docs: update documentation for macaron action

[Demolus13]

Summary

Description of changes

Related issues

Checklist

• I have reviewed the contribution guide.
• My PR title and commits follow the Conventional Commits convention.
• My commits include the "Signed-off-by" line.
• I have signed my commits following the instructions provided by GitHub. Note that we run GitHub's commit verification tool to check the commit signatures. A green verified label should appear next to all of your commits on GitHub.
• I have updated the relevant documentation, if applicable.
• I have tested my changes and verified they work as expected.

[behnazh-w]

Suggested change

	- uses: oracle/macaron@v1
	- uses: oracle/macaron@v0.21.0

[behnazh-w]

Let's use an existing policy for this example, and also enable attestation.

[behnazh-w]

Suggested change

	## Quick Action Usage
	Use Macaron as a GitHub Action

[behnazh-w]

Suggested change

	To use the macaron action you can reference it in your workflow.
	To use the Macaron GitHub Action, add the following step to your workflow:

[behnazh-w]

Add a sentence after the example like:

For detailed instructions and a comprehensive list of available options, please refer to the Macaron GitHub Action documentation .

[behnazh-w]

Suggested change

	[Full Documentation](https://oracle.github.io/macaron/index.html) | [Tutorials](https://oracle.github.io/macaron/pages/tutorials/index.html) | [Videos](https://www.youtube.com/watch?v=ebo0kGKP6bw) | [Papers](#publications) | [Presentations](#presentations) | [Action](https://oracle.github.io/macaron/pages/macaron_action.html)
	[Full Documentation](https://oracle.github.io/macaron/index.html) | [Tutorials](https://oracle.github.io/macaron/pages/tutorials/index.html) | [Videos](https://www.youtube.com/watch?v=ebo0kGKP6bw) | [Papers](#publications) | [Presentations](#presentations) | [Macaron GitHub Action](https://oracle.github.io/macaron/pages/macaron_action.html)

[behnazh-w]

This needs to be downloaded from the release tag, otherwise it will always be latest and downloaded from the default branch, even if the users call the action with a specific tag.

[behnazh-w]

If you don't set the MACARON_IMAGE_TAG environment variable, this script will always run the latest, which is not what we want. We should check what tag the action is called for and this env variable.

[behnazh-w]

The user already provides the tag or hash by calling oracle/macaron@<tag-or-hash>. We shouldn't again ask for the image tag.

To get the tag, you can try a script like this

#!/bin/bash

ref="$GITHUB_REF"

# Default value for TAG.
TAG=""

if [[ "$ref" == refs/tags/* ]]; then
    TAG="${ref#refs/tags/}"
    echo "Ref is a tag: $TAG"
else
    sha="$GITHUB_SHA"
    if [[ -z "$sha" ]]; then
        sha="$ref"
    fi

    # Check for tags pointing directly at the SHA.
    tags=$(git tag --points-at "$sha")
    if [[ -n "$tags" ]]; then
        # Get the first tag (main or first one listed)
        TAG="$(echo "$tags" | head -n1)"
        echo "Commit $sha matches tag: $TAG"
    else
        # Search all tags that contain the commit (could be ancestor).
        history_tags=$(git tag --contains "$sha")
        if [[ -n "$history_tags" ]]; then
            TAG="$(echo "$history_tags" | head -n1)"
            echo "Commit $sha is contained by tag: $TAG"
        else
            echo "No tags found for commit $sha"
        fi
    fi
fi