From 51a19aca466af2d86c6d54515948fd0a1f6df98b Mon Sep 17 00:00:00 2001
From: ChristophShyper <45788587+ChristophShyper@users.noreply.github.com>
Date: Mon, 13 Apr 2026 21:19:32 +0200
Subject: [PATCH] fix: update cron job names and permissions in workflow files;
 add example .env file

---
 .env.example                                  |  6 +++
 .github/workflows/cron-check-dependencies.yml |  8 ++--
 .../workflows/manual-sync-common-files.yml    | 27 --------------
 .pre-commit-config.yaml                       |  8 ++--
 README.md                                     | 31 ++++++++++++++++
 Taskfile.docker.yml                           | 37 +++++++++++++++++--
 Taskfile.yml                                  |  3 ++
 7 files changed, 81 insertions(+), 39 deletions(-)
 create mode 100644 .env.example
 delete mode 100644 .github/workflows/manual-sync-common-files.yml

diff --git a/.env.example b/.env.example
new file mode 100644
index 0000000..f91305b
--- /dev/null
+++ b/.env.example
@@ -0,0 +1,6 @@
+DOCKER_USERNAME=your-dockerhub-user
+DOCKER_ORG_NAME=your-dockerhub-org
+DOCKER_TOKEN=your-docker-token
+GITHUB_USERNAME=your-github-user
+GITHUB_ORG_NAME=your-github-org
+GITHUB_TOKEN=your-github-token
diff --git a/.github/workflows/cron-check-dependencies.yml b/.github/workflows/cron-check-dependencies.yml
index e69779c..2aca17b 100644
--- a/.github/workflows/cron-check-dependencies.yml
+++ b/.github/workflows/cron-check-dependencies.yml
@@ -1,4 +1,4 @@
-name: (Cron) Weekly repository health
+name: (Cron) Check dependencies
 
 on:
   schedule:
@@ -6,10 +6,10 @@ on:
   workflow_dispatch:
 
 permissions:
-  contents: read
-  issues: write
-  pull-requests: read
+  contents: write
+  pull-requests: write
   packages: write
+  issues: read
 
 jobs:
   call:
diff --git a/.github/workflows/manual-sync-common-files.yml b/.github/workflows/manual-sync-common-files.yml
deleted file mode 100644
index b259955..0000000
--- a/.github/workflows/manual-sync-common-files.yml
+++ /dev/null
@@ -1,27 +0,0 @@
-name: (Manual) Sync Common Files
-
-on:
-  workflow_dispatch:
-    inputs:
-      type:
-        description: File type to sync
-        required: true
-        default: all
-        type: choice
-        options:
-          - all
-          - configs
-          - ignores
-          - taskfiles
-
-permissions:
-  contents: write
-  pull-requests: write
-
-jobs:
-  call:
-    uses: devops-infra/.github/.github/workflows/reusable-manual-sync-common-files.yml@v1
-    with:
-      sync-type: ${{ inputs.type }}
-      template-profile: actions
-    secrets: inherit
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index 113778a..7e16b3a 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -31,16 +31,16 @@ repos:
         pass_filenames: false
       - id: hadolint
         name: hadolint
-        entry: bash -lc 'docker run --rm -v "$PWD:/work" -w /work hadolint/hadolint:latest-debian "$@"' --
+        entry: bash -lc 'docker run --rm -v "$PWD:/work" -w /work hadolint/hadolint:latest-debian /bin/hadolint "$@"' --
         language: system
-        files: '(^|/)Dockerfile(\..*)?$'
+        files: (^|/)Dockerfile(\..*)?$
       - id: shellcheck
         name: shellcheck
         entry: bash -lc 'docker run --rm -v "$PWD:/work" -w /work koalaman/shellcheck:stable -x -S style "$@"' --
         language: system
-        files: '\.sh$'
+        files: \.sh$
       - id: yamllint
         name: yamllint
         entry: bash -lc 'docker run --rm -v "$PWD:/work" -w /work cytopia/yamllint -c .yamllint.yml "$@"' --
         language: system
-        files: '\.(yml|yaml)$'
+        files: \.(yml|yaml)$
diff --git a/README.md b/README.md
index f321e55..a3e4423 100644
--- a/README.md
+++ b/README.md
@@ -43,6 +43,8 @@ This action supports three tag levels for flexible versioning:
 - `vX.Y.Z`: fixed to a specific release (e.g., `v1.2.3`).
 
