fix: change vault secrets to inputs

action.yml

@@ -1,8 +1,15 @@
 ---
-name: 'Setup Java environment'
-description: 'Initialise Java Environment and retrieve secrets from Vault'
+name: Setup Java environment
+description: Initialize Java Environment and retrieve secrets from Vault
+inputs:
+  vault-role-id:
+    description: Role ID of Approle
+    required: true
+  vault-secret-id:
+    description: Secret ID of Approle
+    required: true
 runs:
-  using: 'composite'
+  using: composite
   steps:
     - name: Import Secrets
       id: import-secrets
@@ -11,8 +18,8 @@ runs:
         url: https://vault.w9r.dev
         method: approle
         role: forgejo-ci
-        roleId: "${{ secrets.VAULT_ROLE_ID }}"
-        secretId: "${{ secrets.VAULT_SECRET_ID }}"
+        roleId: ${{ inputs.vault-role-id }}
+        secretId: ${{ inputs.vault-secret-id }}
         secrets: |
           kv/data/ci/nexus username | NEXUS_USERNAME ;
           kv/data/ci/nexus password | NEXUS_PASSWORD ;
@@ -29,6 +36,7 @@ runs:
           kv/data/ci/sonarqube sonarHost | SONARQUBE_HOST ;
 
     - name: Set up Environment
+      shell: bash
       run: |
         apt update
         apt install -y zip
@@ -119,9 +127,9 @@ runs:
     - name: Setup Java
       uses: https://github.com/actions/setup-java@v4
       with:
-        distribution: 'temurin' # See 'Supported distributions' for available options
-        java-version: '21'
-        cache: 'maven'
+        distribution: temurin # See 'Supported distributions' for available options
+        java-version: 21
+        cache: maven
         check-latest: true
 
 
@@ -135,6 +143,7 @@ runs:
         git_commit_gpgsign: true
 
     - name: GPG user IDs
+      shell: bash
       run: |
         echo "fingerprint: ${{ steps.import-gpg.outputs.fingerprint }}"
         echo "keyid:       ${{ steps.import-gpg.outputs.keyid }}"