E-007: CI/CD & First Deployment
Status: Next Owner: @bilal @deen Priority: P1 — Ship to Production
Objective
Get the application deployed to production with a reliable CI/CD pipeline.
Tasks
| Task | ID | Description | Status |
|---|---|---|---|
| Build step in CI | CI-002 | Add type-check + build to GitHub Actions | Planned |
| Security scanning | CI-003 | Trufflehog (secrets), pnpm audit (deps) | Planned |
| Supabase cloud project | DEPLOY-001 | Create project, apply migrations | Planned |
| Vercel deployment | DEPLOY-002 | Connect repo, configure build | Planned |
| Health check endpoint | DEPLOY-003 | GET /api/health — checks DB + LLM availability | Planned |
| Production secrets | DEPLOY-004 | Configure all env vars in Vercel | Planned |
| Domain + DNS + CORS | DEPLOY-005 | ehq.tech → Vercel, CORS in Supabase | Planned |
| Error monitoring | DEPLOY-006 | Sentry SDK, source maps | Planned |
Pipeline Design
PR → Lint + Type-Check → Tests → Build → Security Scan
→ (on merge to main) → DB Migrations → Deploy → Smoke Tests
Infrastructure
| Component | Service |
|---|---|
| Hosting | Vercel |
| Database | Supabase Cloud |
| Domain | ehq.tech |
| CI/CD | GitHub Actions |
| Errors | Sentry |
| Uptime | UptimeRobot |
Dependencies
- Domain registration (ehq.tech — see Domain & Email Setup)
- Supabase Pro plan decision (for pg_cron, if needed)
- LLM API keys for production