diff --git a/.gitignore b/.gitignore
index a8ed375d9..cf1ef665e 100644
--- a/.gitignore
+++ b/.gitignore
@@ -73,7 +73,6 @@ query-results
 .yo-rc.json
 node_modules/
 coverage/
-build/
 bower_components/
 reports/
 
@@ -114,7 +113,6 @@ buildNumber.properties
 ## Gradle
 ##############################
 bin/
-build/
 .gradle
 .gradletasknamecache
 gradle-app.setting
@@ -151,7 +149,6 @@ local.properties
 ## NetBeans
 ##############################
 nbproject/private/
-build/
 nbbuild/
 dist/
 nbdist/
diff --git a/build/.githubfile b/build/.githubfile
new file mode 100644
index 000000000..e69de29bb
diff --git a/build/entrypoint.sh b/build/entrypoint.sh
new file mode 100644
index 000000000..2f09fef29
--- /dev/null
+++ b/build/entrypoint.sh
@@ -0,0 +1,25 @@
+#!/busybox/sh
+
+server_startup () {
+    java org.exist.start.Main jetty | tee startup.log
+}
+
+password_change() {
+    while true; do
+        tail -n 20 startup.log | grep "Jetty server started" && break
+        sleep 5
+    done
+
+    echo "running password change"
+    java org.exist.start.Main client \
+    --no-gui \
+    -u admin -P '' \
+    -x "sm:passwd('admin', '$ADMIN_PASSWORD')" 
+    echo "ran password change"
+}
+
+touch startup.log
+
+server_startup &
+password_change
+wait
\ No newline at end of file
diff --git a/build/git-sync_template.xql b/build/git-sync_template.xql
new file mode 100644
index 000000000..cb55e5c00
--- /dev/null
+++ b/build/git-sync_template.xql
@@ -0,0 +1,26 @@
+xquery version "3.1";
+
+(:~ 
+ : Webhook endpoint for Srophe Web Application 
+ : XQuery endpoint to respond to Github webhook requests.  
+ : 
+ : Requirements
+ :  - githubxq library : http://exist-db.org/lib/githubxq 
+ :  - EXPath Crypto library : http://expath.org/spec/crypto
+ :  - eXist-db 3.0 or greater 
+ :  - Must be run with elevated privileges: sm:chmod(xs:anyURI('/db/apps/srophe/modules/git-sync.xql'), "rwsr-xr-x")
+ :
+ : @author Winona Salesky
+ : @version 2.0 
+ :)
+ 
+import module namespace githubxq="http://exist-db.org/lib/githubxq";
+
+let $data := request:get-data()
+return 
+    githubxq:execute-webhook($data, 
+        '/db/apps/spear',
+        'https://github.com/srophe/spear',
+        'main',
+        '${SECRET_KEY}',
+        '')
diff --git a/build/workflow.sh b/build/workflow.sh
new file mode 100755
index 000000000..76f4ea8ad
--- /dev/null
+++ b/build/workflow.sh
@@ -0,0 +1,69 @@
+GITHUB_ORG="srophe"
+GITHUB_REPOSITORY="spear-data"
+
+### CREATE NECESSARY CONFIG FOR THE BUILD, AND POPULATE VERSION AND PACKAGE_NAME
+# use sed to replace the template git-sync with secrets and other
+TEMPLATE_FILE="./build/git-sync_template.xql"
+DESTINATION_FILE="./conf/git-sync.xql"
+
+echo "Copying secret key over"
+# SECRET_KEY, $ADMIN_PASSWORD
+sed \
+    -e "s/\${SECRET_KEY}/$SECRET_KEY/" \
+    $TEMPLATE_FILE > $DESTINATION_FILE
+echo "Copied secret key over successfully"
+
+# GET the version of the project from the expath-pkg.xml
+VERSION=$(cat expath-pkg.xml | grep package | grep version=  | awk -F'version="' '{ print $2 }' | awk -F'"' '{ print $1 }')
+# GET the package name of the project from the expath-pkg.xml file
+PACKAGE_NAME=$(cat expath-pkg.xml | grep package | grep version=  | awk -F'abbrev="' '{ print $2 }' | awk -F'"' '{ print tolower($1) }')
+echo "Deploying app $PACKAGE_NAME:$VERSION"
+
+
+### BUILD THE APPLICATION AND DATA THAT USES CONFIGS FROM THE PREV STEP A
+# remove any old auto deploy
+rm -rf autodeploy
+# create an autodeploy folder
+mkdir autodeploy
+
+echo "Running app build ..."
+ant
+echo "Ran app build successfully"
+
+echo "Fetching the data repository to build a data xar"
+git clone https://github.com/$GITHUB_ORG/$GITHUB_REPOSITORY
+
+cd $GITHUB_REPOSITORY
+rm -rf build
+mkdir build
+echo "Running data build ..."
+ant
+echo "Ran data build successfully"
+
+cd ..
+# move the xar from build to autodeploy
+mv build/*.xar autodeploy/
+mv $GITHUB_REPOSITORY/build/*.xar autodeploy/
+rm -rf $GITHUB_REPOSITORY
+
+
+### BUILD DOCKER WITH THE APPLICATION AND DATA XAR FILE
+echo "Building docker file"
+docker build -t "$PACKAGE_NAME:$VERSION" --build-arg ADMIN_PASSWORD="$ADMIN_PASSWORD" --no-cache .
+echo docker build -t "$PACKAGE_NAME:$VERSION" --build-arg ADMIN_PASSWORD="$ADMIN_PASSWORD" --no-cache .
+echo "Built successfully"
+
+DOCKER_URL=$AWS_ACCOUNT_ID.dkr.ecr.$AWS_REGION.amazonaws.com/$ECR_REPOSITORY:latest
+
+### UPLOAD TO ECR
+echo "Loging in to AWS"
+# Get the aws docker login creds. Note: only works if the github repo is allowed access from OIDC
+aws ecr get-login-password --region $AWS_REGION | \
+docker login --username AWS --password-stdin $AWS_ACCOUNT_ID.dkr.ecr.$AWS_REGION.amazonaws.com 
+echo "Logged in successfully"
+
+docker tag $PACKAGE_NAME:$VERSION $DOCKER_URL
+echo "Pushing to $DOCKER_URL"
+docker push $DOCKER_URL
+
+echo "Pushed successfully, wait for a few minutes to see the changes reflected"