From 4c346f8e23bf9fdb34ad8839d62a848c8b865da2 Mon Sep 17 00:00:00 2001
From: Jose Carlos <josecarlospeer@gmail.com>
Date: Fri, 20 Feb 2026 23:08:52 +0100
Subject: [PATCH 1/2] =?UTF-8?q?feat:=20dockerfile=20updates=20=E2=80=94=20?=
 =?UTF-8?q?base=20pins,=20Composer=202.9.5,=20HEALTHCHECK,=20PHP=208.4?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

8.1: alpine:3.17 -> alpine:3.19, clean up edge repo refs, remove libsodium
     workaround (native in 3.19). Source: Alpine v3.19 APKINDEX
8.2: add HEALTHCHECK, Composer 2.5.1 -> 2.9.5
8.3: alpine:edge -> alpine:3.20, clean repo refs. Source: Alpine v3.20 APKINDEX
8.4: new Dockerfile using alpine:edge (php84 not yet in stable Alpine)
     TODO: pin to stable once PHP 8.4 lands in Alpine release

All: Composer 2.5.1 -> 2.9.5. Source: https://getcomposer.org/versions
All: add HEALTHCHECK (php-fpmXX -t config test)
CI: add 8.4 to pr.yaml and release.yaml build matrices
---
 .github/workflows/pr.yaml                     |  2 +-
 .github/workflows/release.yaml                |  2 +-
 8.1/Dockerfile                                | 24 +++---
 8.2/Dockerfile                                |  5 +-
 8.3/Dockerfile                                | 21 ++---
 8.4/Dockerfile                                | 82 +++++++++++++++++++
 8.4/devfs/etc/php84/conf.d/00_opcache.ini     | 11 +++
 8.4/devfs/etc/php84/conf.d/00_xdebug.ini      | 11 +++
 8.4/devfs/etc/php84/conf.d/50_settings.ini    |  6 ++
 8.4/devfs/etc/profile                         | 19 +++++
 .../etc/supervisord/conf.d/supervisord.conf   | 13 +++
 8.4/rootfs/etc/php84/conf.d/00_opcache.ini    | 11 +++
 8.4/rootfs/etc/php84/conf.d/50_settings.ini   |  9 ++
 8.4/rootfs/etc/php84/php-fpm.conf             | 36 ++++++++
 14 files changed, 223 insertions(+), 29 deletions(-)
 create mode 100644 8.4/Dockerfile
 create mode 100644 8.4/devfs/etc/php84/conf.d/00_opcache.ini
 create mode 100644 8.4/devfs/etc/php84/conf.d/00_xdebug.ini
 create mode 100644 8.4/devfs/etc/php84/conf.d/50_settings.ini
 create mode 100644 8.4/devfs/etc/profile
 create mode 100644 8.4/devfs/etc/supervisord/conf.d/supervisord.conf
 create mode 100644 8.4/rootfs/etc/php84/conf.d/00_opcache.ini
 create mode 100644 8.4/rootfs/etc/php84/conf.d/50_settings.ini
 create mode 100644 8.4/rootfs/etc/php84/php-fpm.conf

diff --git a/.github/workflows/pr.yaml b/.github/workflows/pr.yaml
index f9404cf..b573e9a 100644
--- a/.github/workflows/pr.yaml
+++ b/.github/workflows/pr.yaml
@@ -10,7 +10,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        version: [ "8.1", "8.2", "8.3" ]
+        version: [ "8.1", "8.2", "8.3", "8.4" ]
 
     name: ${{ matrix.version }}
     runs-on: ubuntu-latest
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
index 69c5b29..7ddb241 100644
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -13,7 +13,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        version: [ "8.1", "8.2", "8.3" ]
+        version: [ "8.1", "8.2", "8.3", "8.4" ]
         arch: [
           "linux/amd64,linux/arm64,linux/arm/v8,linux/arm/v7",
         ]
diff --git a/8.1/Dockerfile b/8.1/Dockerfile
index 4dcafd5..58065c0 100644
--- a/8.1/Dockerfile
+++ b/8.1/Dockerfile
@@ -1,15 +1,12 @@
-FROM --platform=$BUILDPLATFORM alpine:3.17 as main
+FROM --platform=$BUILDPLATFORM alpine:3.19 as main
 
