\n| **AI Agents** | 11 | **[Copilot Chat Agents](./AGENTS.md)** (VS Code) |\n| **Golden Path Templates** | 22 | Self-service templates for RHDH |\n| **Issue Templates** | 28 | GitHub Issues templates |\n| **Automation Scripts** | 14 | Bootstrap and operations |\n| **MCP Servers** | 15 | MCP server configurations |\n| **Observability** | 4 | Dashboards and alerts |\n\n**Total: 120+ files | ~20,000 lines of production-ready code**\n\n---\n\n## Three Horizons Architecture\n\n![Three Horizons Architecture](docs/assets/three-horizons-architecture.svg)\n\n---\n\n## Quick Start\n\n### Prerequisites\n\n```bash\n# Required tools\naz version # \u003e= 2.50.0\nterraform version # \u003e= 1.5.0\nkubectl version # \u003e= 1.28\nhelm version # \u003e= 3.12\ngh --version # \u003e= 2.30\n\n# Authentication\n# Authentication\naz login\ngh auth login\n```\n\n\u003e šŸ“˜ **New to this accelerator?**\n\u003e We strongly recommend following the **[Step-by-Step Deployment Guide](docs/guides/DEPLOYMENT_GUIDE.md)** for a detailed walkthrough.\n\n### Quick Deploy ā€” 3 Options\n\nChoose the deployment method that fits your experience level:\n\n#### Option A: Agent-Guided (Easiest ā€” Interactive)\n```\n# In VS Code with GitHub Copilot Chat:\n@deploy Deploy the platform to dev environment\n```\nThe `@deploy` agent walks you through each step interactively.\n\n#### Option B: Automated Script (Recommended)\n```bash\n# 1. Clone and prepare\ngit clone https://github.com/YOUR_ORG/three-horizons-accelerator-v4.git\ncd three-horizons-accelerator-v4\nchmod +x scripts/*.sh\n\n# 2. Validate prerequisites\n./scripts/validate-prerequisites.sh\n\n# 3. Configure environment\ncp terraform/terraform.tfvars.example terraform/environments/dev.tfvars\n# Edit dev.tfvars with your values\n\n# 4. Set sensitive variables\nexport TF_VAR_azure_subscription_id=\"$(az account show --query id -o tsv)\"\nexport TF_VAR_azure_tenant_id=\"$(az account show --query tenantId -o tsv)\"\nexport TF_VAR_github_token=\"ghp_your_token\"\nexport TF_VAR_admin_group_id=\"your-aad-group-id\"\nexport TF_VAR_github_org=\"your-org\"\n\n# 5. Deploy (dry-run first!)\n./scripts/deploy-full.sh --environment dev --dry-run\n./scripts/deploy-full.sh --environment dev\n\n# 6. Validate\n./scripts/validate-deployment.sh --environment dev\n```\n\n#### Option C: Manual Step-by-Step (Full Control)\nFollow the detailed **[Deployment Guide](docs/guides/DEPLOYMENT_GUIDE.md)** ā€” 10 steps with copy-paste commands for each phase.\n\n---\n\n## Directory Structure\n\n```\nthree-horizons-accelerator-v4/\nā”‚\nā”œā”€ā”€ .github/agents/ # 11 Copilot Chat Agents\nā”‚ ā”œā”€ā”€ architect.agent.md # System architecture, AI Foundry\nā”‚ ā”œā”€ā”€ deploy.agent.md # Deployment orchestration\nā”‚ ā”œā”€ā”€ devops.agent.md # CI/CD, GitOps, MLOps, pipelines\nā”‚ ā”œā”€ā”€ docs.agent.md # Documentation generation\nā”‚ ā”œā”€ā”€ onboarding.agent.md # Team onboarding guidance\nā”‚ ā”œā”€ā”€ platform.agent.md # RHDH portal, platform services\nā”‚ ā”œā”€ā”€ reviewer.agent.md # Code review, quality checks\nā”‚ ā”œā”€ā”€ security.agent.md # Security policies, compliance\nā”‚ ā”œā”€ā”€ sre.agent.md # Reliability, incident response\nā”‚ ā”œā”€ā”€ terraform.agent.md # Infrastructure as Code\nā”‚ ā””ā”€ā”€ test.agent.md # Testing, validation\nā”‚\nā”œā”€ā”€ terraform/ # 16 Infrastructure as Code modules\nā”‚ ā”œā”€ā”€ main.tf # Root module\nā”‚ ā””ā”€ā”€ modules/\nā”‚ ā”œā”€ā”€ aks-cluster/ # Azure Kubernetes Service\nā”‚ ā”œā”€ā”€ ai-foundry/ # Azure AI Foundry\nā”‚ ā”œā”€ā”€ argocd/ # ArgoCD GitOps\nā”‚ ā”œā”€ā”€ container-registry/ # ACR\nā”‚ ā”œā”€ā”€ cost-management/ # Cost analysis and budgets\nā”‚ ā”œā”€ā”€ databases/ # PostgreSQL, Redis, Cosmos\nā”‚ ā”œā”€ā”€ defender/ # Defender for Cloud\nā”‚ ā”œā”€ā”€ disaster-recovery/ # Backup and DR\nā”‚ ā”œā”€ā”€ external-secrets/ # External Secrets Operator\nā”‚ ā”œā”€ā”€ github-runners/ # Self-hosted runners\nā”‚ ā”œā”€ā”€ naming/ # Naming conventions\nā”‚ ā”œā”€ā”€ networking/ # VNet, Subnets, NSGs\nā”‚ ā”œā”€ā”€ observability/ # Prometheus, Grafana, Loki\nā”‚ ā”œā”€ā”€ purview/ # Microsoft Purview\nā”‚ ā”œā”€ā”€ rhdh/ # Red Hat Developer Hub\nā”‚ ā””ā”€ā”€ security/ # Key Vault, Identities\nā”‚\nā”œā”€ā”€ golden-paths/ # 22 RHDH templates (Backstage)\nā”‚ ā”œā”€ā”€ h1-foundation/ # 6 basic templates\nā”‚ ā”œā”€ā”€ h2-enhancement/ # 9 advanced templates (incl. ADO migration)\nā”‚ ā””ā”€ā”€ h3-innovation/ # 7 AI/Agent templates\nā”‚\nā”œā”€ā”€ .github/ISSUE_TEMPLATE/ # 28 issue templates\nā”œā”€ā”€ argocd/ # GitOps configurations\nā”œā”€ā”€ config/ # Sizing profiles and regions\nā”œā”€ā”€ mcp-servers/ # 15 MCP configurations\nā”œā”€ā”€ scripts/ # 14 automation scripts\nā”œā”€ā”€ grafana/dashboards/ # Dashboards\nā”œā”€ā”€ prometheus/ # Alerts\nā””ā”€ā”€ docs/ # Documentation\n```\n\n---\n\n## Documentation\n\n### Comprehensive Guides\n\n| Guide | Description |\n|-------|-------------|\n| [Deployment Guide](./docs/guides/DEPLOYMENT_GUIDE.md) | Complete step-by-step deployment instructions |\n| [Architecture Guide](./docs/guides/ARCHITECTURE_GUIDE.md) | Three Horizons architecture explained |\n| [Administrator Guide](./docs/guides/ADMINISTRATOR_GUIDE.md) | Day-2 operations and maintenance |\n| [Module Reference](./docs/guides/MODULE_REFERENCE.md) | All Terraform modules with examples |\n| [Performance Tuning Guide](./docs/guides/PERFORMANCE_TUNING_GUIDE.md) | Performance optimization recommendations |\n| [Troubleshooting Guide](./docs/guides/TROUBLESHOOTING_GUIDE.md) | Problem diagnosis and resolution |\n\n### Agent Documentation\n\n| Document | Description |\n|----------|-------------|\n| [Agent System](./AGENTS.md) | Copilot Chat Agents (11 agents) |\n| [MCP Servers Guide](./mcp-servers/USAGE.md) | Model Context Protocol server setup |\n| [Agent Best Practices](./docs/guides/copilot-agents-best-practices.md) | Copilot agents usage guide |\n\n### Reference\n\n- [Sizing Profiles](./config/sizing-profiles.yaml) - Cost estimation by environment\n- [Branching Strategy](./docs/BRANCHING_STRATEGY.md) - Git workflow and branch protection\n\n---\n\n## Detailed Usage Guide\n\n### Step 1: Deploy Base Infrastructure (H1)\n\n```bash\ncd terraform\n\n# Initialize Terraform\nterraform init\n\n# Create