Deployment Guide
How Surviva Health services are deployed across environments.
Environments
| Environment | Frontend | Backend | Database |
|---|---|---|---|
| Production | app.suriva.health (Vercel) | api.suriva.health (Fly.io) | Supabase (eu-west-1) |
| Staging | staging.suriva.health (Vercel) | api-staging.suriva.health (Fly.io) | Supabase staging |
| Local | localhost:3000 (Next.js dev) | localhost:8000 (Uvicorn) | Local or remote Supabase |
Frontend (Vercel)
The Next.js frontend auto-deploys on push to main. Preview deploys are created
for every pull request.
cd frontend && npm install && npm run dev
npm run typecheck
npm run buildEnvironment Variables
| Variable | Description |
|---|---|
NEXT_PUBLIC_SUPABASE_URL | Supabase project URL |
NEXT_PUBLIC_SUPABASE_ANON_KEY | Supabase anon key (public) |
NEXT_PUBLIC_API_URL | Backend API base URL |
Backend (Fly.io)
The FastAPI backend runs on Fly.io in the EU West region. All health data processing happens within the EU to comply with GDPR.
cd backend && python -m uvicorn app.main:app --reload --port 8000
python -m pytest tests/ --ignore=tests/integration -v --tb=short
python -m pytest tests/integration/ -v --tb=shortBackend Environment Variables
| Variable | Description |
|---|---|
SUPABASE_URL | Supabase project URL |
SUPABASE_SERVICE_KEY | Supabase service role key (server only) |
KENNIS_PLATFORM_URL | Kennis OS Platform API URL for KORA integration |
KENNIS_PRODUCT_CODE | suriva |
Health Check
GET /api/healthReturns 200 OK with service version and dependency status.
Database (Supabase)
Migrations live in backend/supabase/migrations/:
supabase db push
supabase migration new description_of_changeMigration Rules
- Every
CREATE TABLEincludes RLS enablement in the same migration - Every migration includes rollback SQL as a trailing comment block
- Health data tables are classified Tier 3 (Confidential) and require stricter RLS
Data Residency
All Supabase infrastructure runs in EU West 1 (Ireland). User health data never leaves the EU region. This applies to the database, storage buckets, and edge functions.
KORA Integration
Surviva connects to the KORA AI assistant via the Kennis OS Platform API. See Platform Integration for the full request contract including required headers and the KOS-GUARD-HEALTH-001 guardrail.
CI/CD Pipeline
| Workflow | Trigger | What It Does |
|---|---|---|
ci.yml | Push to any branch | Lint, type check, unit tests |
backend-ci.yml | Push to backend/ | Python lint, mypy, pytest |
frontend-ci.yml | Push to frontend/ | TypeScript check, Next.js lint |
health-compliance.yml | Push to main | Health data classification audit |