From 74e27a91275c530e7bad5eb5f96d5d23f4141010 Mon Sep 17 00:00:00 2001
From: Ruoyu Zhong <zhongruoyu@outlook.com>
Date: Mon, 26 Aug 2024 12:08:14 +0800
Subject: [PATCH 1/2] workflow/tests: move Docker tests to `docker.yml`

It's more intuitive that way.
---
 .github/workflows/docker.yml | 50 ++++++++++++++++++++++++++----------
 .github/workflows/tests.yml  | 37 --------------------------
 2 files changed, 37 insertions(+), 50 deletions(-)

diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml
index fae55e6d5642c..28febbb7551e8 100644
--- a/.github/workflows/docker.yml
+++ b/.github/workflows/docker.yml
@@ -1,23 +1,21 @@
 name: Docker
+
 on:
   pull_request:
-    paths:
-      - .github/workflows/docker.yml
-      - Dockerfile
   push:
-    paths:
-      - .github/workflows/docker.yml
-      - Dockerfile
-    branches-ignore:
+    branches:
       - master
+  merge_group:
   release:
     types:
       - published
+
 permissions:
   contents: read
+
 jobs:
   ubuntu:
-    if: startsWith(github.repository, 'Homebrew/')
+    if: github.repository_owner == 'Homebrew'
     runs-on: ubuntu-22.04
     strategy:
       fail-fast: false
@@ -52,28 +50,44 @@ jobs:
       - name: Run brew test-bot --only-setup
         run: docker run --rm brew brew test-bot --only-setup
 
+      - name: Log in to GitHub Packages
+        if: >
+          github.event_name == 'release' ||
+          (github.event_name == 'push' && github.ref == 'refs/heads/master')
+        run: |
+          echo "$TOKEN" | docker login ghcr.io -u BrewTestBot --password-stdin
+        env:
+          TOKEN: ${{secrets.HOMEBREW_BREW_GITHUB_PACKAGES_TOKEN}}
+
+      - name: Log in to Docker Hub
+        if: >
+          github.event_name == 'release' ||
+          (github.event_name == 'push' && github.ref == 'refs/heads/master')
+        run: |
+          echo "$TOKEN" | docker login -u brewtestbot --password-stdin
+        env:
+          TOKEN: ${{secrets.HOMEBREW_BREW_DOCKER_TOKEN}}
+
       - name: Deploy the tagged Docker image to GitHub Packages
-        if: startsWith(github.ref, 'refs/tags/')
+        if: github.event_name == 'release'
         run: |
           brew_version="${GITHUB_REF:10}"
           echo "brew_version=${brew_version}" >> "${GITHUB_ENV}"
-          echo ${{secrets.HOMEBREW_BREW_GITHUB_PACKAGES_TOKEN}} | docker login ghcr.io -u BrewTestBot --password-stdin
           docker tag brew "ghcr.io/homebrew/ubuntu${{matrix.version}}:${brew_version}"
           docker push "ghcr.io/homebrew/ubuntu${{matrix.version}}:${brew_version}"
           docker tag brew "ghcr.io/homebrew/ubuntu${{matrix.version}}:latest"
           docker push "ghcr.io/homebrew/ubuntu${{matrix.version}}:latest"
 
       - name: Deploy the tagged Docker image to Docker Hub
-        if: startsWith(github.ref, 'refs/tags/')
+        if: github.event_name == 'release'
         run: |
-          echo ${{secrets.HOMEBREW_BREW_DOCKER_TOKEN}} | docker login -u brewtestbot --password-stdin
           docker tag brew "homebrew/ubuntu${{matrix.version}}:${brew_version}"
           docker push "homebrew/ubuntu${{matrix.version}}:${brew_version}"
           docker tag brew "homebrew/ubuntu${{matrix.version}}:latest"
           docker push "homebrew/ubuntu${{matrix.version}}:latest"
 
