fix checkout-action (#36)

* fix git checkout action
- Git version 2.35.2 introduces security fix that breaks action\checkout
- actions/checkout#760

* update README

* execute Docker Scout only on PRs

* add examples for secrets and vars file

* add elif to cspell

* add .secrets and .vars to .gitignore

.cspell.json

@@ -33,6 +33,7 @@
     "dnsutils",
     "dockerhub",
     "dpkg",
+    "elif",
     "fakeroot",
     "getversion",
     "gfortran",

.github/workflows/ci.yml

@@ -192,17 +192,18 @@ jobs:
       - name: Docker Scout
         id: docker-scout
         uses: docker/[email protected]
+        if: github.event_name == 'pull_request'
         with:
           # platform: linux/amd64
           command: sbom,compare
-          image: ${{ github.ref == 'refs/heads/main' && steps.meta.outputs.tags || env.PATH_TO_IMAGE }}
-          type: ${{ github.ref == 'refs/heads/main' && 'image' || 'archive' }}
+          image: ${{ env.PATH_TO_IMAGE }}
+          type: archive
           to: ${{ env.TO_TAG }}
           ignore-unchanged: true
           only-severities: critical
-          write-comment: ${{ github.event_name == 'pull_request' && github.actor != 'nektos/act' }}
+          write-comment: ${{ github.actor != 'nektos/act' }}
           keep-previous-comments: true
-          summary: ${{ github.event_name == 'pull_request' && github.actor != 'nektos/act' }}
+          summary: ${{ github.actor != 'nektos/act' }}
           github-token: ${{ secrets.GITHUB_TOKEN }}
           organization: ${{ vars.DOCKERHUB_USER || github.repository_owner }}
 

.gitignore

@@ -1 +1,3 @@
 megalinter-reports/
+.secrets
+.vars

.secrets.example

@@ -0,0 +1 @@
+DOCKERHUB_TOKEN=<keep-me-secret>

.vars.example

@@ -0,0 +1 @@
+DOCKERHUB_USER=<your_docker_hub_user>

README.md

@@ -46,18 +46,42 @@ documentation📖][nektosDocs]
 
 ## How I run act on my M2-Max 💻
 
-- didnt work properly when installed via brew, so I installed it via GitHub-CLI:
+- installed HEAD Version of act via brew
 
   ```bash
-  gh extension install https://github.com/nektos/gh-act
+  brew install --HEAD act
   ```
 
-- set an alias:
+- set an alias to always pass the GITHUB_TOKEN
 
   ```bash
-  alias act='gh act -s GITHUB_TOKEN="$(gh auth token)"'
+  # always add gh auth token to act
+  if validate_command act; then
+      alias act='act -s GITHUB_TOKEN="$(gh auth token)"'
+  # add alias to use gh act as act if gh-act is installed and act is not found
+  elif gh extension list | grep -q "nektos/gh-act"; then
+      alias act='gh act -s GITHUB_TOKEN="$(gh auth token)"'
+  fi
   ```
 
+> Previously I had issues when using the brew version of act, which seem to be gone 🥳
+>
+> But if you run into kind of the same issues, this is how I used it as a github cli extension:
+>
+> - didnt work properly when installed via brew, so I installed it via GitHub-CLI:
+>
+>   ```bash
+>   gh extension install https://github.com/nektos/gh-act
+>   ```
+>
+> - set an alias:
+>
+>   ```bash
+>   if gh extension list | grep -q "nektos/gh-act"; then
+>     alias act='gh act -s GITHUB_TOKEN="$(gh auth token)"'
+>   fi
+>   ```
+
 - Docker-Desktop settings:
 
   - Advanced:

linux/ubuntu/Dockerfile

@@ -68,9 +68,12 @@ RUN bash -c "$(curl -fsSL https://raw.githubusercontent.com/ilikenwf/apt-fast/ma
     && rm -rf /var/lib/apt/lists/*
 
 # Install current version of git
+# hadolint ignore=SC2035
 RUN add-apt-repository -y ppa:git-core/ppa \
     && apt-get -y update \
-    && apt-get -y install --no-install-recommends git \
+    && apt-get -y install --no-install-recommends \
+        git \
+    && git config --global safe.directory * \
     && apt-get clean \
     && rm -rf /etc/apt/sources.list.d/* \
     && rm -rf /var/lib/apt/lists/*