From a16b155a4abed97b5cbe75a8829a8ac0e7d8eabb Mon Sep 17 00:00:00 2001 From: Bas Zoetekouw Date: Wed, 2 Jul 2025 16:43:14 +0200 Subject: [PATCH 1/7] python: add env vars with python version --- python3/Dockerfile | 3 +++ 1 file changed, 3 insertions(+) diff --git a/python3/Dockerfile b/python3/Dockerfile index 6301594..8560ef0 100644 --- a/python3/Dockerfile +++ b/python3/Dockerfile @@ -1,5 +1,8 @@ FROM docker.io/library/python:3.11-slim-bookworm +ENV PYTHON_VERSION_MAJOR=3 +ENV PYTHON_VERSION_MINOR=3.11 + # Do an initial clean up and general upgrade of the distribution ENV DEBIAN_FRONTEND=noninteractive RUN \ From 9e39b696e37c8896d272bc4856ce5ae257142a9a Mon Sep 17 00:00:00 2001 From: Bas Zoetekouw Date: Wed, 2 Jul 2025 16:43:51 +0200 Subject: [PATCH 2/7] No need anymore for clang in python container (save 500MB per build) --- python3/Dockerfile | 1 - 1 file changed, 1 deletion(-) diff --git a/python3/Dockerfile b/python3/Dockerfile index 8560ef0..440b4f3 100644 --- a/python3/Dockerfile +++ b/python3/Dockerfile @@ -12,7 +12,6 @@ RUN \ build-essential \ bzip2 \ curl \ - clang \ default-libmysqlclient-dev \ git \ libxmlsec1-dev \ From a63e586a5761e63bd19bfb380f1f46b7f0a4ecf7 Mon Sep 17 00:00:00 2001 From: Bas Zoetekouw Date: Wed, 2 Jul 2025 16:49:11 +0200 Subject: [PATCH 3/7] collect apt command in single RUN to not waste space in image layers # Conflicts: # php82-apache2-node20-composer2/Dockerfile --- apache2-shibboleth/Dockerfile | 30 +++++++++++------------ apache2/Dockerfile | 6 ++--- php82-apache2-node20-composer2/Dockerfile | 23 ++++++----------- python3/Dockerfile | 2 +- 4 files changed, 26 insertions(+), 35 deletions(-) diff --git a/apache2-shibboleth/Dockerfile b/apache2-shibboleth/Dockerfile index f784733..100b05b 100644 --- a/apache2-shibboleth/Dockerfile +++ b/apache2-shibboleth/Dockerfile @@ -1,22 +1,21 @@ FROM ghcr.io/openconext/openconext-basecontainers/apache2:latest -# Set things up for Apt +# Install the Shibboleth daemon and Apache2 modules ENV DEBIAN_FRONTEND=noninteractive -RUN apt clean && apt autoclean && apt update +RUN \ + apt update && \ + apt install -y \ + shibboleth-sp-common \ + shibboleth-sp-utils \ + libapache2-mod-shib \ + gettext \ + && \ + rm -rf /var/cache/apt /var/lib/apt/lists/* -# Install the Shibboleth daemon and Apache2 modules -RUN apt install -y shibboleth-sp-common \ - shibboleth-sp-utils \ - libapache2-mod-shib \ - gettext - -# Clean up -RUN apt autoremove -y && \ - apt clean && \ - apt autoclean && \ - rm -rf /var/lib/apt/lists/* && \ - a2enmod shib && \ - mkdir -p /run/shibboleth + +# Enable Shib +RUN mkdir -p /run/shibboleth +RUN a2enmod shib # Copy config files COPY ./conf/shibboleth/* /etc/shibboleth/ @@ -38,4 +37,3 @@ EXPOSE 80 # Start Shibboleth and Apache ENTRYPOINT ["/entrypoint.sh"] CMD ["/usr/local/bin/shib.sh"] - diff --git a/apache2/Dockerfile b/apache2/Dockerfile index a832d13..509e6eb 100644 --- a/apache2/Dockerfile +++ b/apache2/Dockerfile @@ -7,9 +7,9 @@ RUN apt update && \ apt -y install \ apache2 \ curl \ - xz-utils && \ - rm -rf /var/cache/apt && \ - rm -rf /var/lib/apt/lists/* + xz-utils \ + && \ + rm -rf /var/cache/apt /var/lib/apt/lists/* # Copy the default apache config COPY ./conf/security.conf ./conf/openconext.conf /etc/apache2/conf-available/ diff --git a/php82-apache2-node20-composer2/Dockerfile b/php82-apache2-node20-composer2/Dockerfile index ec0c1b2..a455657 100644 --- a/php82-apache2-node20-composer2/Dockerfile +++ b/php82-apache2-node20-composer2/Dockerfile @@ -5,23 +5,16 @@ COPY --from=node:20-slim /usr/local/bin /usr/local/bin COPY --from=node:20-slim /opt /opt COPY --from=node:20-slim /usr/local/lib/node_modules /usr/local/lib/node_modules -RUN \ - apt update && \ - apt -y install \ - git \ - unzip \ - zip \ - vim \ - && \ - rm -rf /var/lib/apt/lists/* /var/cache/apt +ENV DEBIAN_FRONTEND=noninteractive +RUN apt update && \ + apt -y install git unzip zip vim &&\ + rm -rf /var/cache/apt /var/lib/apt/lists/* + +RUN pecl install xdebug && docker-php-ext-enable xdebug -RUN \ - pecl install xdebug && \ - docker-php-ext-enable xdebug COPY ./conf/xdebug.ini /usr/local/etc/php/conf.d/docker-php-ext-xdebug.ini -RUN \ - rm -rf /etc/apache2/sites-enabled/* && \ - mkdir -p /var/www/html/public +RUN mkdir -p /var/www/html/public +RUN rm -rf /etc/apache2/sites-enabled/* COPY ./conf/appconf.conf /etc/apache2/sites-enabled/ diff --git a/python3/Dockerfile b/python3/Dockerfile index 440b4f3..0914637 100644 --- a/python3/Dockerfile +++ b/python3/Dockerfile @@ -21,7 +21,7 @@ RUN \ xz-utils \ && \ apt-get -y autoremove && \ - rm -rf /var/lib/apt/lists/* /var/cache/apt/* + rm -rf /var/cache/apt /var/lib/apt/lists/* # if specified, drop privileges to this uid and gid ARG RUNAS_UID From 13d3c6df1474ac4d7454e0f0a405da6b8abd0aba Mon Sep 17 00:00:00 2001 From: Bas Zoetekouw Date: Wed, 2 Jul 2025 16:49:20 +0200 Subject: [PATCH 4/7] general cleanup --- apache2-shibboleth/Dockerfile | 8 ++------ php82-apache2-node20-composer2/Dockerfile | 2 +- 2 files changed, 3 insertions(+), 7 deletions(-) diff --git a/apache2-shibboleth/Dockerfile b/apache2-shibboleth/Dockerfile index 100b05b..a41cf7b 100644 --- a/apache2-shibboleth/Dockerfile +++ b/apache2-shibboleth/Dockerfile @@ -21,13 +21,9 @@ RUN a2enmod shib COPY ./conf/shibboleth/* /etc/shibboleth/ # Copy the startup script -COPY ./bin/entrypoint.sh /entrypoint.sh -COPY ./bin/shib.sh /usr/local/bin/shib.sh -RUN chmod +x /entrypoint.sh ; chmod +x /usr/local/bin/shib.sh +COPY --chmod=755 ./bin/entrypoint.sh /entrypoint.sh +COPY --chmod=755 ./bin/shib.sh /usr/local/bin/shib.sh -# Copy the entrypoint script -COPY ./bin/entrypoint.sh /entrypoint.sh -RUN chmod 755 /entrypoint.sh # Set the default workdir WORKDIR /var/www/html diff --git a/php82-apache2-node20-composer2/Dockerfile b/php82-apache2-node20-composer2/Dockerfile index a455657..99fa1b4 100644 --- a/php82-apache2-node20-composer2/Dockerfile +++ b/php82-apache2-node20-composer2/Dockerfile @@ -1,6 +1,6 @@ FROM ghcr.io/openconext/openconext-basecontainers/php82-apache2:latest -COPY --from=composer:2 /usr/bin/composer /usr/bin/composer +COPY --from=composer:2 /usr/bin/composer /usr/bin/composer COPY --from=node:20-slim /usr/local/bin /usr/local/bin COPY --from=node:20-slim /opt /opt COPY --from=node:20-slim /usr/local/lib/node_modules /usr/local/lib/node_modules From ff4a25c0a77991579e26e0836cc8f30e84eb2eb0 Mon Sep 17 00:00:00 2001 From: Bas Zoetekouw Date: Wed, 2 Jul 2025 17:49:11 +0200 Subject: [PATCH 5/7] more explicit names for CI tasks --- .github/workflows/build-php72-apache2-node14-composer2.yaml | 2 +- .github/workflows/build-php72-apache2-node16-composer2.yaml | 2 +- .github/workflows/build-php82-apache2-node20-composer2.yaml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build-php72-apache2-node14-composer2.yaml b/.github/workflows/build-php72-apache2-node14-composer2.yaml index ea6072c..179198c 100644 --- a/.github/workflows/build-php72-apache2-node14-composer2.yaml +++ b/.github/workflows/build-php72-apache2-node14-composer2.yaml @@ -11,7 +11,7 @@ on: workflow_dispatch: jobs: - build-push-php72: + build-push-php72-node14: runs-on: ubuntu-latest permissions: packages: write diff --git a/.github/workflows/build-php72-apache2-node16-composer2.yaml b/.github/workflows/build-php72-apache2-node16-composer2.yaml index 2d027db..5f32b54 100644 --- a/.github/workflows/build-php72-apache2-node16-composer2.yaml +++ b/.github/workflows/build-php72-apache2-node16-composer2.yaml @@ -11,7 +11,7 @@ on: workflow_dispatch: jobs: - build-push-php72: + build-push-php72-node16: runs-on: ubuntu-latest permissions: packages: write diff --git a/.github/workflows/build-php82-apache2-node20-composer2.yaml b/.github/workflows/build-php82-apache2-node20-composer2.yaml index a8232d8..0954564 100644 --- a/.github/workflows/build-php82-apache2-node20-composer2.yaml +++ b/.github/workflows/build-php82-apache2-node20-composer2.yaml @@ -11,7 +11,7 @@ on: workflow_dispatch: jobs: - build-push-php82: + build-push-php82-node20: runs-on: ubuntu-latest permissions: packages: write From 343b83b9d43b20e54c3e0dfeeae993daccac9833 Mon Sep 17 00:00:00 2001 From: Bas Zoetekouw Date: Wed, 2 Jul 2025 18:12:25 +0200 Subject: [PATCH 6/7] Move xdebug compilation to main php container --- php72-apache2-node14-composer2/Dockerfile | 6 +++--- php72-apache2-node16-composer2/Dockerfile | 5 ++--- php72-apache2/Dockerfile | 3 +++ php82-apache2-node20-composer2/Dockerfile | 4 ++-- php82-apache2/Dockerfile | 2 ++ 5 files changed, 12 insertions(+), 8 deletions(-) diff --git a/php72-apache2-node14-composer2/Dockerfile b/php72-apache2-node14-composer2/Dockerfile index 7ff113d..72a3980 100644 --- a/php72-apache2-node14-composer2/Dockerfile +++ b/php72-apache2-node14-composer2/Dockerfile @@ -12,9 +12,9 @@ COPY --from=node:14-slim /opt /opt COPY --from=node:14-slim /usr/local/lib/node_modules /usr/local/lib/node_modules RUN npm install -g yarn --force -RUN \ - pecl install xdebug-3.1.6 && \ - docker-php-ext-enable xdebug + +# enable xdebug +RUN docker-php-ext-enable xdebug COPY ./conf/xdebug.ini /usr/local/etc/php/conf.d/docker-php-ext-xdebug.ini RUN \ diff --git a/php72-apache2-node16-composer2/Dockerfile b/php72-apache2-node16-composer2/Dockerfile index e30bd34..8517e39 100644 --- a/php72-apache2-node16-composer2/Dockerfile +++ b/php72-apache2-node16-composer2/Dockerfile @@ -19,9 +19,8 @@ RUN \ RUN npm install -g yarn --force -RUN \ - pecl install xdebug-3.1.6 && \ - docker-php-ext-enable xdebug +# enable xdebug +RUN docker-php-ext-enable xdebug COPY ./conf/xdebug.ini /usr/local/etc/php/conf.d/docker-php-ext-xdebug.ini RUN \ diff --git a/php72-apache2/Dockerfile b/php72-apache2/Dockerfile index ff6d46b..e208cff 100644 --- a/php72-apache2/Dockerfile +++ b/php72-apache2/Dockerfile @@ -39,6 +39,9 @@ RUN pecl install -f apcu_bc COPY ./conf/apcu.ini /usr/local/etc/php/conf.d/91-apcu.ini COPY ./conf/apc.ini /usr/local/etc/php/conf.d/92-acp.ini +# install xdebug but do not enable by default +RUN pecl install xdebug-3.1.6 + # Clean up # don't autoremove, becasue that will remove libraries needed for the custom-built php extensions RUN \ diff --git a/php82-apache2-node20-composer2/Dockerfile b/php82-apache2-node20-composer2/Dockerfile index 99fa1b4..cd70c86 100644 --- a/php82-apache2-node20-composer2/Dockerfile +++ b/php82-apache2-node20-composer2/Dockerfile @@ -10,8 +10,8 @@ RUN apt update && \ apt -y install git unzip zip vim &&\ rm -rf /var/cache/apt /var/lib/apt/lists/* -RUN pecl install xdebug && docker-php-ext-enable xdebug - +# enable xdebug +RUN docker-php-ext-enable xdebug COPY ./conf/xdebug.ini /usr/local/etc/php/conf.d/docker-php-ext-xdebug.ini RUN mkdir -p /var/www/html/public diff --git a/php82-apache2/Dockerfile b/php82-apache2/Dockerfile index aebe5d0..bf136d7 100644 --- a/php82-apache2/Dockerfile +++ b/php82-apache2/Dockerfile @@ -29,6 +29,8 @@ RUN docker-php-ext-install -j$(nproc) xml RUN docker-php-ext-install -j$(nproc) intl RUN docker-php-ext-configure gd --with-freetype --with-jpeg && docker-php-ext-install -j$(nproc) gd +# install xdebug but do not enable by default +RUN pecl install xdebug # Clean up # don't autoremove, becasue that will remove libraries needed for the custom-built php extensions From 2829408c76264924f2ad7e4d7a5bd264f61d36ab Mon Sep 17 00:00:00 2001 From: Bas Zoetekouw Date: Wed, 2 Jul 2025 18:12:54 +0200 Subject: [PATCH 7/7] clean up and sync dockerfiles --- php72-apache2-node14-composer2/Dockerfile | 27 ++++++++++++----------- php72-apache2-node16-composer2/Dockerfile | 11 ++++----- php72-apache2/Dockerfile | 27 +++++++++++------------ php82-apache2-node20-composer2/Dockerfile | 15 +++++++++---- php82-apache2/Dockerfile | 25 +++++++++++---------- 5 files changed, 55 insertions(+), 50 deletions(-) diff --git a/php72-apache2-node14-composer2/Dockerfile b/php72-apache2-node14-composer2/Dockerfile index 72a3980..a624b39 100644 --- a/php72-apache2-node14-composer2/Dockerfile +++ b/php72-apache2-node14-composer2/Dockerfile @@ -1,26 +1,27 @@ FROM ghcr.io/openconext/openconext-basecontainers/php72-apache2:latest -COPY --from=composer:2 /usr/bin/composer /usr/bin/composer - -RUN \ - apt update && \ - apt -y install git unzip zip vim && \ - rm -rf /var/lib/apt/lists/* /var/cache/apt - +COPY --from=composer:2 /usr/bin/composer /usr/bin/composer COPY --from=node:14-slim /usr/local/bin /usr/local/bin COPY --from=node:14-slim /opt /opt COPY --from=node:14-slim /usr/local/lib/node_modules /usr/local/lib/node_modules -RUN npm install -g yarn --force +ENV DEBIAN_FRONTEND=noninteractive +RUN \ + apt-get update && \ + apt-get -y install \ + git \ + unzip \ + vim \ + zip \ + && \ + rm -rf /var/lib/apt/lists/* /var/cache/apt +RUN npm install -g yarn --force # enable xdebug RUN docker-php-ext-enable xdebug COPY ./conf/xdebug.ini /usr/local/etc/php/conf.d/docker-php-ext-xdebug.ini -RUN \ - rm -rf /etc/apache2/sites-enabled/* && \ - mkdir -p /var/www/html/public +RUN mkdir /var/www/html/public +RUN rm -rf /etc/apache2/sites-enabled/* COPY ./conf/appconf.conf /etc/apache2/sites-enabled/ - -SHELL ["/bin/bash", "--login", "-c"] diff --git a/php72-apache2-node16-composer2/Dockerfile b/php72-apache2-node16-composer2/Dockerfile index 8517e39..de9b0cf 100644 --- a/php72-apache2-node16-composer2/Dockerfile +++ b/php72-apache2-node16-composer2/Dockerfile @@ -2,10 +2,10 @@ FROM ghcr.io/openconext/openconext-basecontainers/php72-apache2:latest COPY --from=composer:2 /usr/bin/composer /usr/bin/composer COPY --from=node:16-slim /usr/local/bin /usr/local/bin +COPY --from=node:16-slim /opt /opt COPY --from=node:16-slim /usr/local/lib/node_modules /usr/local/lib/node_modules -SHELL ["/bin/bash", "--login", "-c"] - +ENV DEBIAN_FRONTEND=noninteractive RUN \ apt-get update && \ apt-get -y install \ @@ -15,16 +15,13 @@ RUN \ zip \ && \ rm -rf /var/lib/apt/lists/* /var/cache/apt - - RUN npm install -g yarn --force # enable xdebug RUN docker-php-ext-enable xdebug COPY ./conf/xdebug.ini /usr/local/etc/php/conf.d/docker-php-ext-xdebug.ini -RUN \ - rm -rf /etc/apache2/sites-enabled/* && \ - mkdir /var/www/html/public +RUN mkdir /var/www/html/public +RUN rm -rf /etc/apache2/sites-enabled/* COPY ./conf/appconf.conf /etc/apache2/sites-enabled/ diff --git a/php72-apache2/Dockerfile b/php72-apache2/Dockerfile index e208cff..e737cb7 100644 --- a/php72-apache2/Dockerfile +++ b/php72-apache2/Dockerfile @@ -3,23 +3,23 @@ FROM docker.io/library/php:7.2-apache-buster ENV PHP_MEMORY_LIMIT=128M ENV TZ=Europe/Amsterdam ENV DEBIAN_FRONTEND=noninteractive + # Copy the Composer PHAR from the Composer image into the PHP image -COPY --from=composer:1.9.3 /usr/bin/composer /usr/bin/composer -RUN chmod +x /usr/bin/composer +COPY --from=composer:1.9.3 --chmod=755 /usr/bin/composer /usr/bin/composer # Install the packages we need RUN \ apt-get update && \ apt-get install -y \ curl \ - libxml2 \ - libxml2-dev \ - libicu-dev \ libfreetype6-dev \ + libgmp3-dev \ + libicu-dev \ libjpeg62-turbo-dev \ libpng-dev \ - libgmp3-dev \ - && \ + libxml2 \ + libxml2-dev \ + && \ rm -rf /var/lib/apt/lists/* /var/cache/apt # Install the PHP 7.2 extensions we need @@ -46,14 +46,14 @@ RUN pecl install xdebug-3.1.6 # don't autoremove, becasue that will remove libraries needed for the custom-built php extensions RUN \ apt-get -y purge \ - libxml2-dev \ - libicu-dev \ + icu-devtools \ libfreetype6-dev \ - libjpeg62-turbo-dev \ - libpng-dev \ libgmp-dev \ libgmp3-dev \ - icu-devtools \ + libicu-dev \ + libjpeg62-turbo-dev \ + libpng-dev \ + libxml2-dev \ zlib1g-dev \ && \ rm -rf /var/lib/apt/lists/* /var/cache/apt @@ -69,8 +69,7 @@ COPY ./conf/openconext.conf ./conf/security.conf /etc/apache2/conf-enabled/ COPY ./conf/php.ini ./conf/php-cli.ini /usr/local/etc/php/ # Copy the startup script -COPY ./bin/entrypoint.sh /entrypoint.sh -RUN chmod +x /entrypoint.sh +COPY --chmod=755 ./bin/entrypoint.sh /entrypoint.sh # Set the default workdir WORKDIR /var/www/html diff --git a/php82-apache2-node20-composer2/Dockerfile b/php82-apache2-node20-composer2/Dockerfile index cd70c86..a757962 100644 --- a/php82-apache2-node20-composer2/Dockerfile +++ b/php82-apache2-node20-composer2/Dockerfile @@ -6,15 +6,22 @@ COPY --from=node:20-slim /opt /opt COPY --from=node:20-slim /usr/local/lib/node_modules /usr/local/lib/node_modules ENV DEBIAN_FRONTEND=noninteractive -RUN apt update && \ - apt -y install git unzip zip vim &&\ - rm -rf /var/cache/apt /var/lib/apt/lists/* +RUN \ + apt-get update && \ + apt-get -y install \ + git \ + unzip \ + vim \ + zip \ + && \ + rm -rf /var/lib/apt/lists/* /var/cache/apt +RUN npm install -g yarn --force # enable xdebug RUN docker-php-ext-enable xdebug COPY ./conf/xdebug.ini /usr/local/etc/php/conf.d/docker-php-ext-xdebug.ini RUN mkdir -p /var/www/html/public -RUN rm -rf /etc/apache2/sites-enabled/* +RUN rm -rf /etc/apache2/sites-enabled/* COPY ./conf/appconf.conf /etc/apache2/sites-enabled/ diff --git a/php82-apache2/Dockerfile b/php82-apache2/Dockerfile index bf136d7..f3bba7e 100644 --- a/php82-apache2/Dockerfile +++ b/php82-apache2/Dockerfile @@ -4,22 +4,24 @@ ENV PHP_MEMORY_LIMIT=128M ENV TZ=Europe/Amsterdam ENV DEBIAN_FRONTEND=noninteractive +# Copy the Composer PHAR from the Composer image into the PHP image +COPY --from=composer:1.9.3 --chmod=755 /usr/bin/composer /usr/bin/composer + # Install the packages we need RUN \ apt-get update && \ apt-get install -y \ curl \ - libxml2 \ - libxml2-dev \ - libicu-dev \ libfreetype6-dev \ + libgmp3-dev \ + libicu-dev \ libjpeg62-turbo-dev \ libpng-dev \ - libgmp3-dev \ + libxml2 \ + libxml2-dev \ && \ rm -rf /var/lib/apt/lists/* /var/cache/apt - # Install the PHP 8.2 extensions we need RUN docker-php-ext-install -j$(nproc) pdo_mysql RUN docker-php-ext-install -j$(nproc) opcache @@ -36,14 +38,14 @@ RUN pecl install xdebug # don't autoremove, becasue that will remove libraries needed for the custom-built php extensions RUN \ apt-get -y purge \ - libxml2-dev \ - libicu-dev \ + icu-devtools \ libfreetype6-dev \ - libjpeg62-turbo-dev \ - libpng-dev \ libgmp-dev \ libgmp3-dev \ - icu-devtools \ + libicu-dev \ + libjpeg62-turbo-dev \ + libpng-dev \ + libxml2-dev \ zlib1g-dev \ && \ rm -rf /var/lib/apt/lists/* /var/cache/apt @@ -59,8 +61,7 @@ COPY ./conf/openconext.conf ./conf/security.conf /etc/apache2/conf-enabled/ COPY ./conf/php.ini ./conf/php-cli.ini /usr/local/etc/php/ # Copy the startup script -COPY ./bin/entrypoint.sh /entrypoint.sh -RUN chmod +x /entrypoint.sh +COPY --chmod=755 ./bin/entrypoint.sh /entrypoint.sh # Set the default workdir WORKDIR /var/www/html