 LABEL maintainer="Jorge Arco <jorge.arcoma@gmail.com>"
 
-RUN apk --no-cache --repository https://dl-cdn.alpinelinux.org/alpine/edge/main add \
+RUN apk --no-cache --repository https://dl-cdn.alpinelinux.org/alpine/v3.19/main add \
     icu-libs \
-    libsodium \
-    &&apk --no-cache --repository https://dl-cdn.alpinelinux.org/alpine/edge/community add \
-    # Current packages don't exist in other repositories
+    && apk --no-cache --repository https://dl-cdn.alpinelinux.org/alpine/v3.19/community add \
     libavif \
-    && apk add --no-cache --repository http://dl-cdn.alpinelinux.org/alpine/edge/testing/ --allow-untrusted gnu-libiconv \
-    # Packages
+    gnu-libiconv \
     tini \
     php81 \
     php81-dev \
@@ -36,7 +33,6 @@ RUN apk --no-cache --repository https://dl-cdn.alpinelinux.org/alpine/edge/main
     php81-fpm \
     php81-sodium \
     php81-tokenizer \
-    # Iconv Fix
     php81-pecl-apcu \
     && ln -sf /usr/bin/php81 /usr/bin/php
 
@@ -44,6 +40,9 @@ ADD rootfs /
 
 ENTRYPOINT ["/sbin/tini", "--"]
 
+HEALTHCHECK --interval=10s --timeout=3s --start-period=10s --retries=3 \
+    CMD /usr/sbin/php-fpm81 -t 2>&1 | grep -q "test is successful" || exit 1
+
 CMD ["/usr/sbin/php-fpm81", "-R", "--nodaemonize"]
 
 EXPOSE 9000
@@ -55,10 +54,11 @@ FROM --platform=$BUILDPLATFORM main as dev
 ARG USER=root
 ARG PASSWORD=root
 
-ARG COMPOSER_VERSION=2.5.1
+ARG COMPOSER_VERSION=2.9.5
 
-RUN apk add -U --no-cache --repository http://dl-cdn.alpinelinux.org/alpine/edge/testing/   \
+RUN apk add -U --no-cache --repository https://dl-cdn.alpinelinux.org/alpine/v3.19/community/ \
         php81-pear \
+        php81-xdebug \
         openssh \
         supervisor \
         autoconf \
@@ -67,14 +67,10 @@ RUN apk add -U --no-cache --repository http://dl-cdn.alpinelinux.org/alpine/edge
         wget \
         make \
         zip \
-        php81-xdebug \
-    # Delete APK cache.
     && rm -rf /var/cache/apk/* \
-    # Create ssh user for dev.
     && sed -i s/#PermitRootLogin.*/PermitRootLogin\ yes/ /etc/ssh/sshd_config \
     && echo "${USER}:${PASSWORD}" | chpasswd \
     && ssh-keygen -A \
-    # Download composer.
     && curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/bin --filename=composer --version=${COMPOSER_VERSION}
 
 ADD devfs /
diff --git a/8.2/Dockerfile b/8.2/Dockerfile
index 29c7705..4e5db0d 100644
--- a/8.2/Dockerfile
+++ b/8.2/Dockerfile
@@ -43,6 +43,9 @@ ADD rootfs /
 
 ENTRYPOINT ["/sbin/tini", "--"]
 
+HEALTHCHECK --interval=10s --timeout=3s --start-period=10s --retries=3 \
+    CMD /usr/sbin/php-fpm82 -t 2>&1 | grep -q "test is successful" || exit 1
+
 CMD ["/usr/sbin/php-fpm82", "-R", "--nodaemonize"]
 
 EXPOSE 9000
@@ -54,7 +57,7 @@ FROM --platform=$BUILDPLATFORM main as dev
 ARG USER=root
 ARG PASSWORD=root
 
