Skip to main content

Overview

The SecurAtlas web application is deployed on Vercel. The Supabase backend (database, Edge Functions, storage) is managed separately through the Supabase platform and CLI.

Project Setup

1

Import the repository

In the Vercel dashboard, click “Add New Project” and import the SecurAtlas repository from GitHub.
2

Configure root directory

Set the root directory to apps/web since the project is a pnpm monorepo.
3

Set framework preset

Vercel should auto-detect Next.js. Confirm the framework is set to Next.js.
4

Configure build settings

SettingValue
Build Commandpnpm build
Output Directory.next
Install Commandpnpm install
Node.js Version20.x
5

Add environment variables

Add all required environment variables. See Environment Variables for the complete list.

Environment Variables

Add all variables from the Environment Variables reference to Vercel project settings. Key considerations:
  • NEXT_PUBLIC_APP_URL = https://app.securatlas.com
  • All redirect URIs point to the production domain
  • Use production Stripe keys (sk_live_...)
Do not use NEXT_PUBLIC_VERCEL_URL for OAuth redirect URIs. The auto-generated preview URLs change per deployment and cannot be pre-registered with OAuth providers.

Build Configuration

The monorepo build uses pnpm workspaces. Vercel’s build process:
  1. Installs all workspace dependencies via pnpm install
  2. Runs pnpm build which builds apps/web and its workspace dependencies
  3. The output is a standard Next.js .next directory
// vercel.json (if needed)
{
  "buildCommand": "pnpm build",
  "installCommand": "pnpm install",
  "framework": "nextjs"
}

maxDuration

For API routes that make external calls (OAuth callbacks, Stripe webhooks), set appropriate timeouts: 
// app/auth/callback/route.ts
export const maxDuration = 30; // seconds
The default Vercel function timeout on the Pro plan is 15 seconds. OAuth token exchanges with slow providers may need up to 30 seconds.

Domain Configuration

Configure custom domains in Vercel project settings:
DomainPurpose
app.securatlas.comProduction application
preview.securatlas.comStable preview environment
DNS records to add: 
app.securatlas.com      CNAME   cname.vercel-dns.com
preview.securatlas.com  CNAME   cname.vercel-dns.com

Preview Deployments

Every pull request automatically gets a preview deployment. These are useful for:
  • Testing UI changes before merging
  • QA review of new features
  • Stakeholder demos
Preview deployments use the “Preview” environment variables. Ensure test API keys and separate OAuth app registrations are configured for preview.

Edge Function Deployment

Supabase Edge Functions are deployed separately from the Vercel deployment: 
# Deploy all edge functions
supabase functions deploy

# Deploy a specific function
supabase functions deploy sync-azure-ad

# Deploy with specific project ref
supabase functions deploy --project-ref hcyyegiialkkjcdxpfat
Vercel deployments and Supabase Edge Function deployments are independent. When releasing changes that span both, deploy Edge Functions first to avoid the web app calling functions that do not exist yet.

Deployment Checklist

Before deploying to production:
  • All environment variables are set in Vercel
  • Edge Functions are deployed to Supabase
  • Database migrations have been applied
  • OAuth redirect URIs are registered with providers
  • Stripe webhook endpoint is configured for the production domain
  • DNS records are verified for custom domains

Rollbacks

Vercel supports instant rollbacks to any previous deployment:
  1. Go to the Vercel dashboard > Deployments
  2. Find the last known good deployment
  3. Click the three-dot menu and select “Promote to Production”
Vercel rollbacks only affect the web application. If a database migration was part of the release, you may also need to revert the migration in Supabase.