Add Docker Hub credential validation to all workflows

- Add credential checks to PR validation workflow
  * Check if DOCKER_USERNAME and DOCKER_PASSWORD secrets exist
  * Continue validation even without credentials (expected for forks)
  * Include credential status in PR comments

- Add mandatory credential checks to publishing workflows
  * docker-publish-master.yml: Fail if credentials missing
  * docker-publish-release.yml: Fail if credentials missing
  * publish.yml: Fail if credentials missing
  * Provide clear error messages for missing secrets

- Fix Docker image loading in PR validation
  * Add 'load: true' to build-push-action for local testing
  * Verify image exists before running tests
  * Prevent 'image not found' errors during validation

- Enhance local testing script (docker-test.sh)
  * Check for Docker Hub credentials in environment
  * Detect existing Docker login status
  * Provide helpful warnings for missing credentials

- Update documentation
  * Document credential validation behavior
  * Explain differences between PR validation and publishing
  * Clarify requirements for external contributors

This ensures proper credential management across all Docker workflows
and provides clear feedback when credentials are missing or misconfigured.

Author: fcostaoliveira

.github/workflows/docker-build-pr.yml

@@ -42,12 +42,25 @@ jobs:
         echo "git_dirty=${GIT_DIRTY}" >> $GITHUB_OUTPUT
         echo "short_sha=${GIT_SHA:0:7}" >> $GITHUB_OUTPUT
 
+    - name: Check Docker Hub credentials
+      id: check_credentials
+      run: |
+        if [[ -n "${{ secrets.DOCKER_USERNAME }}" && -n "${{ secrets.DOCKER_PASSWORD }}" ]]; then
+          echo "credentials_available=true" >> $GITHUB_OUTPUT
+          echo "✅ Docker Hub credentials are configured"
+        else
+          echo "credentials_available=false" >> $GITHUB_OUTPUT
+          echo "⚠️ Docker Hub credentials not configured (DOCKER_USERNAME and/or DOCKER_PASSWORD secrets missing)"
+          echo "This is expected for forks and external PRs. Docker build validation will still work."
+        fi
+
     - name: Build Docker image (single platform)
       uses: docker/build-push-action@v5
       with:
         context: .
         platforms: linux/amd64
         push: false
+        load: true
         tags: ${{ env.IMAGE_NAME }}:pr-${{ github.event.number }}
         build-args: |
           GIT_SHA=${{ steps.meta.outputs.git_sha }}
@@ -58,13 +71,23 @@ jobs:
     - name: Test Docker image
       run: |
         echo "Testing Docker image functionality..."
-        
+
+        # Verify image was built
+        if docker images | grep -q "${{ env.IMAGE_NAME }}"; then
+          echo "✅ Docker image built successfully"
+        else
+          echo "❌ Docker image not found"
+          exit 1
+        fi
+
         # Test help command
+        echo "Testing --help command..."
         docker run --rm ${{ env.IMAGE_NAME }}:pr-${{ github.event.number }} --help
-        
+
         # Test version output
+        echo "Testing --version command..."
         docker run --rm ${{ env.IMAGE_NAME }}:pr-${{ github.event.number }} --version
-        
+
         echo "✅ Docker image tests passed!"
 
     - name: Build multi-platform image (validation only)
@@ -85,6 +108,10 @@ jobs:
       uses: actions/github-script@v7
       with:
         script: |
+          const credentialsStatus = '${{ steps.check_credentials.outputs.credentials_available }}' === 'true'
+            ? '✅ Docker Hub credentials configured'
+            : '⚠️ Docker Hub credentials not configured (expected for forks)';
+
           const output = `## 🐳 Docker Build Validation
 
           ✅ **Docker build successful!**
@@ -95,11 +122,14 @@ jobs:
 
           **Git SHA:** \`${{ steps.meta.outputs.git_sha }}\`
 
+          **Docker Hub Status:** ${credentialsStatus}
+
           **Image details:**
           - Single platform: \`${{ env.IMAGE_NAME }}:pr-${{ github.event.number }}\`
           - Multi-platform: \`${{ env.IMAGE_NAME }}:pr-${{ github.event.number }}-multiplatform\`
 
