Update action.yml

Author: Tob1as

.github/actions/docker-setup/action.yml

@@ -4,15 +4,25 @@ description: Docker Setup (install, qemu, buildx and login)
 
 inputs:
   git_url:
-    description: "Git-URL from Workflow"
+    description: "Git-URL/Registry-Domain from Workflow"
     required: false
     #default: 'ghcr.io'
+    #default: ${{ github.server_url == 'https://github.com' && 'ghcr.io' || '' }}
   git_username:
     description: "Git-Username variable from Workflow"
     required: false
+    default: ${{ github.repository_owner }} # ${{ github.repository_owner }} or ${{ github.actor }}
   git_token:
     description: "Git-Token secret from Workflow"
     required: false
+  git_buildx_insecure_mode:
+    description: "Mode: none|insecure|custom-ca"
+    required: false
+    default: 'none'
+  git_buildx_ca_path:
+    description: "Path to CA chain file for custom-ca"
+    required: false
+    default: '/etc/ssl/certs/ca-chain.crt'
   docker_username:
     description: "Docker Username variable from Workflow"
     required: false
@@ -46,19 +56,35 @@ runs:
         fi
         echo "GIT_URL=$GIT_URL" >> "$GITHUB_ENV"
 
-        GIT_USERNAME="${{ inputs.git_username }}"
-        if [[ -z "$GIT_USERNAME" ]]; then
-          GIT_USERNAME="${{github.repository_owner}}"
-          #GIT_USERNAME="${{github.actor}}"
-        fi
-        echo "GIT_USERNAME=$GIT_USERNAME" >> "$GITHUB_ENV"
+    - name: Create buildx config
+      id: buildx_config
+      shell: bash
+      run: |
+        MODE="${{ inputs.git_buildx_insecure_mode }}"
+        REGISTRY="${{ env.GIT_URL }}"
+        
+        case "$MODE" in
+          "none") echo "config<<EOF" >> $GITHUB_OUTPUT && echo "" >> $GITHUB_OUTPUT && echo "EOF" >> $GITHUB_OUTPUT ;;
+          "insecure") 
+            echo "config<<EOF" >> $GITHUB_OUTPUT
+            echo "[registry.\"$REGISTRY\"]" >> $GITHUB_OUTPUT
+            echo "  insecure = true" >> $GITHUB_OUTPUT
+            echo "EOF" >> $GITHUB_OUTPUT ;;
+          "custom-ca")
+            echo "config<<EOF" >> $GITHUB_OUTPUT
+            echo "[registry.\"$REGISTRY\"]" >> $GITHUB_OUTPUT
+            echo "  ca = [\"${{ inputs.git_buildx_ca_path }}\"]" >> $GITHUB_OUTPUT
+            echo "EOF" >> $GITHUB_OUTPUT ;;
+        esac
+
+        echo "::debug::Buildx Config:\n$CONFIG"
 
     - name: Debug Variables
       id: debug
       shell: bash
       run: |
         echo "GIT_URL=${{ env.GIT_URL }}"
-        echo "GIT_USERNAME=${{ env.GIT_USERNAME }}"
+        echo "GIT_USERNAME=${{ inputs.git_username }}"
         echo "DOCKER_USERNAME=${{ inputs.docker_username }}"
         echo "QUAY_USERNAME=${{ inputs.quay_username }}"
 
@@ -82,19 +108,20 @@ runs:
     - name: Set up Docker Buildx
       id: buildx
       uses: docker/setup-buildx-action@v3
+      with: 
+        buildkitd-config-inline: ${{ steps.buildx_config.outputs.config }}
       #with:
-      #  config-inline: |
+      #  buildkitd-config-inline: |
       #    [registry."${{ env.GIT_URL }}"]
       #      #insecure = true
-      #      #ca=["/etc/ssl/certs/ca-certificates.crt"]
-      #      ca=["/etc/ssl/certs/fullca.crt"] 
+      #      ca=["/etc/ssl/certs/ca-chain.crt"]
 
     - name: Login to GIT Container Registry
-      if: env.GIT_URL != '' && env.GIT_USERNAME != '' && inputs.git_token != ''
+      if: env.GIT_URL != '' && inputs.git_username != '' && inputs.git_token != ''
       uses: docker/login-action@v3
       with:
         registry: ${{ env.GIT_URL }}
-        username: ${{ env.GIT_USERNAME }}
+        username: ${{ inputs.git_username }}
         password: ${{ inputs.git_token }}
 
     - name: Login to Docker Hub Container Registry
@@ -105,13 +132,13 @@ runs:
         username: ${{ inputs.docker_username }}
         password: ${{ inputs.docker_password }}
 
-    #- name: Login to Docker Hardened Images Container Registry
-    #  if: inputs.docker_username != '' && inputs.docker_password != ''
-    #  uses: docker/login-action@v3
-    #  with:
-    #    registry: dhi.io
-    #    username: ${{ inputs.docker_username }}
-    #    password: ${{ inputs.docker_password }}
+    - name: Login to Docker Hardened Images Container Registry
+      if: inputs.docker_username != '' && inputs.docker_password != ''
+      uses: docker/login-action@v3
+      with:
+        registry: dhi.io
+        username: ${{ inputs.docker_username }}
+        password: ${{ inputs.docker_password }}
 
     - name: Login to RED HAT Quay.io Container Registry
       if: inputs.quay_username != '' && inputs.quay_password != ''