-ARG COMPOSER_VERSION=2.5.1
+ARG COMPOSER_VERSION=2.9.5
 
 RUN apk add -U --no-cache --repository https://dl-cdn.alpinelinux.org/alpine/v3.21/community/ \
         php82-pear \
diff --git a/8.3/Dockerfile b/8.3/Dockerfile
index 5ba8e07..2c2cbb5 100644
--- a/8.3/Dockerfile
+++ b/8.3/Dockerfile
@@ -1,14 +1,12 @@
-FROM --platform=$BUILDPLATFORM alpine:edge as main
+FROM --platform=$BUILDPLATFORM alpine:3.20 as main
 
 LABEL maintainer="Jorge Arco <jorge.arcoma@gmail.com>"
 
-RUN apk --no-cache --repository https://dl-cdn.alpinelinux.org/alpine/edge/main add \
+RUN apk --no-cache --repository https://dl-cdn.alpinelinux.org/alpine/v3.20/main add \
     icu-libs \
-    && apk --no-cache --repository https://dl-cdn.alpinelinux.org/alpine/edge/community add \
-    # Current packages don't exist in other repositories
+    && apk --no-cache --repository https://dl-cdn.alpinelinux.org/alpine/v3.20/community add \
     libavif \
     gnu-libiconv \
-    # Packages
     tini \
     php83 \
     php83-dev \
@@ -35,7 +33,6 @@ RUN apk --no-cache --repository https://dl-cdn.alpinelinux.org/alpine/edge/main
     php83-fpm \
     php83-sodium \
     php83-tokenizer \
-    # Iconv Fix
     php83-pecl-apcu \
     && ln -sf /usr/bin/php83 /usr/bin/php
 
@@ -43,6 +40,9 @@ ADD rootfs /
 
 ENTRYPOINT ["/sbin/tini", "--"]
 
+HEALTHCHECK --interval=10s --timeout=3s --start-period=10s --retries=3 \
+    CMD /usr/sbin/php-fpm83 -t 2>&1 | grep -q "test is successful" || exit 1
+
 CMD ["/usr/sbin/php-fpm83", "-R", "--nodaemonize"]
 
 EXPOSE 9000
@@ -54,10 +54,11 @@ FROM --platform=$BUILDPLATFORM main as dev
 ARG USER=root
 ARG PASSWORD=root
 
-ARG COMPOSER_VERSION=2.5.1
+ARG COMPOSER_VERSION=2.9.5
 
-RUN apk add -U --no-cache --repository http://dl-cdn.alpinelinux.org/alpine/edge/testing/   \
+RUN apk add -U --no-cache --repository https://dl-cdn.alpinelinux.org/alpine/v3.20/community/ \
         php83-pear \
+        php83-xdebug \
         openssh \
         supervisor \
         autoconf \
@@ -66,14 +67,10 @@ RUN apk add -U --no-cache --repository http://dl-cdn.alpinelinux.org/alpine/edge
         wget \
         make \
         zip \
-        php83-xdebug \
-    # Delete APK cache.
     && rm -rf /var/cache/apk/* \
-    # Create ssh user for dev.
     && sed -i s/#PermitRootLogin.*/PermitRootLogin\ yes/ /etc/ssh/sshd_config \
     && echo "${USER}:${PASSWORD}" | chpasswd \
     && ssh-keygen -A \
-    # Download composer.
     && curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/bin --filename=composer --version=${COMPOSER_VERSION}
 