       - name: Deploy the homebrew/brew Docker image to GitHub Packages and Docker Hub
-        if: startsWith(github.ref, 'refs/tags/') && matrix.version == '22.04'
+        if: github.event_name == 'release' && matrix.version == '22.04'
         run: |
           docker tag brew "ghcr.io/homebrew/brew:${brew_version}"
           docker push "ghcr.io/homebrew/brew:${brew_version}"
@@ -83,3 +97,13 @@ jobs:
           docker push "homebrew/brew:${brew_version}"
           docker tag brew "homebrew/brew:latest"
           docker push "homebrew/brew:latest"
+
+      - name: Deploy the homebrew/ubuntu22.04:master Docker image to GitHub Packages and Docker Hub
+        if: >
+          github.event_name == 'push' && github.ref == 'refs/heads/master' &&
+          matrix.version == '22.04'
+        run: |
+          docker tag brew "ghcr.io/homebrew/ubuntu22.04:master"
+          docker push "ghcr.io/homebrew/ubuntu22.04:master"
+          docker tag brew "homebrew/ubuntu22.04:master"
+          docker push "homebrew/ubuntu22.04:master"
diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
index 79d48a7700b8b..c85bdc074262a 100644
--- a/.github/workflows/tests.yml
+++ b/.github/workflows/tests.yml
@@ -211,43 +211,6 @@ jobs:
         working-directory: ${{ steps.set-up-homebrew.outputs.repository-path }}
         run: git diff --stat --exit-code Library/Homebrew/vendor/bundle/ruby
 
-  docker:
-    needs: syntax
-    runs-on: ubuntu-22.04
-    steps:
-      - name: Set up Homebrew
-        id: set-up-homebrew
-        uses: Homebrew/actions/setup-homebrew@master
-        with:
-          core: false
-          cask: false
-          test-bot: false
-
-      - name: Build Docker image
-        working-directory: ${{ steps.set-up-homebrew.outputs.repository-path }}
-        run: |
-          docker build -t brew --build-arg=version=22.04 \
-               --label org.opencontainers.image.created="$(date --rfc-3339=seconds --utc)" \
-               --label org.opencontainers.image.url="https://brew.sh" \
-               --label org.opencontainers.image.documentation="https://docs.brew.sh" \
-               --label org.opencontainers.image.source="https://github.com/${GITHUB_REPOSITORY}" \
-               --label org.opencontainers.image.revision="${GITHUB_SHA}" \
-               --label org.opencontainers.image.vendor="${GITHUB_REPOSITORY_OWNER}" \
-               --label org.opencontainers.image.licenses="BSD-2-Clause" \
-               .
-
-      - name: Deploy the Docker image to GitHub Packages and Docker Hub
-        if: github.ref == 'refs/heads/master'
-        run: |
-          echo ${{secrets.HOMEBREW_BREW_GITHUB_PACKAGES_TOKEN}} |
-            docker login ghcr.io -u BrewTestBot --password-stdin
-          docker tag brew "ghcr.io/homebrew/ubuntu22.04:master"
-          docker push "ghcr.io/homebrew/ubuntu22.04:master"
-          echo ${{secrets.HOMEBREW_BREW_DOCKER_TOKEN}} |
-            docker login -u brewtestbot --password-stdin
-          docker tag brew "homebrew/ubuntu22.04:master"
-          docker push "homebrew/ubuntu22.04:master"
-
   update-test:
     name: ${{ matrix.name }}
     runs-on: ${{ matrix.runs-on }}

From e7e244e6c285fe23650f64415b9810a24d2d9bb4 Mon Sep 17 00:00:00 2001
From: Ruoyu Zhong <zhongruoyu@outlook.com>
Date: Mon, 26 Aug 2024 12:56:29 +0800
Subject: [PATCH 2/2] workflows/docker: tweak syntax

Co-authored-by: Carlo Cabrera <30379873+carlocab@users.noreply.github.com>
---
 .github/workflows/docker.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml
index 28febbb7551e8..0d69252162e7d 100644
--- a/.github/workflows/docker.yml
+++ b/.github/workflows/docker.yml
@@ -55,7 +55,7 @@ jobs:
           github.event_name == 'release' ||
           (github.event_name == 'push' && github.ref == 'refs/heads/master')
         run: |
-          echo "$TOKEN" | docker login ghcr.io -u BrewTestBot --password-stdin
+          docker login ghcr.io -u BrewTestBot --password-stdin <<<"$TOKEN"
         env:
           TOKEN: ${{secrets.HOMEBREW_BREW_GITHUB_PACKAGES_TOKEN}}
 
@@ -64,7 +64,7 @@ jobs:
           github.event_name == 'release' ||
           (github.event_name == 'push' && github.ref == 'refs/heads/master')
         run: |
-          echo "$TOKEN" | docker login -u brewtestbot --password-stdin
+          docker login -u brewtestbot --password-stdin <<<"$TOKEN"
         env:
           TOKEN: ${{secrets.HOMEBREW_BREW_DOCKER_TOKEN}}