feat: add `ref` input to support deploying from a specific commit

[DerekRoberts]

Problem

When commit-to-package is invoked, it walks back from HEAD. This works correctly
for standard deploys (release triggers check out the tag, so HEAD = the release commit).

However, if a newer release fails and you need to redeploy an older release, the checkout
at that older tag gets fetch-depth: 1 — only one commit. The action inspects that
commit, finds its image, and deploys it. So far so good.

The problem is that this relies entirely on implicit behavior (wherever HEAD happens to
be). There's no way for a caller to explicitly say "resolve the image for THIS commit",
independent of what the checkout is doing. This makes the workflow harder to reason about
and impossible to override without restructuring the checkout step.

Proposed solution

Add an optional ref input that, when provided, starts the history traversal from that
specific SHA instead of HEAD:

- uses: bcgov/actions/commit-to-package@main
  with:
    package: vexilon
    ref: ${{ github.sha }}   # explicit: resolve image for this release's commit
    token: ${{ github.token }}

Internally, the walk would become:

REVISIONS=$(git rev-list --max-count="$MAX_DEPTH" "${INPUT_REF:-HEAD}")

Why this matters

• Makes rollback deploys unambiguous — point ref at the older release tag's SHA
• Makes the workflow self-documenting — intent is explicit rather than implicit
• Enables future use cases where the caller's checkout ref and the desired resolution
  ref differ (e.g. a centralised deploy workflow running against multiple repos)

Acceptance criteria

• ref input added to action.yml (optional, defaults to HEAD)
• History traversal uses ref when provided
• Unit test covers non-HEAD ref resolution
• Functional test verifies an older commit resolves correctly