# Build + push pitch-deck Docker image to registry.meghsakha.com # and trigger orca redeploy on every push to main that touches pitch-deck/. # # Requires Gitea Actions secret: ORCA_WEBHOOK_SECRET # (must match the `secret` field in ~/.orca/webhooks.json on the orca master) name: Build pitch-deck on: push: branches: [main] paths: - 'pitch-deck/**' jobs: build-push-deploy: runs-on: docker container: image: docker:27-cli steps: - name: Checkout run: | apk add --no-cache git openssl curl git clone --depth 1 --branch ${GITHUB_REF_NAME} ${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY}.git . - name: Login to registry env: REGISTRY_USERNAME: ${{ secrets.REGISTRY_USERNAME }} REGISTRY_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }} run: | echo "$REGISTRY_PASSWORD" | docker login registry.meghsakha.com -u "$REGISTRY_USERNAME" --password-stdin - name: Build image run: | cd pitch-deck SHORT_SHA=$(git rev-parse --short HEAD) docker build \ -t registry.meghsakha.com/breakpilot/pitch-deck:latest \ -t registry.meghsakha.com/breakpilot/pitch-deck:${SHORT_SHA} \ . - name: Push to registry run: | SHORT_SHA=$(git rev-parse --short HEAD) docker push registry.meghsakha.com/breakpilot/pitch-deck:latest docker push registry.meghsakha.com/breakpilot/pitch-deck:${SHORT_SHA} echo "Pushed :latest + :${SHORT_SHA}" - name: Trigger orca redeploy env: ORCA_WEBHOOK_SECRET: ${{ secrets.ORCA_WEBHOOK_SECRET }} ORCA_WEBHOOK_URL: http://46.225.100.82:6880/api/v1/webhooks/github run: | SHA=$(git rev-parse HEAD) PAYLOAD="{\"ref\":\"refs/heads/main\",\"repository\":{\"full_name\":\"${GITHUB_REPOSITORY}\"},\"head_commit\":{\"id\":\"$SHA\",\"message\":\"ci: pitch-deck image build\"}}" SIG=$(printf '%s' "$PAYLOAD" | openssl dgst -sha256 -hmac "$ORCA_WEBHOOK_SECRET" -r | awk '{print $1}') curl -sSf -k \ -X POST \ -H "Content-Type: application/json" \ -H "X-GitHub-Event: push" \ -H "X-Hub-Signature-256: sha256=$SIG" \ -d "$PAYLOAD" \ "$ORCA_WEBHOOK_URL" \ || { echo "Orca redeploy failed"; exit 1; } echo "Orca redeploy triggered"