Skip to main content

Deployment

Backend (Cloud Run)

Example command (adjust project/region/secrets):

gcloud run deploy osten-ai-backend --source . --region europe-west1 --allow-unauthenticated --project ostenai \
  --set-env-vars="NODE_ENV=production,DB_USER=postgres,DB_NAME=osten_ai_db,INSTANCE_CONNECTION_NAME=ostenai:europe-west1:osten-db-instance,VERTEX_AI_PROJECT_ID=ostenai,VERTEX_AI_LOCATION=europe-west4,VERTEX_AI_MODEL_ID=gemini-1.5-flash-002,GOOGLE_OAUTH_REDIRECT_URI=https://<cloudrun-host>/api/google-ads/auth/callback,GOOGLE_ANALYTICS_REDIRECT_URI=https://app.ostenai.com/dashboard/google-analytics/callback,FRONTEND_URL=https://app.ostenai.com" \
  --set-secrets="DB_PASSWORD=osten-db-password:latest,GOOGLE_ADS_CLIENT_ID=google-ads-client-id:latest,GOOGLE_ADS_CLIENT_SECRET=google-ads-client-secret:latest,GOOGLE_ADS_DEVELOPER_TOKEN=google-ads-developer-token:latest,GOOGLE_OAUTH_CLIENT_ID=google-oauth-client-id-secret:latest,GOOGLE_OAUTH_CLIENT_SECRET=google-oauth-client-secret-secret:latest,JWT_SECRET=jwt-secret-key:latest,META_ADS_CLIENT_ID=META_ADS_CLIENT_ID:latest,META_ADS_CLIENT_SECRET=META_ADS_CLIENT_SECRET:latest,META_ADS_REDIRECT_URI=META_ADS_REDIRECT_URI:latest,TIKTOK_ADS_CLIENT_ID=TIKTOK_APP_ID:latest,TIKTOK_ADS_CLIENT_SECRET=TIKTOK_SECRET:latest" \
  --add-cloudsql-instances ostenai:europe-west1:osten-db-instance \
  --service-account mmm-deployer@ostenai.iam.gserviceaccount.com

Frontend

  • Host on your platform of choice
  • Set NEXT_PUBLIC_API_URL to the deployed backend base URL
  • Ensure OAuth redirect URIs in provider consoles map to deployed hosts

Environment Checklist

  • Backend: DB vars, JWT_SECRET, Google OAuth/Ads vars, GA4 redirect
  • Frontend: NEXT_PUBLIC_API_URL, Firebase client config (if applicable)

Secrets & Environment Variables

  • Confirm these Secret Manager entries exist (names must match exactly):

    • google-ads-client-id
    • google-ads-client-secret
    • google-ads-developer-token
    • google-oauth-client-id-secret
    • google-oauth-client-secret-secret
    • jwt-secret-key
    • osten-db-password
    • META_ADS_CLIENT_ID
    • META_ADS_CLIENT_SECRET
    • META_ADS_REDIRECT_URI
    • TIKTOK_APP_ID
    • TIKTOK_SECRET

  • GA4 uses a frontend callback. Set:

    • GOOGLE_ANALYTICS_REDIRECT_URI=https://app.ostenai.com/dashboard/google-analytics/callback
    • Update provider console OAuth redirect to the same URI.

  • TikTok env name mapping (code expects TIKTOK_ADS_CLIENT_ID/TIKTOK_ADS_CLIENT_SECRET):

    • Map Cloud Run envs from your existing secrets via --set-secrets:
      • TIKTOK_ADS_CLIENT_ID=TIKTOK_APP_ID:latest
      • TIKTOK_ADS_CLIENT_SECRET=TIKTOK_SECRET:latest
    • No code changes required with this mapping.