This seems to be broken on Ubuntu 22.04 at the moment. The system seems
to ship a reasonably modern version (2.34.1), so I think we can make do
with that for now.
In https://github.com/Homebrew/brew/pull/17584 we have changed "linuxbrew" user's UID/GID to 1001 in order to mitigate for Ubuntu 23.04 and higher, which started creating a default "ubuntu" user taking over UID/GID 1000 .
While we may desire a deterministic UID in the homebrew docker image, the change effectively modified the behaviour for all current 3 images based on Ubuntu 18.04 20.04 and 22.04 by changing the linuxbrew's user UID/GID from 1000 to 1001. As per https://hub.docker.com/u/homebrew, we do not currently publish an image for 24.04 which the change is mitigating for.
Rather than mitigating for indeterministic behaviour of upstream changes, this commit implements the workaround in https://bugs.launchpad.net/cloud-images/+bug/2005129 to delete the default "ubuntu" user.
apt installs an ancient `gh` that is missing some important flags. In
particular, we probably do want the `--match-head-commit` flag for the
extra security it gives us.
Because the `WORKDIR` instruction specifies the home directory of the
`linuxbrew` user, there is no need to use absolute paths to reference
paths within the home directory, nor is there a need to call `cd` (this
is actually an anti-pattern [0]) to move into a subdirectory before
creating folders.
[0]: https://github.com/hadolint/hadolint/wiki/DL3003
These are no longer necessary due to the fact that the second `RUN`
instruction runs as the `linuxbrew` user (as of commit
77afe94446e78e688ebde7a5e2b1249fc0a4afcd).
This commit refactors the Dockerfile in order to resolve build errors
caused by attempting to execute `brew` commands as the root user. We
need to create the `/home/linuxbrew/.linuxbrew` folder prior to copying
the local directory into `/home/linuxbrew/.linuxbrew/Homebrew` (and
ensure the appropriate user owns it), as failing to do so will create
`/home/linuxbrew/.linuxbrew` with root user and group ownership, causing
the subsequent `mkdir` command called in the second `RUN` instruction to
fail.
closes#11802
