fix(ci): gate Docker Hub login without direct secrets expressions by JSONbored · Pull Request #47 · JSONbored/sure-aio

JSONbored · 2026-04-16T04:59:59Z

Summary

Fixes GitHub Actions startup failures caused by invalid direct secrets.* expressions in workflow conditions and restores Docker Hub publish gating.

add a Resolve Docker Hub publish settings step in CI / Sure-AIO publish job
compute and expose safe step outputs:
- enabled (true/false based on Docker Hub secret presence)
- image_name (from DOCKERHUB_IMAGE_NAME, fallback to IMAGE_NAME)
replace invalid condition:
- from direct if: ${{ secrets... }} usage
- to if: ${{ steps.dockerhub.outputs.enabled == 'true' }}
update tag-computation env wiring to consume resolver outputs instead of direct secret expressions

merged main workflows failed to parse with:
- Unrecognized named-value: 'secrets'
publish pipeline could not start until workflow syntax was corrected
resolver-based outputs keep Docker Hub behavior optional while remaining valid for workflow parsing

workflow file parses correctly after update
local template validation still passes:
- python3 scripts/validate-template.py

Docker Hub publish remains conditional and only runs when both DOCKERHUB_USERNAME and DOCKERHUB_TOKEN are configured.
DOCKERHUB_IMAGE_NAME remains supported for namespace override (defaults to jsonbored/sure-aio via IMAGE_NAME fallback).

fix(ci): gate Docker Hub login without direct secrets expressions

bfc7368

JSONbored merged commit 764a7a0 into main Apr 16, 2026
10 checks passed

JSONbored deleted the codex/fix-build-secrets-expression branch April 16, 2026 05:05