Add GitHub actions workflow to automaticall build and push Docker images

[arctic-alpaca]

This PR adds a workflow to automatically build and push docker images to Dockerhub on build and release. The workflow is based on the Dockerfile from #163 and only works on that base.

The Mosquitto versions can be adjusted with the MOSQUITTO_VERSION_1 and MOSQUITTO_VERSION_2 environment variables. These need to be adjusted manually since I didn't find a way to automatically track the latest 1.x and 2.x release.
The sed command replaces the Mosquitto version part in the Dockerfile with the version from the env variables, if the line in the Dockerfile get's changed, the DOCKERFILE_MOSQUITTO_VERSION variable needs to be adjusted too.

The image naming can be adjusted with the MOSQUITTO_VERSION_SUFFIX and MOSQUITTO_VERSION_1 and MOSQUITTO_VERSION_2 environment variables. These are added after the version tag on release (1.5.0-mosquitto_1.6.14) or to latest on push (latest-mosquitto_1.6.14).
latest is equivalent to the latest build with Mosquitto version 2.x.

The DOCKERHUB_REPO environment variable defines to which repo on Dockerhub the Docker images get pushed.

To use this workflow, you need to add your Dockerhub username (DOCKERHUB_USERNAME) and a Dockerhub access token (DOCKERHUB_TOKEN) to your Github repository secrets. Please be aware that the name of the secrets must be identical to the variable names used in the workflow.
Here are two ressources how to add the needed secrets to your repository:

• https://docs.github.com/en/actions/reference/encrypted-secrets#creating-encrypted-secrets-for-a-repository
• https://docs.docker.com/docker-hub/access-tokens/

All used actions besides the sed command are from either Github or Docker themselves.

If you got any questions or concerns, I'll do my best to answer them. One word of caution which you probably already know: Don't activate Github action workflows for pull requests without prior approval from you.
This isn't really related to this pr, but since I kinda introduced Github actions into this repo, I feel obligated to mention it.

[iegomez]

Awesome! We had some issues yesterday and today at work, so I had zero time to take a look, but will try to do so tomorrow or on Friday.

Thanks!

[iegomez]

Hey, @arctic-alpaca , sorry for the terrible delay, I've been quite busy.

I already added secrets but am not sure how to:

Don't activate Github action workflows for pull requests without prior approval from you.

I can see settings to restrict which actions may run, but not to limit them to approval on my part. Can you give me a hand with that?
I also removed any collaborator access to the repo for now as I believe the secrets are visible to them.

[arctic-alpaca]

sorry for the terrible delay, I've been quite busy.

No worries at all, I know that all to well.

I can see settings to restrict which actions may run, but not to limit them to approval on my part. Can you give me a hand with that?

I was mistaken, pull request from first time contributors don't run workflows by default:
https://docs.github.com/en/actions/managing-workflow-runs/approving-workflow-runs-from-public-forks

Don't activate Github action workflows for pull requests without prior approval from you.

This was intended as a general warning/heads up. The current workflow only runs on push and release as indicated by these lines: https://github.com/iegomez/mosquitto-go-auth/pull/179/files#diff-7bd8248e84cb2735fc822448c1745f71f7c40a361b2b6d63beefc1d64f4f6ffaR3-R6

As long as you don't add workflows which are intended to be run on pull requests, you don't need to worry about this.

I also removed any collaborator access to the repo for now as I believe the secrets are visible to them.

This didn't come up in my usage of Github Actions/Secrets. Sorry for not mentioning this.

[iegomez]

@arctic-alpaca Cool, thanks for your quick answer. Sounds like we're good then, let's give it a spin.