plan\nterraform plan -var-file=environments/dev.tfvars -out=tfplan\n\n# Apply (H1 Foundation)\nterraform apply tfplan\n```\n\n**Resources created in H1:**\n\n- AKS Cluster (3 nodes)\n- VNet with 3 subnets\n- Azure Container Registry\n- Key Vault\n- Managed Identities\n- NSGs and Private Endpoints\n\n### Step 2: Deploy ArgoCD and RHDH (H2)\n\n```bash\n# After H1 is complete, apply H2\nterraform apply -var-file=environments/dev.tfvars -var=\"enable_h2=true\"\n\n# Or via script\n./scripts/platform-bootstrap.sh --horizon h2 --environment dev\n```\n\n**Resources created in H2:**\n\n- ArgoCD with ApplicationSets\n- Red Hat Developer Hub\n- Prometheus + Grafana + Loki\n- GitHub Actions Runners\n\n### Step 3: Deploy AI Foundry (H3)\n\n```bash\n# Requires H1 and H2\nterraform apply -var-file=environments/dev.tfvars -var=\"enable_h3=true\"\n```\n\n**Resources created in H3:**\n\n- Azure AI Foundry\n- Azure OpenAI (GPT-4o, o1)\n- AI Search (Vector)\n- Cosmos DB (Vector Store)\n\n---\n\n## Golden Paths\n\n### Register Templates in RHDH\n\n```bash\n# Register all templates\n./scripts/bootstrap.sh --register-templates\n\n# Or register individually\nkubectl apply -f golden-paths/h1-foundation/basic-cicd/template.yaml\n```\n\n### Create Application via RHDH\n\n1. Access the portal: `https://rhdh.your-domain.com`\n2. Navigate to **Create** ā†’ **Choose Template**\n3. Select the template (e.g., \"H2: Create Microservice\")\n4. Fill in the parameters:\n - Component name\n - Description\n - Owner (team)\n - Language/Framework\n - Deployment type\n5. Click **Create**\n6. Monitor in ArgoCD\n\n### Available Templates by Horizon\n\n#### H1 Foundation (Getting Started)\n\n| Template | Use Case |\n|----------|----------|\n| `basic-cicd` | Simple CI/CD pipeline |\n| `security-baseline` | Security configuration |\n| `documentation-site` | Documentation sites |\n| `web-application` | Full-stack web applications |\n| `new-microservice` | Basic microservice |\n| `infrastructure-provisioning` | Terraform modules |\n\n#### H2 Enhancement (Production)\n\n| Template | Use Case |\n|----------|----------|\n| `ado-to-github-migration` | Azure DevOps migration |\n| `api-gateway` | API Management |\n| `api-microservice` | API microservices |\n| `batch-job` | Scheduled jobs |\n| `data-pipeline` | ETL with Databricks |\n| `event-driven-microservice` | Event Hubs/Service Bus |\n| `gitops-deployment` | ArgoCD applications |\n| `microservice` | Complete microservice |\n| `reusable-workflows` | GitHub workflows |\n\n#### H3 Innovation (AI/Agents)\n\n| Template | Use Case |\n|----------|----------|\n| `foundry-agent` | AI Foundry agents |\n| `sre-agent-integration` | SRE automation |\n| `mlops-pipeline` | Complete ML pipeline |\n| `multi-agent-system` | Multi-agent orchestration |\n| `copilot-extension` | GitHub Copilot extensions |\n| `rag-application` | RAG applications |\n| `ai-evaluation-pipeline` | Model evaluation |\n\n---\n\n## ArgoCD Configuration\n\n### ApplicationSets\n\nThe accelerator uses ApplicationSets for dynamic application generation:\n\n```yaml\n# Monorepo - apps/* becomes an