 
+
+
 ## 📖 API Reference
 
 ```yaml
@@ -262,3 +264,32 @@ This project is licensed under the MIT License - see the [LICENSE](LICENSE) file
 If you have any questions or need help, please:
 - 📝 Create an [issue](https://github.com/devops-infra/action-commit-push/issues)
 - 🌟 Star this repository if you find it useful!
+
+## Forking
+To publish images from a fork, set these variables so Task uses your registry identities:
+`DOCKER_USERNAME`, `DOCKER_ORG_NAME`, `GITHUB_USERNAME`, `GITHUB_ORG_NAME`.
+
+Two supported options (environment variables take precedence over `.env`):
+```bash
+# .env (local only, not committed)
+DOCKER_USERNAME=your-dockerhub-user
+DOCKER_ORG_NAME=your-dockerhub-org
+GITHUB_USERNAME=your-github-user
+GITHUB_ORG_NAME=your-github-org
+```
+
+```bash
+# Shell override
+DOCKER_USERNAME=your-dockerhub-user \
+DOCKER_ORG_NAME=your-dockerhub-org \
+GITHUB_USERNAME=your-github-user \
+GITHUB_ORG_NAME=your-github-org \
+task docker:build
+```
+
+Recommended setup:
+- Local development: use a `.env` file.
+- GitHub Actions: set repo variables for the four values above, and secrets for `DOCKER_TOKEN` and `GITHUB_TOKEN`.
+
+Publish images without a release:
+- Run the `(Manual) Update Version` workflow with `build_only: true` to build and push images without tagging a release.
diff --git a/Taskfile.docker.yml b/Taskfile.docker.yml
index 9b66a81..1407f3b 100644
--- a/Taskfile.docker.yml
+++ b/Taskfile.docker.yml
@@ -6,10 +6,39 @@ tasks:
   docker:login:
     desc: Login to hub.docker.com and ghcr.io
     cmds:
-      - echo "Logging into Docker Hub as {{.DOCKER_USERNAME}}"
-      - echo "${DOCKER_TOKEN}" | docker login -u "{{.DOCKER_USERNAME}}" --password-stdin
-      - echo "Logging into GHCR as {{.GITHUB_USERNAME}}"
-      - echo "${GITHUB_TOKEN}" | docker login ghcr.io -u "{{.GITHUB_USERNAME}}" --password-stdin
+      - |
+        set -eu
+        docker_username='{{.DOCKER_USERNAME}}'
+        github_username='{{.GITHUB_USERNAME}}'
+        has_dockerhub=false
+        has_ghcr=false
+
+        if [ -n "$docker_username" ] && [ -n "${DOCKER_TOKEN:-}" ]; then
+          has_dockerhub=true
+        fi
+
+        if [ -n "$github_username" ] && [ -n "${GITHUB_TOKEN:-}" ]; then
+          has_ghcr=true
+        fi
+
+        if [ "$has_dockerhub" = false ] && [ "$has_ghcr" = false ]; then
+          echo "❌ No registry credentials provided. Set DOCKER_USERNAME/DOCKER_TOKEN or GITHUB_USERNAME/GITHUB_TOKEN."
+          exit 1
+        fi
+
+        if [ "$has_dockerhub" = true ]; then
+          echo "Logging into Docker Hub as $docker_username"
+          printf '%s' "${DOCKER_TOKEN}" | docker login -u "$docker_username" --password-stdin
+        else
+          echo "⚠️ Skipping Docker Hub login (missing DOCKER_USERNAME/DOCKER_TOKEN)"
+        fi
+
+        if [ "$has_ghcr" = true ]; then
+          echo "Logging into GHCR as $github_username"
+          printf '%s' "${GITHUB_TOKEN}" | docker login ghcr.io -u "$github_username" --password-stdin
+        else
+          echo "⚠️ Skipping GHCR login (missing GITHUB_USERNAME/GITHUB_TOKEN)"
+        fi
 
   docker:cmds:
     desc: Show full docker build command
diff --git a/Taskfile.yml b/Taskfile.yml
index 354f1f3..45abad0 100644
--- a/Taskfile.yml
+++ b/Taskfile.yml
@@ -2,6 +2,9 @@ version: '3'
 
 silent: true
 
+dotenv:
+  - .env
+
 includes:
   variables: ./Taskfile.variables.yml
   cicd: