Home

Architecture documentation for the Foundation platform — presented by h11h.io

Foundation Architecture

The complete technological blueprint for any company whose mission includes shipping software — from the first git init to a fully observable, HIPAA-compliant production environment.

Foundation defines every layer of the stack — infrastructure, CI/CD, observability, security, data pipelines, developer tooling, and the SaaS services that tie them together — so that a team of any size can stand up a production-grade platform in days, not months. Whether you are a three-person startup or a hundred-person organization, this documentation is the single source of truth for how your technology operates.


AI-Native Development

Foundation is designed from the ground up for AI-native development — a workflow where anyone who can write a clear, detailed ticket can ship production code, regardless of their engineering background.

The entire stack is structured so that a greenlit coding agent (Claude Code / GitHub Copilot) can take a plain-English ticket from Linear all the way to a merged, deployed feature with minimal human intervention:

Coding agent — primary is undecided. Both Claude Code and GitHub Copilot are greenlit; which one is the primary agent is still an open decision (see the open-decisions section of the Stack Index). Treat neither as settled until this is resolved.

StepWhat happens
1. Write a ticketDescribe the change in Linear in plain English — feature, bug fix, or refactor — with enough detail for an agent to act on it.
2. Assign to a coding agentA greenlit coding agent (Claude Code / GitHub Copilot) picks up the ticket and opens a pull request implementing the change.
3. Spin up a preview environmentEvery PR automatically provisions a full-stack ephemeral environment — an isolated Neon branch plus a dedicated Cloud Run deployment — so the submitter can verify the result before anything touches production.
4. Merge or escalateCODEOWNERS governs who can approve and merge. If the submitter has merge rights, they merge it themselves. If not, they request a review from someone who does.
5. Ship to productionOnce the PR is merged, the CI/CD pipeline deploys to production automatically — no further manual steps required.

This is made possible by three complementary capabilities: Neon branching gives each PR an isolated copy-on-write database — schema, data, and branched auth — in seconds; GCP Cloud Run spins up a throwaway, prod-identical service; and Coder / GitHub Codespaces gives agents a fully-configured execution environment. The architecture's strict one-concern-per-file modularity means agents rarely produce merge conflicts even when dozens of tickets are in flight simultaneously.


Architecture at a Glance

LayerTechnologyHosting
Frontend (Applications)Vite + TanStack (Router + Query), TypeScriptGCP Cloud Run
Frontend (Marketing)Next.js 14, App Router, TypeScriptGCP Cloud Run
AuthBetter Auth — hosted by the applications-UI serverGCP Cloud Run
AuthorizationCerbos (policy-as-code PDP, self-hosted) — with Neon RLS as the enforcement floorGCP Cloud Run
Frontend (Mobile)Expo, React Native, TypeScriptApp Store / Play Store
Backend APIFastAPI (HTTP only), Python 3.11+ — backend/apiGCP Cloud Run
API ContractFastAPI OpenAPI → typed TS client (openapi-typescript)
Durable ExecutionRestate Cloud (managed) — virtual objects + durable promises, suspend-to-zero — backend/workerRestate Cloud + GCP Cloud Run
AI TierGemini on Vertex AI — reasoning · embeddings · voiceGCP
OLTP DatabaseNeon (PostgreSQL)Neon (Scale plan, BAA)
OLAP / Data WarehouseGoogle BigQueryGCP
Data Transformdbt (incremental, Neon → BigQuery)GitHub Actions (scheduled)
Backups & DRNeon PITR · BigQuery time-travel · GCS versioning
Infrastructure as CodePulumi (TypeScript)Pulumi Cloud
ObservabilityOpenTelemetry → GCP-native (Logging / Trace / Monitoring)GCP
SecretsPulumi ESC + GCP Secret ManagerGCP
CI/CDGitHub ActionsGitHub
MonorepoTurborepo
JS/TS ToolingBiome (lint + format), Lefthook (hooks)
Python ToolingRuff (lint + format), pytest
Dev EnvironmentDevbox, direnv, process-compose, Coder

Key Design Principles

  1. AI-native by design. The entire workflow — ticket → agent → PR → preview → merge → production — is optimized for coding agents. Anyone who can write a clear ticket can ship code.
  2. HIPAA-first. Every vendor touching PHI requires a BAA, and several services are explicitly kept PHI-free (see HIPAA Compliance). PHI never appears in logs. Compliance is scaffolded, not bolted on.
  3. Monorepo with strict modularity. One concern per file. Enables parallel AI-assisted development with zero merge conflicts.
  4. Cross-cloud data bridge. Neon (OLTP, source of truth) → BigQuery (OLAP) via incremental sync (WHERE updated_at >), minimizing egress across the GCP ↔ AWS boundary.
  5. Reproducible environments. Devbox + direnv + process-compose ensure every developer gets an identical setup in one command.
  6. Coverage gates. ≥ 80% test coverage enforced in CI. No PR merges without passing all quality checks.

Documentation Sections

SectionDescription
Incubation WorkflowRapid prototyping with GitHub Spark and a zero-friction graduation path into the monorepo
Monorepo StructureTurborepo layout, workspaces, and build pipelines
Frontend (Web)Vite + TanStack applications, Next.js marketing site, Better Auth, Cloud Run hosting
MobileExpo + React Native with expo-router
BackendFastAPI HTTP (backend/api) + Restate durable worker (backend/worker), Neon, Docker
AI TierGemini on Vertex — reasoning/orchestration, embeddings + pgvector, voice; in-boundary
InfrastructurePulumi IaC for GCP + Neon setup notes
Data Pipelinedbt models, Neon → BigQuery, incremental sync
Backups & RecoveryNeon PITR, BigQuery time-travel, GCS versioning, RTO/RPO + restore runbook
CI/CDGitHub Actions quality gates and deployments
PR Preview EnvironmentsEphemeral full-stack environments per pull request
Secure PHI GitOpsDual-Neon PHI/non-PHI split, isolated Coder compute, and the dev/main/release branch strategy
Developer ToolingDevbox, Biome, Ruff, Lefthook, dev containers
Code OrganizationFile modularity and the "one concern per file" rule
ObservabilityOpenTelemetry → GCP-native + PHI scrubbing
HIPAA ComplianceVendor BAAs, the PHI-free service list, technical controls
LibrariesCanonical Python and JS/TS library reference
Environment VariablesMaster env var reference across all services
Content ManagementDecoupled marketing stack — Sanity.io CMS + PostHog (product analytics + feature flags + experiments + session replay + error tracking + LLM observability & evals)
Secret ManagementPulumi ESC + GCP Secret Manager
GitHub Copilot SkillsReusable agent skills for common multi-step dev tasks
The StackComplete service catalog with pricing at every team size
Business OperationsNon-product IT/ops stack — M365 identity/security, finance, GTM, support

Prompt Templates

This architecture ships with two prompt templates for AI-assisted project management:

TemplatePurpose
GITHUB-JUMPSTART.mdScaffold a new project from scratch following this architecture
APPLY-ARCHITECTURE.mdMigrate an existing project to conform to this architecture