Hi everyone,
I ran into a deployment workflow issue and wanted to ask what the recommended setup is for giving Cuppy access to GitHub and Render.
In my case, Cuppy was able to generate / patch the backend code correctly, but it could not actually deploy the fix because the runtime/workspace did not have access to the required GitHub and Render credentials.
The missing pieces were essentially:
• GITHUB_TOKEN
• RENDER_API_KEY
• RENDER_SERVICE_ID
• app-specific API key/env vars used for testing protected endpoints.
Because those were not available, Cuppy could inspect and prepare the code, but could not push the change to GitHub or trigger a Render deployment. We solved it manually this time by copying/replacing the backend file and redeploying ourselves, but I’d like to set this up properly for future changes.
What I would like to understand is the recommended/safest way to provide this data to Cuppy:
• Should these values be added as workspace secrets / environment variables?
• Is there a dedicated place in the app builder or project settings for deployment credentials?
• Can Cuppy access those secrets securely at runtime without exposing them in frontend code, logs, or chat output?
• For GitHub, should I use a personal access token limited to one repository, or is there a better integration?
• For Render, should I provide only the API key + service ID, or is there a safer deployment hook approach?
• Is there a recommended pattern where Cuppy opens a PR instead of pushing directly to main?
The goal is to provide limited, revocable credentials so it can:
• commit or open a PR in a specific GitHub repo
• trigger a Render deploy for one specific service
• optionally test protected backend endpoints using app-specific env vars
• avoid exposing secrets in the UI, logs, browser, or generated code
The specific issue we had was that the code fix itself was correct, but deployment could not be completed because the required credentials were not available to the Cuppy environment.
Would appreciate guidance on the safest recommended setup for this.
Thanks!