From 62c44f82e51bef180373cf0ce0c065720f3cf684 Mon Sep 17 00:00:00 2001 From: Florent Morselli Date: Tue, 23 Dec 2025 14:17:29 +0100 Subject: [PATCH 1/4] Enhance Dockerfile with new libraries and PIE usage Updated Dockerfile to include additional libraries and improve PHP extension installation process. --- Dockerfile | 27 ++++++++++++++------------- 1 file changed, 14 insertions(+), 13 deletions(-) diff --git a/Dockerfile b/Dockerfile index bd27cd3..8d9cb97 100644 --- a/Dockerfile +++ b/Dockerfile @@ -11,6 +11,10 @@ RUN apt-get update && apt-get install -y --no-install-recommends \ build-essential \ autoconf \ librabbitmq-dev \ + libmagickwand-dev \ + libmagickcore-dev \ + libbrotli-dev \ + libzstd-dev \ git \ curl \ tar \ @@ -20,6 +24,10 @@ RUN apt-get update && apt-get install -y --no-install-recommends \ && curl -fsSL https://github.com/mlocati/docker-php-extension-installer/releases/latest/download/install-php-extensions \ -o /usr/local/bin/install-php-extensions \ && chmod +x /usr/local/bin/install-php-extensions \ + # Install PIE + && curl -fsSL https://github.com/php/pie/releases/latest/download/pie.phar \ + -o /usr/local/bin/pie \ + && chmod +x /usr/local/bin/pie \ # Install PHP extensions (compiled / bundled) && install-php-extensions \ @composer \ @@ -38,18 +46,8 @@ RUN apt-get update && apt-get install -y --no-install-recommends \ uuid \ xsl \ xml \ - # Clean up build dependencies and caches - && docker-php-source delete \ - && apt-get purge -y --auto-remove build-essential autoconf librabbitmq-dev \ - && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /usr/local/bin/install-php-extensions - -# Install PIE -RUN curl -fsSL https://github.com/php/pie/releases/latest/download/pie.phar \ - -o /usr/local/bin/pie \ - && chmod +x /usr/local/bin/pie - -# Install PHP extensions via PIE when available -RUN pie install \ + # Install PHP extensions via PIE when available + && pie install \ apcu/apcu \ imagick/imagick \ phpredis/phpredis \ @@ -58,7 +56,10 @@ RUN pie install \ kjdev/zstd \ xdebug/xdebug \ && docker-php-ext-enable apcu imagick redis amqp brotli zstd xdebug \ - && rm -rf /tmp/* /var/tmp/* + # Clean up build dependencies and caches + && docker-php-source delete \ + && apt-get purge -y --auto-remove build-essential autoconf librabbitmq-dev libmagickwand-dev libmagickcore-dev libbrotli-dev libzstd-dev \ + && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /usr/local/bin/install-php-extensions # Install global PHPStan tools (clear cache after) RUN composer global bin phpstan require \ From df2cd30e6f131ef21071ffd14446d919bd0c392b Mon Sep 17 00:00:00 2001 From: Florent Morselli Date: Tue, 23 Dec 2025 14:20:11 +0100 Subject: [PATCH 2/4] Limit CI workflow to main branch Restrict CI workflow to main branch for push and pull requests. --- .github/workflows/docker.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index ef40edf..630ae9b 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -2,8 +2,9 @@ name: CI & Build PHPQA on: push: - branches: ["*"] - tags: ["*"] + branches: ["main"] + pull_request: + branches: ["main"] workflow_dispatch: schedule: - cron: '19 2 * * 0' From 02229c5fc1abc36c2d91adf1cda5135232030fb6 Mon Sep 17 00:00:00 2001 From: Florent Morselli Date: Tue, 23 Dec 2025 14:25:18 +0100 Subject: [PATCH 3/4] Refactor Dockerfile for better organization and cleanup Refactor Dockerfile to improve structure and clarity by separating installation steps and cleaning up build dependencies more effectively. --- Dockerfile | 158 +++++++++++++++++++++++++++++++++++------------------ 1 file changed, 106 insertions(+), 52 deletions(-) diff --git a/Dockerfile b/Dockerfile index 8d9cb97..c86378b 100644 --- a/Dockerfile +++ b/Dockerfile @@ -6,30 +6,51 @@ LABEL maintainer="Florent Morselli " USER root -# Install all dependencies in a single layer to reduce image size -RUN apt-get update && apt-get install -y --no-install-recommends \ - build-essential \ - autoconf \ - librabbitmq-dev \ - libmagickwand-dev \ - libmagickcore-dev \ - libbrotli-dev \ - libzstd-dev \ - git \ - curl \ - tar \ - wget \ - && docker-php-source extract \ - # Add install-php-extensions - && curl -fsSL https://github.com/mlocati/docker-php-extension-installer/releases/latest/download/install-php-extensions \ - -o /usr/local/bin/install-php-extensions \ - && chmod +x /usr/local/bin/install-php-extensions \ - # Install PIE - && curl -fsSL https://github.com/php/pie/releases/latest/download/pie.phar \ - -o /usr/local/bin/pie \ - && chmod +x /usr/local/bin/pie \ - # Install PHP extensions (compiled / bundled) - && install-php-extensions \ +# ------------------------------------------------------------ +# Base system dependencies +# ------------------------------------------------------------ +RUN set -eux; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + build-essential \ + autoconf \ + librabbitmq-dev \ + libmagickwand-dev \ + libmagickcore-dev \ + libbrotli-dev \ + libzstd-dev \ + git \ + curl \ + tar \ + wget + +# ------------------------------------------------------------ +# PHP source (required for extensions) +# ------------------------------------------------------------ +RUN set -eux; \ + docker-php-source extract + +# ------------------------------------------------------------ +# install-php-extensions helper +# ------------------------------------------------------------ +RUN set -eux; \ + curl -fsSL https://github.com/mlocati/docker-php-extension-installer/releases/latest/download/install-php-extensions \ + -o /usr/local/bin/install-php-extensions; \ + chmod +x /usr/local/bin/install-php-extensions + +# ------------------------------------------------------------ +# PIE +# ------------------------------------------------------------ +RUN set -eux; \ + curl -fsSL https://github.com/php/pie/releases/latest/download/pie.phar \ + -o /usr/local/bin/pie; \ + chmod +x /usr/local/bin/pie + +# ------------------------------------------------------------ +# Core PHP extensions (non-PIE) +# ------------------------------------------------------------ +RUN set -eux; \ + install-php-extensions \ @composer \ intl \ zip \ @@ -45,51 +66,84 @@ RUN apt-get update && apt-get install -y --no-install-recommends \ opcache \ uuid \ xsl \ - xml \ - # Install PHP extensions via PIE when available - && pie install \ - apcu/apcu \ - imagick/imagick \ - phpredis/phpredis \ - php-amqp/php-amqp \ - kjdev/brotli \ - kjdev/zstd \ - xdebug/xdebug \ - && docker-php-ext-enable apcu imagick redis amqp brotli zstd xdebug \ - # Clean up build dependencies and caches - && docker-php-source delete \ - && apt-get purge -y --auto-remove build-essential autoconf librabbitmq-dev libmagickwand-dev libmagickcore-dev libbrotli-dev libzstd-dev \ - && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /usr/local/bin/install-php-extensions - -# Install global PHPStan tools (clear cache after) + xml + +# ------------------------------------------------------------ +# PIE extensions (one RUN so you see exactly which fails) +# ------------------------------------------------------------ +RUN set -eux; pie install apcu/apcu +RUN set -eux; pie install imagick/imagick +RUN set -eux; pie install phpredis/phpredis +RUN set -eux; pie install php-amqp/php-amqp +RUN set -eux; pie install kjdev/brotli +RUN set -eux; pie install kjdev/zstd +RUN set -eux; pie install xdebug/xdebug + +# ------------------------------------------------------------ +# Enable extensions +# ------------------------------------------------------------ +RUN set -eux; \ + docker-php-ext-enable \ + apcu \ + imagick \ + redis \ + amqp \ + brotli \ + zstd \ + xdebug + +# ------------------------------------------------------------ +# Cleanup build deps +# ------------------------------------------------------------ +RUN set -eux; \ + docker-php-source delete; \ + apt-get purge -y --auto-remove \ + build-essential \ + autoconf \ + librabbitmq-dev \ + libmagickwand-dev \ + libmagickcore-dev \ + libbrotli-dev \ + libzstd-dev; \ + rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /usr/local/bin/install-php-extensions + +# ------------------------------------------------------------ +# Global PHPStan tools +# ------------------------------------------------------------ RUN composer global bin phpstan require \ php-static-analysis/phpstan-extension \ staabm/phpstan-todo-by \ struggle-for-php/sfp-phpstan-psr-log \ phpstan/phpstan-deprecation-rules \ phpstan/phpstan-strict-rules \ - --no-scripts --no-interaction --no-suggest \ + --no-scripts --no-interaction --no-suggest \ && composer global clear-cache -# Install phpunit plugins (clear cache after) +# ------------------------------------------------------------ +# PHPUnit plugins +# ------------------------------------------------------------ RUN composer global bin phpunit require \ - ergebnis/phpunit-slow-test-detector \ - digitalrevolution/phpunit-extensions \ - symfony/browser-kit:"^6.4|^7.0|^8.0" \ - symfony/css-selector:"^6.4|^7.0|^8.0" \ - zenstruck/foundry:"^2.8" \ - --no-scripts --no-interaction --no-suggest \ + ergebnis/phpunit-slow-test-detector \ + digitalrevolution/phpunit-extensions \ + symfony/browser-kit:"^6.4|^7.0|^8.0" \ + symfony/css-selector:"^6.4|^7.0|^8.0" \ + zenstruck/foundry:"^2.8" \ + --no-scripts --no-interaction --no-suggest \ && composer global clear-cache -# Install standalone tools in a single layer +# ------------------------------------------------------------ +# Standalone tools +# ------------------------------------------------------------ RUN curl -sSL https://castor.jolicode.com/install | bash \ && chmod +x ~/.local/bin/castor \ && mv ~/.local/bin/castor /usr/local/bin/castor \ && rm -rf /tmp/* /var/tmp/* -# Fix permissions for /tools directory to allow cache operations +# ------------------------------------------------------------ +# Permissions +# ------------------------------------------------------------ RUN chown -R 1001:1001 /tools \ && chmod -R 755 /tools -# Reset permissions to default non-root user (1001 as per your workflow) USER 1001 + From d8d045df0b2aea09692b4ede14c4d5310398b457 Mon Sep 17 00:00:00 2001 From: Florent Morselli Date: Tue, 23 Dec 2025 14:30:49 +0100 Subject: [PATCH 4/4] Enhance Dockerfile with new PHP extensions and tools Updated Dockerfile to install additional PHP extensions and tools, and adjusted comments for clarity. --- Dockerfile | 37 +++++++++++++++---------------------- 1 file changed, 15 insertions(+), 22 deletions(-) diff --git a/Dockerfile b/Dockerfile index c86378b..c4e9453 100644 --- a/Dockerfile +++ b/Dockerfile @@ -52,11 +52,13 @@ RUN set -eux; \ RUN set -eux; \ install-php-extensions \ @composer \ + apcu \ intl \ zip \ pdo_pgsql \ gmp \ gd \ + amqp \ fileinfo \ ftp \ iconv \ @@ -69,12 +71,10 @@ RUN set -eux; \ xml # ------------------------------------------------------------ -# PIE extensions (one RUN so you see exactly which fails) +# PIE extensions # ------------------------------------------------------------ -RUN set -eux; pie install apcu/apcu RUN set -eux; pie install imagick/imagick RUN set -eux; pie install phpredis/phpredis -RUN set -eux; pie install php-amqp/php-amqp RUN set -eux; pie install kjdev/brotli RUN set -eux; pie install kjdev/zstd RUN set -eux; pie install xdebug/xdebug @@ -107,43 +107,36 @@ RUN set -eux; \ libzstd-dev; \ rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /usr/local/bin/install-php-extensions -# ------------------------------------------------------------ -# Global PHPStan tools -# ------------------------------------------------------------ +# Install global PHPStan tools (clear cache after) RUN composer global bin phpstan require \ php-static-analysis/phpstan-extension \ staabm/phpstan-todo-by \ struggle-for-php/sfp-phpstan-psr-log \ phpstan/phpstan-deprecation-rules \ phpstan/phpstan-strict-rules \ - --no-scripts --no-interaction --no-suggest \ + --no-scripts --no-interaction --no-suggest \ && composer global clear-cache -# ------------------------------------------------------------ -# PHPUnit plugins -# ------------------------------------------------------------ +# Install phpunit plugins (clear cache after) RUN composer global bin phpunit require \ - ergebnis/phpunit-slow-test-detector \ - digitalrevolution/phpunit-extensions \ - symfony/browser-kit:"^6.4|^7.0|^8.0" \ - symfony/css-selector:"^6.4|^7.0|^8.0" \ - zenstruck/foundry:"^2.8" \ - --no-scripts --no-interaction --no-suggest \ + ergebnis/phpunit-slow-test-detector \ + digitalrevolution/phpunit-extensions \ + symfony/browser-kit:"^6.4|^7.0|^8.0" \ + symfony/css-selector:"^6.4|^7.0|^8.0" \ + zenstruck/foundry:"^2.8" \ + --no-scripts --no-interaction --no-suggest \ && composer global clear-cache -# ------------------------------------------------------------ -# Standalone tools -# ------------------------------------------------------------ +# Install standalone tools in a single layer RUN curl -sSL https://castor.jolicode.com/install | bash \ && chmod +x ~/.local/bin/castor \ && mv ~/.local/bin/castor /usr/local/bin/castor \ && rm -rf /tmp/* /var/tmp/* -# ------------------------------------------------------------ -# Permissions -# ------------------------------------------------------------ +# Fix permissions for /tools directory to allow cache operations RUN chown -R 1001:1001 /tools \ && chmod -R 755 /tools +# Reset permissions to default non-root user (1001 as per your workflow) USER 1001