Application\napiVersion: argoproj.io/v1alpha1\nkind: ApplicationSet\nmetadata:\n name: monorepo-apps\nspec:\n generators:\n - git:\n repoURL: https://github.com/org/platform-gitops.git\n directories:\n - path: apps/*\n```\n\n### Projects by Environment\n\n- **Dev** - auto-sync enabled\n- **Staging** - auto-sync with approval\n- **Prod** - manual sync, maintenance windows\n\n### RBAC and Roles\n\n| Role | Permissions |\n|------|-------------|\n| `admin` | Full access |\n| `platform-engineer` | Full access + exec |\n| `sre` | Sync + actions, no delete |\n| `developer` | Full dev, sync staging, view prod |\n| `qa` | Full staging, view others |\n| `release-manager` | Can sync prod |\n| `ci-bot` | Deploy dev/staging/previews |\n\n### Notifications\n\nConfigured to send to:\n\n- **Microsoft Teams** - Formatted cards\n- **Slack** - Colored attachments\n- **Email** - HTML templates\n- **PagerDuty** - Critical incidents\n\n---\n\n## Observability\n\n### Grafana Dashboards\n\n1. **Platform Overview** - Infrastructure health\n2. **Golden Path Application** - RED/USE metrics\n3. **AI Agent Metrics** - Agent observability\n\n### Prometheus Alerts\n\n| Category | Alerts | Examples |\n|----------|--------|----------|\n| Infrastructure | 8 | CPU, Memory, Disk, Node |\n| Applications | 10 | Error rate, Latency, Availability |\n| AI \u0026 Agents | 8 | Token usage, Latency, Errors |\n| GitOps | 5 | Sync failures, App health |\n| Security | 4 | Certificate expiration, Secrets |\n\n---\n\n## Security\n\n### Secrets Management\n\nThe accelerator uses **External Secrets Operator** with **Azure Key Vault**:\n\n```yaml\napiVersion: external-secrets.io/v1beta1\nkind: ExternalSecret\nmetadata:\n name: app-secrets\nspec:\n secretStoreRef:\n name: azure-keyvault\n target:\n name: app-secrets\n data:\n - secretKey: database-password\n remoteRef:\n key: prod-database-password\n```\n\n### Workload Identity\n\nAll applications use **Azure Workload Identity** (no static secrets):\n\n```yaml\nserviceAccountName: my-app\nmetadata:\n annotations:\n azure.workload.identity/client-id: \"\u003cmanaged-identity-client-id\u003e\"\n```\n\n---\n\n## ADO to GitHub Migration\n\n### Migration Script\n\n```bash\n# Migrate repositories from Azure DevOps to GitHub\n./scripts/migration/ado-to-github-migration.sh \\\n --ado-org \"contoso\" \\\n --ado-project \"MyProject\" \\\n --github-org \"contoso-github\" \\\n --repos \"repo1,repo2,repo3\"\n```\n\n### What's Migrated\n\n| Item | Status |\n|------|--------|\n| Source code and Git history | Fully migrated |\n| Branches and tags | Fully migrated |\n| Pull requests | Migrated as issues |\n| Wiki | Migrated as separate repository |\n| Pipelines | Requires manual conversion |\n| Work items | Via Azure Boards integration |\n\n---\n\n\n## Deploy Times\n\n| Phase | Dev | Staging | Production |\n|-------|-----|---------|------------|\n| H1 Foundation | 25-35 min | 35-45 min | 45-60 min |\n| H2 Enhancement | 30-40 min | 40-50 min | 50-70 min |\n| H3 Innovation | 20-30 min | 25-35 min | 35-45 min |\n| **Total** | **75-105 min** | **100-130 min** | **130-175 min** |\n\n---\n\n## Troubleshooting\n\n### Terraform Errors\n\n```bash\n# Clean corrupted state\nterraform state list\nterraform state rm \u003cresource\u003e\n\n# Refresh state\nterraform refresh\n\n# Import existing resource\nterraform import azurerm_resource_group.main /subscriptions/.../resourceGroups/...