           **Tests performed:**
+          - ✅ Docker Hub credentials check
           - ✅ Help command execution
           - ✅ Version output validation
           - ✅ Multi-platform build validation

.github/workflows/docker-publish-master.yml

@@ -31,6 +31,15 @@ jobs:
     - name: Set up Docker Buildx
       uses: docker/setup-buildx-action@v3
 
+    - name: Check Docker Hub credentials
+      run: |
+        if [[ -z "${{ secrets.DOCKER_USERNAME }}" || -z "${{ secrets.DOCKER_PASSWORD }}" ]]; then
+          echo "❌ Docker Hub credentials not configured!"
+          echo "Please set DOCKER_USERNAME and DOCKER_PASSWORD secrets in repository settings."
+          exit 1
+        fi
+        echo "✅ Docker Hub credentials are configured"
+
     - name: Log in to Docker Hub
       uses: docker/login-action@v3
       with:

.github/workflows/docker-publish-release.yml

@@ -24,6 +24,15 @@ jobs:
     - name: Set up Docker Buildx
       uses: docker/setup-buildx-action@v3
 
+    - name: Check Docker Hub credentials
+      run: |
+        if [[ -z "${{ secrets.DOCKER_USERNAME }}" || -z "${{ secrets.DOCKER_PASSWORD }}" ]]; then
+          echo "❌ Docker Hub credentials not configured!"
+          echo "Please set DOCKER_USERNAME and DOCKER_PASSWORD secrets in repository settings."
+          exit 1
+        fi
+        echo "✅ Docker Hub credentials are configured"
+
     - name: Log in to Docker Hub
       uses: docker/login-action@v3
       with:

.github/workflows/publish.yml

@@ -47,6 +47,15 @@ jobs:
     - name: Set up Docker Buildx
       uses: docker/setup-buildx-action@v3
 
+    - name: Check Docker Hub credentials
+      run: |
+        if [[ -z "${{ secrets.DOCKER_USERNAME }}" || -z "${{ secrets.DOCKER_PASSWORD }}" ]]; then
+          echo "❌ Docker Hub credentials not configured!"
+          echo "Please set DOCKER_USERNAME and DOCKER_PASSWORD secrets in repository settings."
+          exit 1
+        fi
+        echo "✅ Docker Hub credentials are configured"
+
     - name: Log in to Docker Hub
       uses: docker/login-action@v3
       with:

DOCKER_SETUP.md

@@ -27,6 +27,19 @@ To enable automated Docker publishing, you need to configure the following secre
 
 ⚠️ **Important**: Use an access token, not your Docker Hub password, for better security.
 
+### Credential Validation
+
+All Docker publishing workflows include automatic credential validation:
+
+- **PR Validation**: Checks if credentials are available but continues without them (expected for forks)
+- **Master/Release Publishing**: **Requires** credentials and fails if not configured
+- **Local Testing**: Warns if credentials are missing but continues validation
+
+This ensures that:
+- External contributors can still validate Docker builds in PRs
+- Publishing workflows fail fast if credentials are misconfigured
+- Local development works regardless of credential status
+
 ## 🚀 Automated Publishing
 
 Once secrets are configured, Docker images will be automatically published:

docker-test.sh

@@ -36,6 +36,17 @@ FULL_IMAGE_NAME="${IMAGE_NAME}:${TAG}"
 
 print_info "Starting Docker validation tests..."
 
+# Step 0: Check Docker Hub credentials (optional for local testing)
+print_step "Checking Docker Hub credentials..."
+if [[ -n "$DOCKER_USERNAME" && -n "$DOCKER_PASSWORD" ]]; then
+    print_info "✅ Docker Hub credentials found in environment"
+elif docker info | grep -q "Username:"; then
+    print_info "✅ Already logged in to Docker Hub"
+else
+    print_warning "⚠️  Docker Hub credentials not found"
+    print_info "Set DOCKER_USERNAME and DOCKER_PASSWORD environment variables or run 'docker login' for publishing"
+fi
+
 # Step 1: Build the image
 print_step "Building Docker image..."
 if ./docker-build.sh -n "$IMAGE_NAME" -t "$TAG"; then