Step-by-step walkthrough for setting up Clerk (auth) and Supabase (database) for GitUnderstand.
Project name suggestion: GitUnderstand or gitunderstand-prod
- Go to https://clerk.com/dashboard
- Click "Add application"
- Name:
GitUnderstand - Select sign-in methods:
- Email (enabled by default)
- Google (click the Google icon)
- GitHub (click the GitHub icon)
- Click "Create application"
- You'll land on the "API Keys" page immediately after creation
- Copy these two values:
- Publishable key — starts with
pk_test_(dev) orpk_live_(prod) - Secret key — starts with
sk_test_(dev) orsk_live_(prod)
- Publishable key — starts with
- Paste them into
PHASE2_CREDENTIALS.txt(see below)
Note: Start with the Development instance (test keys). You'll switch to Production later. Test keys are fine for Phase 2-6.
- Go to Customization → Branding
- Set primary color to match GitUnderstand theme
- Upload logo if you have one
- Webhook URL:
https://api.gitunderstand.com/webhooks/clerk - Events:
user.created,user.updated,user.deleted - We'll configure this when the backend code is ready
- Add
https://gitunderstand.comandhttp://localhost:3000 - Go to Settings → Domains
Time needed: ~5 minutes
Project name suggestion: gitunderstand or gitunderstand-prod
- Go to https://supabase.com/dashboard
- Click "New project"
- Organization: Create one called "GitUnderstand" (or use existing)
- Project settings:
- Name:
gitunderstand - Database password: Generate a strong one (save it in credentials file!)
- Region:
us-central1(Iowa) — must match your GCP region - Plan: Free tier is fine to start
- Name:
- Click "Create new project"
- Wait ~2 minutes for provisioning
- Once provisioned, go to Settings → API (left sidebar)
- Copy these three values:
- Project URL — looks like
https://abcdefghij.supabase.co - anon (public) key — starts with
eyJ...(long JWT) - service_role key — starts with
eyJ...(long JWT, different from anon)
- Project URL — looks like
- Paste them into
PHASE2_CREDENTIALS.txt
Warning: The
service_rolekey bypasses Row Level Security. Never expose it in frontend code. It's only used server-side (FastAPI backend).
- Go to SQL Editor (left sidebar, looks like a terminal icon)
- Click "New query"
- I will provide the SQL — paste it and click "Run"
- You should see "Success. No rows returned." for each statement
Time needed: ~10 minutes
You likely already have this, but confirm:
- Go to https://aistudio.google.com/apikey
- If you have an existing key, copy it
- If not, click "Create API Key"
- Make sure Gemini API is enabled for your project
Time needed: ~2 minutes
- Go to https://api.slack.com/apps
- Click "Create New App" → "From scratch"
- App name:
GitUnderstand CI/CD - Workspace: Select your Slack workspace
- Click "Create App"
- In the app settings, click "Incoming Webhooks" (left sidebar)
- Toggle "Activate Incoming Webhooks" → ON
- Click "Add New Webhook to Workspace"
- Select the channel for notifications (e.g.,
#deploymentsor#gitunderstand) - Click "Allow"
- Copy the Webhook URL — looks like
https://hooks.slack.com/services/T.../B.../xxx
Time needed: ~5 minutes
After completing Steps 1-4, fill in PHASE2_CREDENTIALS.txt and share it with me.
I'll update all GCP Secret Manager values and GitHub repo secrets in one go.
- Clerk — App created, publishable + secret key copied
- Supabase — Project created, URL + anon key + service role key copied
- Supabase — Schema SQL executed (I'll provide this)
- Google API Key — Confirmed / created
- Slack Webhook — App created, webhook URL copied
- PHASE2_CREDENTIALS.txt — All values filled in
Once you hand me the filled-in credentials file, I'll:
- Replace all 7 GCP Secret Manager placeholders with real values
- Add GitHub repo secrets (GCP_PROJECT_NUMBER, GCP_PROJECT_ID, SLACK_WEBHOOK_URL)
- Run the Supabase schema SQL
- Verify everything connects
After credentials are set:
- Phase 2.5: Store credentials securely in a private tracking system
- Phase 3: Backend code changes (GCS storage adapter, Clerk JWT auth, waitlist API)
- Phase 4: Frontend changes (Clerk provider, landing page, feature gating)