From bc252b259a3cce1d3ad37bc6151093766cf9a73b Mon Sep 17 00:00:00 2001
From: Cody Maffucci <46459665+Maffooch@users.noreply.github.com>
Date: Wed, 25 Mar 2026 14:12:29 -0600
Subject: [PATCH 1/3] Standardize CI tests on Debian AMD64 and document
 supported image variants

Reduce CI matrix to only build and test the Debian AMD64 Django image,
which is the officially supported configuration. Alpine and ARM64 images
are still built for release but are no longer tested in CI.

- Add Docker Image Variants section to installation docs
- Remove ARM64 from build and REST framework test matrices
- Exclude django-alpine from test build workflow
- Switch performance tests from alpine to debian
- Remove alpine from integration and REST framework OS matrices

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 .../workflows/build-docker-images-for-testing.yml |  2 ++
 .github/workflows/integration-tests.yml           |  2 +-
 .github/workflows/performance-tests.yml           |  6 +++---
 .github/workflows/rest-framework-tests.yml        |  2 +-
 .github/workflows/unit-tests.yml                  |  9 ++-------
 .../get_started/open_source/installation.md       | 15 +++++++++++++++
 6 files changed, 24 insertions(+), 12 deletions(-)

diff --git a/.github/workflows/build-docker-images-for-testing.yml b/.github/workflows/build-docker-images-for-testing.yml
index d6deb628636..fb687836676 100644
--- a/.github/workflows/build-docker-images-for-testing.yml
+++ b/.github/workflows/build-docker-images-for-testing.yml
@@ -24,6 +24,8 @@ jobs:
         os: [alpine, debian]
         platform: ["${{ inputs.platform }}"]
         exclude:
+            - docker-image: django
+              os: alpine
             - docker-image: nginx
               os: debian
             - docker-image: integration-tests
diff --git a/.github/workflows/integration-tests.yml b/.github/workflows/integration-tests.yml
index c845276d119..ebfd09cdf72 100644
--- a/.github/workflows/integration-tests.yml
+++ b/.github/workflows/integration-tests.yml
@@ -76,7 +76,7 @@ jobs:
           # "tests/import_scanner_test.py",
           # "tests/zap.py",
         ]
-        os: [alpine, debian]
+        os: [debian]
         v3_feature_locations: [true, false]
         exclude:
           # standalone create endpoint page is gone in v3
diff --git a/.github/workflows/performance-tests.yml b/.github/workflows/performance-tests.yml
index 2397d82dd77..1b14ba08a66 100644
--- a/.github/workflows/performance-tests.yml
+++ b/.github/workflows/performance-tests.yml
@@ -23,13 +23,13 @@ jobs:
         uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 # v8.0.0
         with:
           path: built-docker-image
-          pattern: built-docker-image-django-alpine-linux-amd64
+          pattern: built-docker-image-django-debian-linux-amd64
           merge-multiple: true
 
       - name: Load docker images
         timeout-minutes: 10
         run: |
-          docker load -i built-docker-image/django-alpine-linux-amd64_img
+          docker load -i built-docker-image/django-debian-linux-amd64_img
           docker images
 
       - name: Set unit-test mode
@@ -45,7 +45,7 @@ jobs:
             -f docker/docker-compose.override.performance_tests_cicd.yml \
             up -d --no-deps uwsgi
         env:
-          DJANGO_VERSION: alpine
+          DJANGO_VERSION: debian
 
       - name: Run performance tests (auto-update counts)
         timeout-minutes: 15
diff --git a/.github/workflows/rest-framework-tests.yml b/.github/workflows/rest-framework-tests.yml
index 0065cc6675f..f13ec06b4f1 100644
--- a/.github/workflows/rest-framework-tests.yml
+++ b/.github/workflows/rest-framework-tests.yml
@@ -16,7 +16,7 @@ jobs:
     runs-on: ${{ inputs.platform ==  'linux/arm64' && 'ubuntu-24.04-arm' || 'ubuntu-latest' }}
     strategy:
       matrix:
-        os: [alpine, debian]
+        os: [debian]
 
