budi-cloud
May 15, 2026 · View on GitHub
Cloud dashboard and ingest API for budi. AI cost visibility for solo developers and teams across users, repos, models, branches, and tickets.
Overview
- Dashboard at
app.getbudi.dev— Overview, Team, Models, Repos, Sessions, and Settings pages - Ingest API — receives pre-aggregated daily rollups and session summaries from the budi daemon
- Auth — Supabase Auth (GitHub, Google, magic link) with org-based access control
Built with Next.js 16, React 19, Supabase, and Tailwind CSS 4.
New here? Start with CONTRIBUTING.md for the dev workflow, then read SOUL.md for the deeper architecture map.
What data the cloud receives
The budi daemon pushes pre-aggregated daily rollups and session summaries — numeric metrics only. The cloud never receives prompts, code, AI responses, file paths, email addresses, raw payloads, or tag values. There is no "full upload" mode.
What syncs: token counts, costs, model names, hashed repo IDs, branch names, ticket IDs, session durations, and message counts.
See ADR-0083 for the complete privacy contract.
Transport and trust model
- HTTPS only — the daemon refuses to sync over plain HTTP
- Push-only — the daemon initiates all connections; the cloud never reaches back to developer machines. There is no webhook, pull, or remote command channel
- Idempotent — sync uses UPSERT semantics with deterministic keys; retries are safe and produce no duplicates
Team model (cloud alpha)
The cloud alpha works for solo developers and small teams (1–20 developers):
| Aspect | Detail |
|---|---|
| Roles | manager (view all org data, manage members) and member (sync data, view own data) |
| Granularity | Daily aggregates; no per-message, per-hour, or real-time views |
| Retention | 90 days |
| Multi-org | Not supported in v1 — one user belongs to one org |
| SSO / SAML | Not supported in v1 — API key auth for daemon sync, Supabase Auth (GitHub, Google, magic link) for the web dashboard |
Auth
- Web dashboard: Supabase Auth with GitHub, Google, and magic link sign-in
- Daemon sync: API key (
budi_<key>) inAuthorization: Bearerheader. Users link a local daemon to their cloud account withbudi cloud init --api-key <key>; the daemon then owns the on-disk key storage. - Ingest API:
POST /v1/ingestaccepts the sync envelope;GET /v1/ingest/status?device_id=…returns watermark and sync health for a linked device. - Pricing API:
GET /v1/pricing/activereturns the org's active price list so the local daemon can mirror cloud math. Pass?since_version=N(orIf-None-Match) to short-circuit to304when the daemon is up to date. Returns404when no active list is configured (daemon treats this as "no override" and keeps its default LiteLLM-derived pricing). Privacy-safe — only the negotiated sale price is sent; the vendor list price stays cloud-side.
Setup
- Copy
.env.local.exampleto.env.localand fill in your Supabase project keys - Install dependencies and run:
npm ci
npm run dev
Build
npm run build
Deployment
The app is deployed to Vercel and connects to a Supabase project. Database migrations live in supabase/migrations/ and ship automatically:
- Pull requests —
.github/workflows/ci.ymldry-runs every migration against a fresh Postgres so syntax / dependency errors fail at review time. - Merges to
main—.github/workflows/db-push.ymlrunssupabase db push --include-allagainst the linked Supabase project whenever a commit onmaintouchessupabase/migrations/**.
Required GitHub Actions secrets: SUPABASE_ACCESS_TOKEN, SUPABASE_DB_PASSWORD, SUPABASE_PROJECT_REF. Do not apply migrations through the Supabase SQL editor — schema applied out-of-band drifts from the migration history and breaks future deploys.
Ecosystem
- budi — Rust daemon + CLI (pushes data via cloud sync)
- budi-cursor — VS Code/Cursor extension
- budi-jetbrains — JetBrains IDE plugin
- homebrew-budi — Homebrew tap for
brew install siropkin/budi/budi - getbudi.dev — Public marketing landing page