 ADD devfs /
diff --git a/8.4/Dockerfile b/8.4/Dockerfile
new file mode 100644
index 0000000..838bf44
--- /dev/null
+++ b/8.4/Dockerfile
@@ -0,0 +1,82 @@
+# PHP 8.4 — uses alpine:edge until php84 lands in a stable Alpine release.
+# TODO: pin to alpine:3.22 (or next stable) once available.
+FROM --platform=$BUILDPLATFORM alpine:edge as main
+
+LABEL maintainer="Jorge Arco <jorge.arcoma@gmail.com>"
+
+RUN apk --no-cache --repository https://dl-cdn.alpinelinux.org/alpine/edge/main add \
+    icu-libs \
+    && apk --no-cache --repository https://dl-cdn.alpinelinux.org/alpine/edge/community add \
+    libavif \
+    gnu-libiconv \
+    tini \
+    php84 \
+    php84-dev \
+    php84-common \
+    php84-gd \
+    php84-xmlreader \
+    php84-bcmath \
+    php84-ctype \
+    php84-curl \
+    php84-exif \
+    php84-iconv \
+    php84-intl \
+    php84-mbstring \
+    php84-opcache \
+    php84-openssl \
+    php84-pcntl \
+    php84-phar \
+    php84-session \
+    php84-xml \
+    php84-xsl \
+    php84-zip \
+    php84-zlib \
+    php84-dom \
+    php84-fpm \
+    php84-sodium \
+    php84-tokenizer \
+    php84-pecl-apcu \
+    && ln -sf /usr/bin/php84 /usr/bin/php
+
+ADD rootfs /
+
+ENTRYPOINT ["/sbin/tini", "--"]
+
+HEALTHCHECK --interval=10s --timeout=3s --start-period=10s --retries=3 \
+    CMD /usr/sbin/php-fpm84 -t 2>&1 | grep -q "test is successful" || exit 1
+
+CMD ["/usr/sbin/php-fpm84", "-R", "--nodaemonize"]
+
+EXPOSE 9000
+
+WORKDIR /app
+
+FROM --platform=$BUILDPLATFORM main as dev
+
+ARG USER=root
+ARG PASSWORD=root
+
+ARG COMPOSER_VERSION=2.9.5
+
+RUN apk add -U --no-cache --repository https://dl-cdn.alpinelinux.org/alpine/edge/community/ \
+        php84-pear \
+        php84-xdebug \
+        openssh \
+        supervisor \
+        autoconf \
+        git \
+        curl \
+        wget \
+        make \
+        zip \
+    && rm -rf /var/cache/apk/* \
+    && sed -i s/#PermitRootLogin.*/PermitRootLogin\ yes/ /etc/ssh/sshd_config \
+    && echo "${USER}:${PASSWORD}" | chpasswd \
+    && ssh-keygen -A \
+    && curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/bin --filename=composer --version=${COMPOSER_VERSION}
+
+ADD devfs /
+
+CMD ["supervisord", "--nodaemon", "--configuration", "/etc/supervisord/conf.d/supervisord.conf"]
+
+EXPOSE 22 9003
diff --git a/8.4/devfs/etc/php84/conf.d/00_opcache.ini b/8.4/devfs/etc/php84/conf.d/00_opcache.ini
new file mode 100644
index 0000000..ba5b4e0
--- /dev/null
+++ b/8.4/devfs/etc/php84/conf.d/00_opcache.ini
@@ -0,0 +1,11 @@
+zend_extension=opcache.so
+
+opcache.memory_consumption=256
+opcache.interned_strings_buffer=8
+opcache.max_accelerated_files=10000
+opcache.revalidate_freq=2
+opcache.fast_shutdown=1
+opcache.enable_cli=1
+opcache.enable=1
+opcache.validate_timestamps=1
+opcache.max_wasted_percentage=10
\ No newline at end of file
diff --git a/8.4/devfs/etc/php84/conf.d/00_xdebug.ini b/8.4/devfs/etc/php84/conf.d/00_xdebug.ini
new file mode 100644
index 0000000..c177230
--- /dev/null
+++ b/8.4/devfs/etc/php84/conf.d/00_xdebug.ini
@@ -0,0 +1,11 @@
+zend_extension=xdebug.so
+
+xdebug.mode=debug
+xdebug.log_level=0
+
+xdebug.start_with_request=yes
+xdebug.client_host=${XDEBUG_CLIENT_HOST}
+xdebug.max_nesting_level=250
+
+xdebug.var_display_max_data=10000
+xdebug.var_display_max_depth=20
diff --git a/8.4/devfs/etc/php84/conf.d/50_settings.ini b/8.4/devfs/etc/php84/conf.d/50_settings.ini
