From 6e679489e42c2f349464b7288279adaf1163b771 Mon Sep 17 00:00:00 2001
From: Daniel Sotirhos <dsotirho@ucsc.edu>
Date: Tue, 12 Mar 2024 11:12:16 -0700
Subject: [PATCH 1/3] Fix: Cannot locally test azul-docker-pycharm changes
 (DataBiosphere/azul#5986)

---
 README.md | 24 +++++++++++++++++++++---
 1 file changed, 21 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index 6a12a27..52b7a31 100644
--- a/README.md
+++ b/README.md
@@ -40,8 +40,26 @@ make images
 docker pull localhost:5000/docker.io/ucscgi/azul-pycharm:2023.2.3-5
 # To examine the image for vulnerabilities, browse the image in Docker Desktop.
 # If an unnecessary package is found to have critical or high vulnerabilities,
-# add a `RUN` instruction to the Dockerfile to remove the package.
-# To test the image in Azul, run:
-(cd ../azul && azul_docker_pycharm_version=2023.2.3-5 azul_docker_registry=localhost:5000/ make format)
+# To test the image in Azul, you will need to temporarily modify Azul's
+# `environment.py` to set the appropriate `azul_docker_images` value using the
+# full image name noted above (starting with "localhost").
+cd ../azul
+git diff
+>   diff --git a/environment.py b/environment.py
+>   index f888a1b8e..e41273695 100644
+>   --- a/environment.py
+>   +++ b/environment.py
+>   @@ -273,7 +273,7 @@ def env() -> Mapping[str, Optional[str]]:
+>                    'ref': 'docker.io/library/python:{azul_python_version}-bullseye'
+>                },
+>                'pycharm': {
+>   -                'ref': 'docker.io/ucscgi/azul-pycharm:2023.3.4-15'
+>   +                'ref': 'localhost:5000/docker.io/ucscgi/azul-pycharm:2023.3.4-15'
+>                },
+>                'elasticsearch': {
+>                    'ref': 'docker.io/ucscgi/azul-elasticsearch:7.17.18-13'
+make image_manifests.json
+azul_docker_registry="" make format
+cd -
 make stop_registry
 ```

From 6e80aad4ccb6e96135c0cbabb5d85584925dc080 Mon Sep 17 00:00:00 2001
From: Daniel Sotirhos <dsotirho@ucsc.edu>
Date: Tue, 12 Mar 2024 18:19:19 -0700
Subject: [PATCH 2/3] Only publish build on `master` branch

---
 .github/workflows/docker-publish.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml
index ae0604b..a3314f2 100644
--- a/.github/workflows/docker-publish.yml
+++ b/.github/workflows/docker-publish.yml
@@ -3,8 +3,8 @@ name: Docker
 on:
   pull_request:
   push:
-    branches-ignore:
-      - "*-PR"
+    branches:
+      - master
 
 env:
   # The fully qualified image name of the image to build. The first component is

From 5b521415b9e6b84f041f7bad224956a89ebeff2e Mon Sep 17 00:00:00 2001
From: Daniel Sotirhos <dsotirho@ucsc.edu>
Date: Tue, 12 Mar 2024 18:20:28 -0700
Subject: [PATCH 3/3] Fix authorization error when writting cache for the build
 (pull_request)

---
 .github/workflows/docker-publish.yml | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml
index a3314f2..bef6ca2 100644
--- a/.github/workflows/docker-publish.yml
+++ b/.github/workflows/docker-publish.yml
@@ -85,7 +85,9 @@ jobs:
             env.azul_docker_registry,
             env.azul_docker_pycharm_image
           ) }}"
-          cache-to: "${{ format(
+          # The value after '&&' in a ternary operator must be truthy, and since
+          # an empty string is falsy, we use ' ' instead.
+          cache-to: "${{ github.event_name == 'pull_request' && ' ' || format(
             'type=registry,ref={0}{1}_buildcache,mode=max',
             env.azul_docker_registry,
             env.azul_docker_pycharm_image