Add these to your GitHub repository to enable automatic Render deployment.
Purpose: Trigger deployments from GitHub Actions
How to get:
- Go to https://dashboard.render.com/services
- Select your EcoGuard service
- Settings → Deploy Hook
- Copy the full webhook URL
Example:
https://api.render.com/deploy/srv_xxx?key=rnd_xxx
Add to GitHub:
- Go to your repo → Settings → Secrets and variables → Actions
- Click "New repository secret"
- Name:
RENDER_DEPLOY_HOOK - Paste the URL
Purpose: Health check verification after deployment
How to get:
- From Render dashboard: Service URL (e.g., https://ecoguard-api.onrender.com)
- Or from service settings
Add to GitHub:
- Name:
RENDER_SERVICE_URL - Value:
https://your-service-name.onrender.com
Purpose: Advanced API operations (monitoring, notifications)
How to get:
- https://dashboard.render.com → Account Settings
- API Keys
- Create new key
- Copy the key
Add to GitHub:
- Name:
RENDER_API_KEY - Value: Your API key
Purpose: Alternative to deploy hook
How to get:
- From service URL in dashboard:
srv_xxxxx - Or from Settings → Service ID
Add to GitHub:
- Name:
RENDER_SERVICE_ID - Value:
srv_xxxxx
These go in your Render service, NOT GitHub secrets.
- Go to your service
- Settings → Environment
- Add each variable:
| Variable | Value | Example |
|---|---|---|
ENVIRONMENT |
production | production |
LOG_LEVEL |
INFO | INFO |
SECRET_KEY |
Random string | (generate: openssl rand -hex 32) |
CORS_ORIGINS |
Your domain | https://yourdomain.com |
MLFLOW_TRACKING_URI |
MLflow server | https://mlflow.example.com:5000 |
DATABASE_URL |
DB connection | postgresql://user:pass@host/db |
# On Linux/Mac
openssl rand -hex 32
# On Windows PowerShell
[Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes((New-Guid).Guid))1. Log in to Render dashboard
2. Click on your service (ecoguard-api)
3. Settings → Deploy Hook
4. "Enable deploy hook"
5. Copy the URL1. Go to your GitHub repository
2. Settings → Secrets and variables → Actions
3. New repository secret
4. Name: RENDER_DEPLOY_HOOK
5. Value: Paste the webhook URL
6. Click Add secretPush a test commit:
git commit --allow-empty -m "Test Render deployment"
git push origin mainWatch:
- GitHub Actions: https://github.com/user/ecoguard/actions
- Render Dashboard: https://dashboard.render.com
The workflow in .github/workflows/deploy-render.yml:
- Trigger: Push to main branch or create tag
- Test: Run tests, lint, type check
- Deploy: Call Render webhook
- Verify: Check health endpoint for 30 seconds
- Notify: Report success/failure
"Secret not found"
Fix:
- Check secret name is exactly:
RENDER_DEPLOY_HOOK - Secrets are case-sensitive
- Wait 1-2 minutes after adding secret
- Refresh the actions page
"curl: (7) Failed to connect"
Fix:
- Verify webhook URL is correct
- Check URL doesn't have extra spaces
- Confirm service exists in Render
- Try manual curl:
curl -X POST "https://api.render.com/deploy/srv_xxx?key=xxx"
"Service failed to become healthy"
Fix:
- Check API is running locally:
python -m uvicorn app:app - Verify health endpoint:
curl localhost:8000/health - Check models are loading
- Increase timeout in workflow (currently 30 seconds, max 10 attempts)
Common causes:
- Missing requirements in
requirements.txt - Model files too large (free tier has 1GB limit)
- Python version incompatibility
Fix:
- Test locally:
docker build . - Add any missing dependencies
- Check file sizes
- Verify Python 3.10 compatibility
https://github.com/your-username/ecoguard/actions
Click "Deploy to Render" workflow to see:
- Test results
- Deployment status
- Health check results
- Any errors
https://dashboard.render.com/services
View:
- Deployment status
- Build logs
- Runtime logs
- Service metrics
- Environment variables
✅ Do:
- Use strong SECRET_KEY (32+ characters)
- Restrict CORS_ORIGINS to your domain
- Rotate API keys regularly
- Use environment variables for sensitive data
- Enable GitHub branch protection
❌ Don't:
- Commit secrets to GitHub
- Share deploy hooks publicly
- Use weak SECRET_KEY
- Allow CORS from *
- Store API keys in code
Deployment automatically runs on:
- Push to main: Every commit to main branch
- Tags: Creating version tags (v1.0.0, etc.)
- Manual: Workflow dispatch from Actions tab
If you want to require approval:
In .github/workflows/deploy-render.yml:
# Change this:
if: github.ref == 'refs/heads/main'
# To require manual trigger:
if: github.event_name == 'workflow_dispatch'To run tests without deploying:
# Local testing
pytest tests/ -v
# or with GitHub CLI
gh workflow run tests.ymlAfter deployment, monitor:
# Check API response time
time curl https://ecoguard-api.onrender.com/health
# Monitor model inference
curl https://ecoguard-api.onrender.com/docs
# Check logs
# Via Render dashboard or:
gh api repos/yourusername/ecoguard/actions/runsIf deployment fails:
- Automatic: Render keeps previous version
- Manual:
- Render Dashboard → Deployments
- Click previous successful deployment
- Click "Redeploy"
- ✅ Add
RENDER_DEPLOY_HOOKsecret to GitHub - ✅ Configure environment variables in Render
- ✅ Push to main branch
- ✅ Watch automatic deployment
- ✅ Verify health endpoint
- ✅ Check API docs
| Task | Where |
|---|---|
| Add secrets | GitHub repo → Settings → Secrets |
| View deployments | Render dashboard → Deployments |
| Check logs | Render → Logs or GitHub Actions |
| Update env vars | Render service → Settings → Environment |
| Manual deploy | Push to main or GitHub Actions dispatch |
| Health check | https://service.onrender.com/health |
- Render Help: https://render.com/support
- GitHub Secrets Docs: https://docs.github.com/en/actions/security-guides/encrypted-secrets
- Our Docs: See
RENDER_DEPLOYMENT_GUIDE.md
Setup complete! Your Render deployment is now connected to GitHub. 🚀