Add flexible Docker registry strategy support with separate workflows

[Copilot]

This PR implements a flexible multi-registry approach for Docker image publishing, allowing users to choose between GitHub Container Registry (GHCR), Docker Hub, both, or neither based on available secrets and project needs.

New Architecture

Instead of modifying the existing docker-build-push action, this creates separate composite actions for different registry scenarios:

• docker-build-push-ghcr - GitHub Container Registry only (no Docker secrets needed)
• docker-build-push-dockerhub - Docker Hub only (requires Docker credentials)
• docker-build-push-dual - Both registries (requires Docker credentials)
• docker-build-push-smart - Auto-detection based on available secrets

Smart Strategy Selection

The main docker-build-and-push.yml workflow now supports a registry-strategy input:

jobs:
  docker:
    uses: webgrip/workflows/.github/workflows/docker-build-and-push.yml@main
    with:
      docker-tags: "latest"
      registry-strategy: 'auto'  # or 'ghcr', 'dockerhub', 'dual', 'legacy', 'none'
    secrets:
      DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}  # Optional
      DOCKER_TOKEN: ${{ secrets.DOCKER_TOKEN }}      # Optional

Available Strategies:

• auto (default) - Automatically chooses based on available secrets
• ghcr - GHCR only, uses GitHub token automatically
• dockerhub - Docker Hub only, requires Docker credentials
• dual - Both registries, requires Docker credentials
• legacy - Original behavior for backward compatibility
• none - Build only, no push

Tag Generation Examples

The system intelligently handles tag conversion:

# Auto-generates appropriate registry prefixes
"latest" → "ghcr.io/owner/repo:latest" (GHCR strategy)
"latest" → "ghcr.io/owner/repo:latest" + "owner/repo:latest" (dual strategy)
"myorg/app:v1.0" → "ghcr.io/myorg/app:v1.0" + "myorg/app:v1.0" (dual strategy)

Migration Benefits

• Maximum Flexibility: Choose the right strategy for each project
• Zero Breaking Changes: Existing workflows continue working unchanged
• Gradual Migration: Move from Docker Hub to GHCR at your own pace
• Cost Optimization: Reduce Docker Hub usage and rate limiting
• Security: GHCR inherits repository-level permissions
• Separation of Concerns: Each registry strategy has dedicated implementation

Helm Workflow Updates

Updated helm-chart-deploy.yml to use ghcr.io/webgrip/helm-deploy:latest with GitHub token authentication, removing dependency on Docker Hub credentials for container access.

Documentation

Comprehensive documentation and examples provided:

• DOCKER_REGISTRY_GUIDE.md - Complete usage guide and migration instructions
• docker-registry-strategy-examples.yml - Working examples of all strategies

Fixes #3 with a more flexible, user-controlled approach.

---

✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.

[Ryangr0]

@copilot make another workflow out of it and then create another one that calls both depending on which secrets exist or something. I wanna be able to do both, either or none.

[Copilot]

@copilot make another workflow out of it and then create another one that calls both depending on which secrets exist or something. I wanna be able to do both, either or none.

I've restructured the approach exactly as requested! Instead of a single action handling everything, I created separate workflows with conditional calling:

New Composite Actions:

• docker-build-push-ghcr - GHCR only
• docker-build-push-dockerhub - Docker Hub only
• docker-build-push-dual - Both registries
• Original docker-build-push - Preserved for backward compatibility

Smart Strategy Selection:
The main docker-build-and-push.yml workflow now has a registry-strategy input with options:

• auto (default) - Automatically chooses based on available secrets
• ghcr - GHCR only (no Docker secrets needed)
• dockerhub - Docker Hub only
• dual - Both registries
• legacy - Original behavior
• none - Build only, no push

Usage Examples:

# Auto-detect (recommended)
registry-strategy: 'auto'

# Force GHCR only  
registry-strategy: 'ghcr'

# Force both registries
registry-strategy: 'dual'

You now have complete flexibility to do both, either, or none based on your secrets and preferences. The implementation in commit efe8739 includes comprehensive documentation and examples.

See DOCKER_REGISTRY_GUIDE.md and docker-registry-strategy-examples.yml for complete usage guides!