{"id":50927977,"url":"https://github.com/three-cubes/platform-templates","last_synced_at":"2026-06-17T01:04:15.144Z","repository":{"id":363569387,"uuid":"1263925829","full_name":"three-cubes/platform-templates","owner":"three-cubes","description":"Three Cubes platform engineering — reusable composite actions, shared workflows, and Bicep modules for cross-repo CI/CD standardisation","archived":false,"fork":false,"pushed_at":"2026-06-09T13:09:27.000Z","size":23,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-06-09T13:26:08.784Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Bicep","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/three-cubes.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-06-09T11:52:37.000Z","updated_at":"2026-06-09T13:13:44.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/three-cubes/platform-templates","commit_stats":null,"previous_names":["three-cubes/platform-templates"],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/three-cubes/platform-templates","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/three-cubes%2Fplatform-templates","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/three-cubes%2Fplatform-templates/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/three-cubes%2Fplatform-templates/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/three-cubes%2Fplatform-templates/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/three-cubes","download_url":"https://codeload.github.com/three-cubes/platform-templates/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/three-cubes%2Fplatform-templates/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34429498,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-16T02:00:06.860Z","response_time":126,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2026-06-17T01:04:14.294Z","updated_at":"2026-06-17T01:04:15.135Z","avatar_url":"https://github.com/three-cubes.png","language":"Bicep","funding_links":[],"categories":[],"sub_categories":[],"readme":"# platform-templates\n\nThree Cubes platform engineering — reusable composite actions, shared workflows, and Bicep modules for cross-repo CI/CD standardisation.\n\n**The premise:** every Three Cubes repo that deploys to Azure VMs should be doing it the same way. This repo holds that \"same way\" as code — composite actions for atoms (snapshot, WIF login, apply via run-command, smoke check), reusable workflows for end-to-end patterns, and Bicep modules for the Azure-side identity setup. Consumer repos call into these instead of re-implementing.\n\n## What's here\n\n```\n.github/\n  actions/\n    wif-azure-login/              # Composite — wraps azure/login@v2 with the Three Cubes convention\n    snapshot-azure-vm-disk/       # Composite — takes OS-disk snapshots before destructive ops\n    apply-on-vm-via-runcommand/   # Composite — invokes a script on a VM via az vm run-command\n    smoke-systemctl/              # Composite — post-deploy systemctl is-active rollup\n  workflows/\n    azure-vm-deploy.yml           # Reusable — WIF → snapshot → apply → smoke for one or many VMs\ninfra/\n  bicep/\n    ci-deploy-identity.bicep      # Instantiable — provisions the MI + federated cred + 3 RBAC roles\ndocs/\n  IMPLEMENTATION.md               # How the pieces fit together; design rationale\n  MIGRATION.md                    # Step-by-step migration for an existing repo\n  COST-OPTIMIZATION.md            # Azure + GitHub Actions cost; runner placement; permanent vs ephemeral env\n```\n\n## Quick start (new consumer repo)\n\n```bash\n# 1. Provision the WIF identity for your repo (one-time, ~2 min)\naz deployment group create \\\n  --resource-group RG-AGENTS-CORE \\\n  --template-file https://raw.githubusercontent.com/three-cubes/platform-templates/v1/infra/bicep/ci-deploy-identity.bicep \\\n  --parameters repoOwner=three-cubes repoName=YOUR-REPO keyVaultName=kv-tc-agents\n\n# 2. Populate GitHub repo variables from the outputs\nCLIENT_ID=$(az deployment group show --name ci-deploy-identity \\\n  -g RG-AGENTS-CORE --query 'properties.outputs.clientId.value' -o tsv)\nTENANT_ID=$(az deployment group show --name ci-deploy-identity \\\n  -g RG-AGENTS-CORE --query 'properties.outputs.tenantId.value' -o tsv)\nSUB_ID=$(az deployment group show --name ci-deploy-identity \\\n  -g RG-AGENTS-CORE --query 'properties.outputs.subscriptionId.value' -o tsv)\n\ngh variable set AZURE_CLIENT_ID --body \"$CLIENT_ID\" --repo three-cubes/YOUR-REPO\ngh variable set AZURE_TENANT_ID --body \"$TENANT_ID\" --repo three-cubes/YOUR-REPO\ngh variable set AZURE_SUBSCRIPTION_ID --body \"$SUB_ID\" --repo three-cubes/YOUR-REPO\n\n# 3. Create the production environment\ngh api -X PUT /repos/three-cubes/YOUR-REPO/environments/production --silent\n\n# 4. Add a thin workflow file in your repo that calls the shared workflow\n#    See docs/MIGRATION.md for the exact shape.\n```\n\n## Versioning\n\nThis repo uses simple major tags (`v1`, `v2`, etc.). Consumer repos pin to a major tag and we ratchet breaking changes through major bumps. Patches/improvements within `v1` are picked up automatically next CI run.\n\n## See also\n\n- [docs/IMPLEMENTATION.md](docs/IMPLEMENTATION.md) — design decisions + composition\n- [docs/MIGRATION.md](docs/MIGRATION.md) — migrating tc-agent-zone + kairix\n- [docs/COST-OPTIMIZATION.md](docs/COST-OPTIMIZATION.md) — Azure spend + runner placement + permanent-env decision\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fthree-cubes%2Fplatform-templates","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fthree-cubes%2Fplatform-templates","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fthree-cubes%2Fplatform-templates/lists"}