The open-source compliance platform.
Learn more Β»
Discord
Β·
Website
Β·
Documentation
Β·
Issues
Β·
Roadmap
We're building the first open source compliance automation platform that helps companies of any size work towards, manage and achieve compliance with common standards like SOC 2, ISO 27001 and GDPR.
We transform compliance from a vendor checkbox into an engineering problem solved through code. Our platform automates evidence collection, policy management, and control implementation while keeping you in control of your data and infrastructure.
Contact our founders at hello@trycomp.ai to learn more about how we can help you achieve compliance.
Join our waitlist to get early access to the cloud hosted version of Comp AI.
To get a local copy up and running, please follow these simple steps.
Here is what you need to be able to run Comp AI.
- Node.js (Version: >=20.x)
- Bun (Version: >=1.1.36)
- Postgres (Version: >=15.x)
To get the project working locally with all integrations, follow these extended development steps.
-
Clone the repo:
git clone https://github.com/trycompai/comp.git
-
Navigate to the project directory:
cd comp -
Remove existing lock files:
rm bun.lock yarn.lockdel bun.lock yarn.lockRemove-Item bun.lock, yarn.lock- Remove any
yarnreferences fromcomp/apps/app/package.json
"yarn": "^1.22.22",π‘ Make sure this line is already deleted or running
bun installwill give you an error.
- Install dependencies using Bun:
bun install- Install
concurrentlyas a dev dependency:
bun add -d concurrentlyCreate the following .env files and fill them out with your credentials:
comp/apps/app/.envcomp/apps/portal/.envcomp/packages/db/.env
You can copy from the .env.example files:
cp apps/app/.env.example apps/app/.env
cp apps/portal/.env.example apps/portal/.env
cp packages/db/.env.example packages/db/.envcopy apps\app\.env.example apps\app\.env
copy apps\portal\.env.example apps\portal\.env
copy packages\db\.env.example packages\db\.envCopy-Item apps\app\.env.example -Destination apps\app\.env
Copy-Item apps\portal\.env.example -Destination apps\portal\.env
Copy-Item packages\db\.env.example -Destination packages\db\.envAdditionally, ensure the following required environment variables are added to .env in comp/apps/app/.env:
AUTH_SECRET="" # Use `openssl rand -base64 32` to generate
DATABASE_URL="postgresql://user:password@host:port/database"
RESEND_API_KEY="" # Resend (https://resend.com/api-keys) - Resend Dashboard -> API Keys
NEXT_PUBLIC_PORTAL_URL="http://localhost:3002"
REVALIDATION_SECRET="" # Use `openssl rand -base64 32` to generateβ Make sure you have all of these variables in your
.envfile. If you're copying from.env.example, it might be missing the last two (NEXT_PUBLIC_PORTAL_URLandREVALIDATION_SECRET), so be sure to add them manually.
Some environment variables may not load correctly from .env β in such cases, hard-code the values directly in the relevant files (see Hardcoding section below).
- Create an account on https://cloud.trigger.dev
- Create a project and copy the Project ID
- In
comp/apps/app/trigger.config.ts, set:project: "proj_****az***ywb**ob*";
-
Create an OAuth client:
- Type: Web Application
- Name:
comp_app# You can choose a different name if you prefer!
-
Add these Authorized Redirect URIs:
http://localhost http://localhost:3000 http://localhost:3002 http://localhost:3000/api/auth/callback/google http://localhost:3002/api/auth/callback/google http://localhost:3000/auth http://localhost:3002/auth -
After creating the app, copy the
GOOGLE_IDandGOOGLE_SECRET- Add them to your
.envfiles - If that doesnβt work, hard-code them in:
comp/apps/portal/src/app/lib/auth.ts
- Add them to your
- Go to https://console.upstash.com
- Create a Redis database
- Copy the Redis URL and TOKEN
- Add them to your
.envfile, or hard-code them if the environment variables are not being recognized in:comp/packages/kv/src/index.ts
Start and initialize the PostgreSQL database using Docker:
-
Start the database:
bun docker:up
-
Default credentials:
- Database name:
comp - Username:
postgres - Password:
postgres
- Database name:
-
To change the default password:
ALTER USER postgres WITH PASSWORD 'new_password';
-
If you encounter the following error:
HINT: No function matches the given name and argument types...Run the fix:
psql "postgresql://postgres:<your_password>@localhost:5432/comp" -f ./packages/db/prisma/functionDefinition.sqlExpected output:
CREATE FUNCTIONπ‘
compis the database name. Make sure to use the correct port and database name for your setup. -
Apply schema and seed:
# Generate Prisma client
bun db:generate
# Push the schema to the database
bun db:push
# Optional: Seed the database with initial data
bun db:seedOther useful database commands:
# Open Prisma Studio to view/edit data
bun db:studio
# Run database migrations
bun db:migrate
# Stop the database container
bun docker:down
# Remove the database container and volume
bun docker:cleanIf .env files donβt load values as expected, you can hard-code the following:
-
comp/packages/kv/src/index.tsβ Hard-coded Redis client credentials:- URL: The Redis URL needs to start with
https. Example:url: "https://default:AXhaAA***MA@charmed-wombat-3**0.upstash.io:6379" - Token: Example:
token: "935****8f20"
- URL: The Redis URL needs to start with
-
comp/packages/db/prisma/schema.prismaβ Hard-codedDATABASE_URL:- Example:
sh datasource db { url = "postpostgresql://user:password@host:port/database?schema=public" directUrl = "postpostgresql://user:password@host:port/database?schema=public" }
- Example:
-
comp/apps/portal/src/app/lib/auth.tsβ Hard-coded Google environment variablesclientId,clientSecretundersocialProviders/google:- Example:
socialProviders: { google: { clientId: "your-client-id", clientSecret: "your-client-secret" } }
- Example:
-
comp/apps/app/trigger.config.tsβ Change the project to yours:- Example:
projectId: "proj_la**ob"
- Example:
Once everything is configured:
bun run devOr use the Turbo repo script:
turbo devπ‘ Make sure you have Turbo installed. If not, you can install it using Bun:
bun add -g turboπ Yay! You now have a working local instance of Comp AI! π
Steps to deploy Comp AI on Docker are coming soon.
Steps to deploy Comp AI on Vercel are coming soon.
Comp AI, Inc. is a commercial open source company, which means some parts of this open source repository require a commercial license. The concept is called "Open Core" where the core technology (99%) is fully open source, licensed under AGPLv3 and the last 1% is covered under a commercial license (["/ee" Enterprise Edition"]).
Tip
We work closely with the community and always invite feedback about what should be open and what is fine to be commercial. This list is not set and stone and we have moved things from commercial to open in the past. Please open a discussion if you feel like something is wrong.