# Build + push pitch-deck Docker image to registry.meghsakha.com
# and trigger orca redeploy on every push to main that touches pitch-deck/.
#
# Orca's webhook endpoint doesn't require HMAC signing unless a secret is
# configured on the webhook (orca webhooks add doesn't set one by default).

name: Build pitch-deck

on:
  push:
    branches: [main]
    paths:
      - 'pitch-deck/**'

jobs:
  build-push-deploy:
    runs-on: docker
    container:
      image: docker:27-cli
    steps:
      - name: Checkout
        run: |
          apk add --no-cache git curl
          git clone --depth 1 --branch ${GITHUB_REF_NAME} ${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY}.git .

      - name: Build image
        run: |
          cd pitch-deck
          SHORT_SHA=$(git rev-parse --short HEAD)
          docker build \
            -t registry.meghsakha.com/breakpilot/pitch-deck:latest \
            -t registry.meghsakha.com/breakpilot/pitch-deck:${SHORT_SHA} \
            .

      - name: Push to registry
        run: |
          SHORT_SHA=$(git rev-parse --short HEAD)
          docker push registry.meghsakha.com/breakpilot/pitch-deck:latest
          docker push registry.meghsakha.com/breakpilot/pitch-deck:${SHORT_SHA}
          echo "Pushed :latest + :${SHORT_SHA}"

      - name: Trigger orca redeploy
        env:
          ORCA_WEBHOOK_URL: https://46.225.100.82:6880/api/v1/webhooks/github
        run: |
          SHA=$(git rev-parse HEAD)
          PAYLOAD="{\"ref\":\"refs/heads/main\",\"repository\":{\"full_name\":\"${GITHUB_REPOSITORY}\"},\"head_commit\":{\"id\":\"$SHA\",\"message\":\"ci: pitch-deck image build\"}}"
          curl -sSf -k \
            -X POST \
            -H "Content-Type: application/json" \
            -H "X-GitHub-Event: push" \
            -d "$PAYLOAD" \
            "$ORCA_WEBHOOK_URL" \
            || { echo "Orca redeploy failed"; exit 1; }
          echo "Orca redeploy triggered"