Skip to content

This is a docker php (fpm+apache2+nginx unit) image, based on the official alpine/ubuntu packages for php.

License

Notifications You must be signed in to change notification settings

Endava/docker-php

Repository files navigation

endava/docker-php

This is a docker php image is based on an alpine (and ubuntu) distribution including some tools and php extensions. You can find more details at the respective release pages on github.

Supported Versions

Version Branch Latest Release Status Vulnerability Report Fitness Functions
8.4 release/8.4 Size Build Status Security Report php 8.4 Fitness Functions
8.3 release/8.3 Size Build Status Security Report php 8.3 Fitness Functions
8.2 release/8.2 Size Build Status Security Report php 8.2 Fitness Functions
8.1 release/8.1 Size Build Status Security Report php 8.1 Fitness Functions

Experimental Versions

Version Branch Latest Release Status Vulnerability Report Fitness Functions
8.3 (ZTS) release/8.3-zts Size Build Status Security Report php 8.3-zts Fitness Functions
8.2 (ZTS) release/8.2-zts Size Build Status Security Report php 8.2-zts Fitness Functions
8.4 (Ubuntu) release/8.4-ubuntu Size Build Status Security Report php 8.4-ubuntu Fitness Functions
8.3 (Ubuntu) release/8.3-ubuntu Size Build Status Security Report php 8.3-ubuntu Fitness Functions
8.2 (Ubuntu) release/8.2-ubuntu Size Build Status Security Report php 8.2-ubuntu Fitness Functions
8.1 (Ubuntu) release/8.1-ubuntu Size Build Status Security Report php 8.1-ubuntu Fitness Functions

Unsupported Versions

Unsupported as of php's eol list at https://www.php.net/eol.php

Version Branch Latest Release Status Vulnerability Report
8.0 release/8.0 Size Build Status Security Report

Overview

This is the successor of the deprecated exozet/php-fpm docker image. We collected ideas on how a new (including breaking changes) version of our heavily used php-fpm image could look like.

We figured that our old approach had some disadvantages (it was a php-fpm build based on official docker php images):

  • it is based on a source build from php, so we could not use any packages from alpine/debian to speed up the build time
  • there are differences between the php package on debian/alpine
  • there is no official alpine apache2 build
  • we cannot add nginx unit to alpine build, as it lacks php embed SAPI comment on php!1355
  • the non-alpine image has lots of (fixable) CVEs, we cannot fix (e.g. trivy image --ignore-unfixed php:8.1.13-fpm-buster says: Total: 23)
  • depends on what the docker library team thinks fits into a docker image for php, it is not the php team releasing it

The new approach has some advantages:

  • It uses the latest package distributed by alpine team/community (which is pretty fast when it comes to security updates - 1 or 2 days after release) and official ubuntu packages
  • The precompiled packages (e.g. xdebug) are very fast installed
  • No need for custom scripts like docker-php-ext-install
  • It ships with httpd binary (for apache2), unitd binary (for nginx unit) and php-fpm binary (for php fpm) to execute php web requests
  • For apache2 and nginx unit variants an external webserver (like nginx) is not necessary anymore
  • It ships linux/arm64/v8 and linux/amd64 version of the image
  • The web server and the web requests are executed as non-privileged user www-data
  • The github release notes (including tool versions and php extension versions) is automatically generated if a commit is tagged
  • The release is available only as endava/php:8.1.16 (no suffix for -root, -xdebug -alpine or -sudo or others)
  • The CI/CD pipeline includes tests to validate the image as nginx unit or apache2 delivery
  • The CI/CD pipeline only builds the latest version (if necessary we can git checkout -b 8.1.13 if you really want to fix something in a release)

The new approach has a disadvantage:

  • We depend on the release of php packages at alpine and ubuntu (e.g. on 2023/01/03 the php82 was not officially packaged on alpine including nginx unit - so we cannot support it. at the same time it is available as docker image on official docker php). If the packaged package version number is not available on alpine anymore - we cannot recreate the docker image (we have a workaround to build older apk's for it - takes more time, but is 100% viable solution!)

Contributing

Please refer to CONTRIBUTING.md.

License

Please refer to LICENSE.