Add runtime guards: input validation, tool availability check, and GITHUB_STEP_SUMMARY guard

[oto-macenauer-absa]

Feature Description

Three defensive hardening improvements for the action's bash logic:

1. Input validation — validate that warning_days is a positive integer before it is used in arithmetic
2. Tool availability check — verify openssl and jq are present before proceeding
3. GITHUB_STEP_SUMMARY guard — wrap the summary write behind [[ -n "${GITHUB_STEP_SUMMARY:-}" ]] so the script works outside GitHub (e.g. with act)

Problem / Opportunity

• A non-numeric warning_days produces a cryptic bash arithmetic error with no actionable message.
• Missing openssl or jq gives an obscure "command not found" deep in the script rather than a clear early failure.
• When running locally with act or in any environment where GITHUB_STEP_SUMMARY is unset, set -u aborts the script before the summary is printed.

Acceptance Criteria

• Passing warning_days: "abc" emits ::error:: with a clear message and exits 1 immediately
• Missing openssl or jq emits ::error:: naming the missing tool and exits 1 before any cert processing
• Script completes successfully when GITHUB_STEP_SUMMARY is unset (local / act runs)

Proposed Solution

# Tool check
for tool in openssl jq; do
  if ! command -v "$tool" &>/dev/null; then
    echo "::error::Required tool '$tool' is not installed on this runner."
    exit 1
  fi
done

# Input validation
if ! [[ "$WARNING_DAYS" =~ ^[0-9]+$ ]]; then
  echo "::error::warning_days must be a positive integer, got: '$WARNING_DAYS'"
  exit 1
fi

# Step Summary guard
if [[ -n "${GITHUB_STEP_SUMMARY:-}" ]]; then
  { ... } >> "$GITHUB_STEP_SUMMARY"
fi

Dependencies / Related

None.

Additional Context

None.