Anchor

The Problem

Deploying a side project shouldn’t require DevOps expertise. But it does — Dockerfile, cloud config, build pipeline, secret management, and when something breaks, you’re on your own reading cryptic logs.

What Anchor Does

Connect your GitHub, pick a repo, and Anchor does the rest: auto-detects your framework, generates a production Dockerfile, builds a container, deploys to Cloud Run, and streams all logs to your browser. When something fails, an AI agent explains why in plain English.

Deployment Pipeline

Five background jobs orchestrate the full lifecycle:

DeploymentJob
  └─ PrepareJob
  │    Clone repo, detect framework, generate Dockerfile
  │
  └─ BuildImageJob
  │    gcloud builds submit --async
  │
  └─ PollBuildStatusJob
  │    Exponential backoff polling
  │
  └─ DeployToCloudRunJob
  │    Deploy container + health check
  │
  └─ ExplainErrorJob
       On failure → Claude analyzes logs
       → plain English explanation

Status Machine

queued → analyzing → building → deploying → health_check → running
                                                         → failed → AI explanation
                                                         → cancelled

Every status transition streams to the browser via Turbo Streams over ActionCable. You watch the deploy happen live — not a progress bar, but actual build output in a terminal view.

Framework Detection

Anchor auto-detects 12+ frameworks and generates optimized multi-stage Docker builds:

Security

• All OAuth tokens and secrets encrypted at rest — AES-256-CBC
• App refuses to start without valid encryption key
• GitHub webhooks verified with HMAC-SHA256
• Temp GCP credentials written to Tempfile, deleted immediately
• Clone tokens redacted from all logs
• Rate limiting: 300 req/5 min per IP, 20 deploys/hour per user

Built with Ruby on Rails 8.1, PostgreSQL, Sidekiq, Redis, and Hotwire.