Deploy from Git (build-from-source)

Instead of a prebuilt image, give the platform a Git repo with a Dockerfile — it clones, builds the image, and runs it. Layer cache is kept in a local registry so redeploys are fast.

Requirements

  • A repo with a Dockerfile (the app builds with docker build).
  • For private repos: a Personal Access Token (PAT).

Dashboard

  1. Deploy an appGit repo tab.
  2. App name, Git repo URL, Branch (default main), Container port.
  3. (Optional) Private repo token for private repos.
  4. Deploy. After it builds, the form shows a push-to-deploy webhook.

API 

curl -s -X POST $API/deploy \
  -H "authorization: Bearer $TOKEN" -H 'content-type: application/json' \
  -d '{
    "name": "gitapp",
    "repo": "https://github.com/acme/myapp",
    "branch": "main",
    "port": 3000
  }'

Fields

Field Required Default Notes
repo ✅* HTTPS git URL.
branch   main Branch to build.
dockerfile   Dockerfile Path relative to the repo (no .., no absolute paths).
context   . Build context dir, relative to the repo.
port   80 Port your app listens on.
repoToken   PAT for private repos (encrypted at rest, never logged).

* repo builds from source; you can still add cpu, memory, domain, env, secrets.

Monorepo / custom Dockerfile path 

-d '{"name":"api","repo":"https://github.com/acme/monorepo","branch":"main",
     "dockerfile":"services/api/Dockerfile","context":"services/api","port":8080}'

Private repositories

Generate a PAT (GitHub → Settings → Developer settings → Tokens) with repo read access and pass it as repoToken:

-d '{"name":"secretapp","repo":"https://github.com/acme/private","repoToken":"ghp_xxx"}'

The token is encrypted (AES-256-GCM) and injected only into the clone URL during build. It’s never returned by the API or written to logs.

Push-to-deploy (GitHub webhook)

When you deploy from a repo, the response includes a webhook:

"webhook": {
  "url": "https://api.cynchro.cloud/webhooks/github/<appId>",
  "secret": "….",
  "contentType": "application/json",
  "events": ["push"]
}

Add it in GitHub → repo → Settings → Webhooks → Add webhook:

  • Payload URL: the url above
  • Content type: application/json
  • Secret: the secret above
  • Events: Just the push event

Now every push to the configured branch triggers an automatic rebuild + redeploy. Pushes to other branches are ignored. (Signature is verified with HMAC; a wrong secret is rejected.)

You can re-fetch the webhook later with GET /apps/:id (field webhook).

How builds work (good to know)

  • Clone is shallow (--depth 1) on the chosen branch.
  • The image is cached in a local registry; redeploys reuse layers (--cache-from) and are typically much faster than the first build.
  • If a cached build fails, it automatically retries from scratch (--no-cache).

→ Multiple containers in one app: Multi-Service Apps · Config: Secrets

This site uses Just the Docs, a documentation theme for Jekyll.