new file mode 100644
index 0000000..6aa39f3
--- /dev/null
+++ b/8.4/devfs/etc/php84/conf.d/50_settings.ini
@@ -0,0 +1,6 @@
+date.timezone = "UTC"
+short_open_tag = Off
+session.auto_start = Off
+magic_quotes_gpc = Off
+register_globals = Off
+memory_limit = 1G
diff --git a/8.4/devfs/etc/profile b/8.4/devfs/etc/profile
new file mode 100644
index 0000000..c5ea757
--- /dev/null
+++ b/8.4/devfs/etc/profile
@@ -0,0 +1,19 @@
+export CHARSET=UTF-8
+export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+export PAGER=less
+export PS1='\h:\w\$ '
+
+umask 022
+
+alias xon='mv /tmp/00_xdebug.ini /etc/php84/conf.d/'
+alias xoff='mv /etc/php84/conf.d/00_xdebug.ini /tmp'
+alias opcon='mv /tmp/00_opcache.ini /etc/php84/conf.d/'
+alias opcoff='mv /etc/php84/conf.d/00_opcache.ini /tmp'
+
+alias profile='XDEBUG_CONFIG="profiler_enable=1 xdebug.profiler_output_name=profiler.out.%p profiler_output_dir=." php'
+
+for script in /etc/profile.d/*.sh ; do
+        if [ -r $script ] ; then
+                . $script
+        fi
+done
diff --git a/8.4/devfs/etc/supervisord/conf.d/supervisord.conf b/8.4/devfs/etc/supervisord/conf.d/supervisord.conf
new file mode 100644
index 0000000..9840fe0
--- /dev/null
+++ b/8.4/devfs/etc/supervisord/conf.d/supervisord.conf
@@ -0,0 +1,13 @@
+[supervisord]
+nodaemon=true
+logfile=/var/log/supervisord.log
+pidfile=/var/run/supervisord.pid
+
+loglevel=debug
+user=root
+
+[program:fpm]
+command=/usr/sbin/php-fpm84 -R --nodaemonize
+
+[program:ssh]
+command=/usr/sbin/sshd -D
diff --git a/8.4/rootfs/etc/php84/conf.d/00_opcache.ini b/8.4/rootfs/etc/php84/conf.d/00_opcache.ini
new file mode 100644
index 0000000..51d4740
--- /dev/null
+++ b/8.4/rootfs/etc/php84/conf.d/00_opcache.ini
@@ -0,0 +1,11 @@
+zend_extension=opcache.so
+
+opcache.memory_consumption=256
+opcache.interned_strings_buffer=8
+opcache.max_accelerated_files=50000
+opcache.revalidate_freq=60
+opcache.fast_shutdown=1
+opcache.enable_cli=1
+opcache.enable=1
+opcache.validate_timestamps=0
+opcache.max_wasted_percentage=10
diff --git a/8.4/rootfs/etc/php84/conf.d/50_settings.ini b/8.4/rootfs/etc/php84/conf.d/50_settings.ini
new file mode 100644
index 0000000..a519614
--- /dev/null
+++ b/8.4/rootfs/etc/php84/conf.d/50_settings.ini
@@ -0,0 +1,9 @@
+date.timezone = "UTC"
+short_open_tag = Off
+session.auto_start = Off
+magic_quotes_gpc = Off
+register_globals = Off
+memory_limit = 256M
+
+realpath_cache_size=4096K
+realpath_cache_ttl=600
diff --git a/8.4/rootfs/etc/php84/php-fpm.conf b/8.4/rootfs/etc/php84/php-fpm.conf
new file mode 100644
index 0000000..713c963
--- /dev/null
+++ b/8.4/rootfs/etc/php84/php-fpm.conf
@@ -0,0 +1,36 @@
+[global]
+emergency_restart_threshold = 10
+emergency_restart_interval = 1m
+process_control_timeout = 10
+error_log = /proc/self/fd/2
+
+[www]
+user = root
+group = root
+listen = [::]:9000
+chdir = /app
+
+access.log = /proc/self/fd/1
+
+pm = dynamic
+pm.max_children = 500
+pm.start_servers = 60
+pm.min_spare_servers = 25
+pm.max_spare_servers = 100
+pm.max_requests = 1000
+
+listen.backlog = -1
+rlimit_files = 65536
+rlimit_core = unlimited
+catch_workers_output = yes
+decorate_workers_output = no
+
+request_slowlog_timeout = 5s
+request_terminate_timeout = 120s
+slowlog = /var/log/$pool.log.slow
+
+pm.status_path = /fpm_status
+ping.path = /fpm_ping
+ping.response = pong
+
+clear_env = no

