Flexport Deploy Integration

Overview

Deploy Flexport-powered applications to production. Webhook receivers need always-on hosting. Dashboards can use serverless. Background sync workers suit containers.

Instructions

Option A: Vercel (Dashboard + Webhook Routes)

// app/api/webhooks/flexport/route.ts (Next.js App Router)
import crypto from 'crypto';

export async function POST(req: Request) {
  const body = await req.text();
  const sig = req.headers.get('x-hub-signature') || '';
  const expected = 'sha256=' + crypto.createHmac('sha256', process.env.FLEXPORT_WEBHOOK_SECRET!)
    .update(body).digest('hex');
  if (!crypto.timingSafeEqual(Buffer.from(sig), Buffer.from(expected))) {
    return new Response('Invalid signature', { status: 401 });
  }
  const event = JSON.parse(body);
  // Process milestone, booking, invoice events
  return new Response('OK');
}

Option B: Fly.io (Always-On Webhook Receiver)

# fly.toml
app = "flexport-webhooks"
primary_region = "iad"
[http_service]
  internal_port = 3000
  force_https = true
  min_machines_running = 1

fly secrets set FLEXPORT_API_KEY="key" FLEXPORT_WEBHOOK_SECRET="secret"
fly deploy

Option C: Cloud Run (Shipment Sync Worker)

gcloud run deploy flexport-sync \
  --source . --region us-central1 \
  --set-secrets "FLEXPORT_API_KEY=flexport-key:latest" \
  --min-instances 1 --timeout 300

Post-Deploy Verification

curl -X POST https://your-app.fly.dev/webhooks/flexport \
  -H "X-Hub-Signature: sha256=invalid" -d '{"type":"test"}'
# Expected: 401 (signature verification working)

Resources

• Flexport Webhooks API
• Fly.io Docs
• Cloud Run Docs

Next Steps

For webhook event handling, see flexport-webhooks-events.