\n```\n\n### ArgoCD Issues\n\n```bash\n# Check sync status\nargocd app list\nargocd app get \u003capp-name\u003e\n\n# Force sync\nargocd app sync \u003capp-name\u003e --force\n\n# View logs\nargocd app logs \u003capp-name\u003e\n\n# Hard refresh\nargocd app get \u003capp-name\u003e --hard-refresh\n```\n\n### AKS Issues\n\n```bash\n# Check nodes\nkubectl get nodes\nkubectl describe node \u003cnode-name\u003e\n\n# View problematic pods\nkubectl get pods --all-namespaces | grep -v Running\n\n# Pod logs\nkubectl logs \u003cpod-name\u003e -n \u003cnamespace\u003e --previous\n```\n\n---\n\n## Next Steps\n\nAfter reviewing this README:\n\n1. **First time deploying?**\n - Read the [Architecture Guide](./docs/guides/ARCHITECTURE_GUIDE.md) to understand the Three Horizons model\n - Follow the [Deployment Guide](./docs/guides/DEPLOYMENT_GUIDE.md) step by step\n\n2. **Using AI agents?**\n - Start with the [Agent System](./AGENTS.md) overview\n - See [MCP Servers Usage](./mcp-servers/USAGE.md) for tool access\n - Read [Agent Best Practices](./docs/guides/copilot-agents-best-practices.md)\n\n3. **Operating the platform?**\n - Use the [Administrator Guide](./docs/guides/ADMINISTRATOR_GUIDE.md) for day-2 operations\n - Reference [Troubleshooting Guide](./docs/guides/TROUBLESHOOTING_GUIDE.md) for issues\n\n4. **Contributing?**\n - Read [CONTRIBUTING.md](./CONTRIBUTING.md)\n - Follow the [Branching Strategy](./docs/BRANCHING_STRATEGY.md)\n\n---\n\n## Support\n\nFor questions, issues, or suggestions, open an issue on GitHub:\n\n- **GitHub Issues:** [Create Issue](https://github.com/paulanunes85/three-horizons-accelerator-v4/issues)\n\n---\n\n## References\n\n### Official Documentation\n\n- [Azure AKS](https://docs.microsoft.com/azure/aks/)\n- [ArgoCD](https://argo-cd.readthedocs.io/)\n- [Red Hat Developer Hub](https://developers.redhat.com/rhdh)\n- [Azure AI Foundry](https://azure.microsoft.com/products/ai-foundry/)\n- [GitHub Actions](https://docs.github.com/actions)\n- [External Secrets Operator](https://external-secrets.io/)\n\n---\n\n## Version History\n\n### v4.0.0 (December 2025)\n\n- 16 Terraform modules (including Defender, Purview, Naming, Disaster Recovery)\n- 11 Copilot Chat Agents for interactive development assistance\n- 28 GitHub Issues templates\n- 22 Golden Path templates for RHDH (including ADO to GitHub migration)\n- 14 automation scripts\n- 15 MCP Server configurations\n- Complete observability stack\n\n---\n\n**Version:** 4.0.0\n**Last Updated:** December 2025\n**License:** MIT\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpaulanunes85%2Fthree-horizons-accelerator","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fpaulanunes85%2Fthree-horizons-accelerator","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpaulanunes85%2Fthree-horizons-accelerator/lists"}