From ae7777003993e72e2fe9dd229e53d01cc332089b Mon Sep 17 00:00:00 2001
From: Jose Carlos <josecarlospeer@gmail.com>
Date: Sat, 21 Feb 2026 02:34:25 +0100
Subject: [PATCH 2/2] style: use uppercase AS in multi-stage FROM directives
 (Hadolint DL3006)

---
 8.1/Dockerfile | 4 ++--
 8.2/Dockerfile | 4 ++--
 8.3/Dockerfile | 4 ++--
 8.4/Dockerfile | 4 ++--
 4 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/8.1/Dockerfile b/8.1/Dockerfile
index 58065c0..4344e40 100644
--- a/8.1/Dockerfile
+++ b/8.1/Dockerfile
@@ -1,4 +1,4 @@
-FROM --platform=$BUILDPLATFORM alpine:3.19 as main
+FROM --platform=$BUILDPLATFORM alpine:3.19 AS main
 
 LABEL maintainer="Jorge Arco <jorge.arcoma@gmail.com>"
 
@@ -49,7 +49,7 @@ EXPOSE 9000
 
 WORKDIR /app
 
-FROM --platform=$BUILDPLATFORM main as dev
+FROM --platform=$BUILDPLATFORM main AS dev
 
 ARG USER=root
 ARG PASSWORD=root
diff --git a/8.2/Dockerfile b/8.2/Dockerfile
index 4e5db0d..942929a 100644
--- a/8.2/Dockerfile
+++ b/8.2/Dockerfile
@@ -1,4 +1,4 @@
-FROM --platform=$BUILDPLATFORM alpine:3.21 as main
+FROM --platform=$BUILDPLATFORM alpine:3.21 AS main
 
 LABEL maintainer="Jorge Arco <jorge.arcoma@gmail.com>"
 
@@ -52,7 +52,7 @@ EXPOSE 9000
 
 WORKDIR /app
 
-FROM --platform=$BUILDPLATFORM main as dev
+FROM --platform=$BUILDPLATFORM main AS dev
 
 ARG USER=root
 ARG PASSWORD=root
diff --git a/8.3/Dockerfile b/8.3/Dockerfile
index 2c2cbb5..e27bdb2 100644
--- a/8.3/Dockerfile
+++ b/8.3/Dockerfile
@@ -1,4 +1,4 @@
-FROM --platform=$BUILDPLATFORM alpine:3.20 as main
+FROM --platform=$BUILDPLATFORM alpine:3.20 AS main
 
 LABEL maintainer="Jorge Arco <jorge.arcoma@gmail.com>"
 
@@ -49,7 +49,7 @@ EXPOSE 9000
 
 WORKDIR /app
 
-FROM --platform=$BUILDPLATFORM main as dev
+FROM --platform=$BUILDPLATFORM main AS dev
 
 ARG USER=root
 ARG PASSWORD=root
diff --git a/8.4/Dockerfile b/8.4/Dockerfile
index 838bf44..e2191f5 100644
--- a/8.4/Dockerfile
+++ b/8.4/Dockerfile
@@ -1,6 +1,6 @@
 # PHP 8.4 — uses alpine:edge until php84 lands in a stable Alpine release.
 # TODO: pin to alpine:3.22 (or next stable) once available.
-FROM --platform=$BUILDPLATFORM alpine:edge as main
+FROM --platform=$BUILDPLATFORM alpine:edge AS main
 
 LABEL maintainer="Jorge Arco <jorge.arcoma@gmail.com>"
 
@@ -51,7 +51,7 @@ EXPOSE 9000
 
 WORKDIR /app
 
-FROM --platform=$BUILDPLATFORM main as dev
+FROM --platform=$BUILDPLATFORM main AS dev
 
 ARG USER=root
 ARG PASSWORD=root