chore: add tests, update docs and actions (#299)

* docs: update documentation * feat: validate-inputs has it's own pyproject * security: mask DOCKERHUB_PASSWORD * chore: add tokens, checkout, recrete docs, integration tests * fix: add `statuses: write` permission to pr-lint
2026-02-26 11:52:12 +00:00 · 2025-10-18 13:09:19 +03:00
parent d3c2de1bd1
commit 7061aafd35
148 changed files with 5119 additions and 1897 deletions
--- a/docker-publish/action.yml
+++ b/docker-publish/action.yml
@@ -54,6 +54,10 @@ inputs:
  dockerhub-password:
    description: 'Docker Hub password or access token for authentication'
    required: false
+  token:
+    description: 'GitHub token for authentication'
+    required: false
+    default: ''

 outputs:
  registry:
@@ -84,6 +88,18 @@ outputs:
 runs:
  using: composite
  steps:
+    - name: Mask Sensitive Inputs
+      shell: bash
+      env:
+        DOCKERHUB_PASSWORD: ${{ inputs.dockerhub-password }}
+      run: |
+        set -euo pipefail
+
+        # Mask Docker Hub credentials to prevent exposure in logs
+        if [[ -n "${DOCKERHUB_PASSWORD}" ]]; then
+          echo "::add-mask::${DOCKERHUB_PASSWORD}"
+        fi
+
    - name: Validate Inputs
      id: validate
      shell: bash
@@ -147,6 +163,11 @@ runs:

        echo "Publishing to: $REGISTRY"

+    - name: Checkout Repository
+      uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      with:
+        token: ${{ inputs.token || github.token }}
+
    - name: Build Multi-Arch Docker Image
      id: build
      uses: ./docker-build