Ch. 15 — Shipping Products
Chapter 15 Phase 2 — UX Engineer

Shipping Real Products

GitHub Pages was training wheels. Now ship like a professional.

⏱ 1 hour 🛠 VS Code · Vercel account · GitHub

Why Vercel beats GitHub Pages for real products

GitHub Pages is great for static HTML/CSS/JS sites — and it still is for those. But when your product uses a build step (React, Next.js), environment variables, or serverless functions, you need something more capable.

  • Automatic deploys — push to GitHub → Vercel builds and deploys in under 30 seconds. No manual steps.
  • Preview deployments — every pull request gets its own live URL. Share it for review before merging.
  • Environment variables — store API keys and secrets securely. They never appear in your code or GitHub.
  • Serverless functions — write backend logic (like making API calls with secret keys) without maintaining a server.
  • Custom domains — connect a domain in 2 minutes. Free SSL included.

Deploying to Vercel

  1. 1
    Push your project to GitHub (you know how to do this from Chapter 5).
  2. 2
    Go to vercel.com → Sign up with GitHub → "New Project" → Import your GitHub repo.
  3. 3
    Vercel auto-detects your framework (React, Next.js, plain HTML, etc.) and sets the build command. Click Deploy.
  4. 4
    In 30 seconds you have a live URL: your-project.vercel.app. Share it. Every future push to main triggers a new deploy automatically.

Environment variables — keeping secrets secret

API keys, database passwords, and secret tokens must NEVER go in your code. If they end up in your GitHub repository, they're public. Environment variables solve this — they're stored in Vercel (or locally in a .env file) and injected into your code at build time.

bash — .env file (local only, never commit) 
# .env.local
ANTHROPIC_API_KEY=sk-ant-api03-...
FIREBASE_API_KEY=AIzaSy...
DATABASE_URL=postgres://user:password@host/db
javascript — using env vars in your code 
// In a Next.js API route or Vercel serverless function
const apiKey = process.env.ANTHROPIC_API_KEY;

// In client-side React (Vite), prefix with VITE_
// Note: client-side env vars are public — only use for non-secret values
const publicKey = import.meta.env.VITE_PUBLIC_KEY;
⚠️ Never expose API keys on the frontend
Client-side code is always visible to users
Anything in your React/JavaScript running in the browser is readable by anyone who opens DevTools. Keep secret keys on the server side — in Vercel serverless functions, not in your React components.

Serverless functions

A serverless function is a small piece of backend code that runs on-demand. In Vercel, you create a file in the /api folder and it becomes an API endpoint — no server setup, no always-running process, no infrastructure to maintain.

javascript — api/chat.js (a serverless function) 
// This file lives at /api/chat.js
// Vercel automatically makes it available at /api/chat
// The API key stays on the server — never exposed to browsers

export default async function handler(req, res) {
  const { message } = req.body;

  const response = await fetch('https://api.anthropic.com/v1/messages', {
    method: 'POST',
    headers: {
      'x-api-key': process.env.ANTHROPIC_API_KEY, // secret, server-only
      'content-type': 'application/json',
    },
    body: JSON.stringify({
      model: 'claude-opus-4-6',
      max_tokens: 1024,
      messages: [{ role: 'user', content: message }]
    })
  });

  const data = await response.json();
  res.json({ reply: data.content[0].text });
}
🚀
Hands-on activity
Deploy your ideas board to Vercel
You need: GitHub account Vercel account (free) Your Firebase app from Ch. 14
  1. 1
    Take the ideas board HTML file from Chapter 14. Create a new GitHub repo for it and push the file.
  2. 2
    Import the repo to Vercel. Deploy it. You now have a public URL for your app.
  3. 3
    In Firebase console, add your new Vercel domain to the authorized domains list (Authentication → Settings → Authorized domains → Add domain). This is required for Google sign-in to work on your production URL.
  4. 4
    Bonus: Buy a domain from Namecheap or Google Domains (~$10/yr). Add it to your Vercel project. In 2 minutes you have a professional domain. Share it with someone outside your network and ask them to try it.
Key takeaways
  • Vercel = push to GitHub → instant production deploy. Zero-config for most frameworks
  • Environment variables store secrets safely. Never put API keys in code that goes to GitHub
  • Serverless functions (in /api) let you write backend logic without managing a server
  • Every push to main auto-deploys. Every pull request gets a preview URL for review
  • Custom domains take 2 minutes to configure. SSL is automatic and free