| Service | Config File | Variables |
|---|---|---|
| Render (backend) | render.yaml |
DB_URL, GROQ_API_KEY, SUPABASE_URL, SUPABASE_ANON_KEY, SUPABASE_SERVICE_KEY, GOOGLE_API_KEY, ALLOWED_ORIGINS |
| Vercel (frontend) | Project Settings β Environment Variables | NEXT_PUBLIC_SUPABASE_URL, NEXT_PUBLIC_SUPABASE_ANON_KEY, NEXT_PUBLIC_API_URL |
- Create a free project at supabase.com
- Auth: Settings β Auth β Email β toggle Confirm email OFF
- SQL: Run
codex-backend/supabase/seed.sqlin Supabase SQL Editor to create tables, storage bucket, and RLS policies
- Connect your GitHub repo to Render via Blueprint
- Render reads
render.yamlβ set the env vars in the dashboard or blueprint - Deploy β the service auto-starts at
https://<your-app>.onrender.com - Verify:
curl https://<your-app>.onrender.com/β{"status":"ok","app":"CodexEngine V4","version":"4.0"}
- Import the repo, set root directory to
codex-frontend - Set
NEXT_PUBLIC_SUPABASE_URL,NEXT_PUBLIC_SUPABASE_ANON_KEY,NEXT_PUBLIC_API_URLin Vercel project settings - Deploy β the UI is live at
https://<your-app>.vercel.app
- Update
ALLOWED_ORIGINSon Render to include your Vercel URL - Run
codex-backend/supabase/seed.sqlon the cloud DB if not done already
GitHub Actions runs on every push to main:
- Spins up a local
pgvectorcontainer - Installs dependencies (includes fastembed for local/CI mode)
- Seeds the database schema
- Runs golden tests, rigorous sweep, and RAGAS eval
Required secrets (repo β Settings β Secrets and variables β Actions β Repository secrets):
| Secret | Purpose |
|---|---|
GROQ_API_KEY |
LLM inference |
GOOGLE_API_KEY |
Embeddings (used as fallback in CI) |