     steps:
       # Replace slashes so we can use this in filenames
diff --git a/.github/workflows/unit-tests.yml b/.github/workflows/unit-tests.yml
index e2734c6f6f5..542fb2f7979 100644
--- a/.github/workflows/unit-tests.yml
+++ b/.github/workflows/unit-tests.yml
@@ -12,14 +12,10 @@ on:
 
 jobs:
   build-docker-containers:
-    strategy:
-        matrix:
-          platform: ['linux/amd64', 'linux/arm64']
-        fail-fast: false
     uses: ./.github/workflows/build-docker-images-for-testing.yml
     secrets: inherit
     with:
-      platform: ${{ matrix.platform }}
+      platform: linux/amd64
 
   test-performance:
     needs: build-docker-containers
@@ -29,14 +25,13 @@ jobs:
   test-rest-framework:
     strategy:
       matrix:
-        platform: ['linux/amd64', 'linux/arm64']
         v3_feature_locations: [ false, true ]
       fail-fast: false
     needs: build-docker-containers
     uses: ./.github/workflows/rest-framework-tests.yml
     secrets: inherit
     with:
-      platform: ${{ matrix.platform }}
+      platform: linux/amd64
       v3_feature_locations: ${{ matrix.v3_feature_locations }}
 
   # only run integration tests for linux/amd64 (default)
diff --git a/docs/content/get_started/open_source/installation.md b/docs/content/get_started/open_source/installation.md
index 0515e41419b..0e96aa3229a 100644
--- a/docs/content/get_started/open_source/installation.md
+++ b/docs/content/get_started/open_source/installation.md
@@ -18,6 +18,21 @@ See instructions in [DOCKER.md](<https://github.com/DefectDojo/django-DefectDojo
 
 [SaaS link](https://defectdojo.com/platform)
 
+---
+## **Docker Image Variants**
+---
+
+DefectDojo publishes Docker images in multiple variants:
+
+| | AMD64 | ARM64 |
+|---|---|---|
+| **Debian** | Supported | Community |
+| **Alpine** | Community | Community |
+
+**Debian on AMD64** is the officially supported and tested configuration. All CI tests (unit, integration, and performance) run exclusively against this combination.
+
+The other variants (Alpine, ARM64) are built and published but are not covered by automated testing. Use them at your own risk.
+
 ---
 ## **Options for the brave (not officially supported)**
 ---

From 79e9dad5026a58cea4e7757808dc379a78b7b4c6 Mon Sep 17 00:00:00 2001
From: Cody Maffucci <46459665+Maffooch@users.noreply.github.com>
Date: Wed, 25 Mar 2026 15:04:52 -0600
Subject: [PATCH 2/3] Restore ARM64 builds and unit tests, keep integration
 tests AMD64-only

ARM64 should still be built and unit tested in CI. Only integration,
performance, and k8s tests are restricted to AMD64. Update the
installation docs to reflect the three support tiers.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 .github/workflows/unit-tests.yml                     |  9 +++++++--
 docs/content/get_started/open_source/installation.md | 10 ++++++----
 2 files changed, 13 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/unit-tests.yml b/.github/workflows/unit-tests.yml
index 542fb2f7979..e2734c6f6f5 100644
--- a/.github/workflows/unit-tests.yml
+++ b/.github/workflows/unit-tests.yml
@@ -12,10 +12,14 @@ on:
 
 jobs:
   build-docker-containers:
+    strategy:
+        matrix:
+          platform: ['linux/amd64', 'linux/arm64']
+        fail-fast: false
     uses: ./.github/workflows/build-docker-images-for-testing.yml
     secrets: inherit
     with:
-      platform: linux/amd64
+      platform: ${{ matrix.platform }}
 
   test-performance:
     needs: build-docker-containers
@@ -25,13 +29,14 @@ jobs:
   test-rest-framework:
     strategy:
       matrix:
+        platform: ['linux/amd64', 'linux/arm64']
         v3_feature_locations: [ false, true ]
       fail-fast: false
     needs: build-docker-containers
     uses: ./.github/workflows/rest-framework-tests.yml
     secrets: inherit
     with:
-      platform: linux/amd64
+      platform: ${{ matrix.platform }}
       v3_feature_locations: ${{ matrix.v3_feature_locations }}
 
   # only run integration tests for linux/amd64 (default)
diff --git a/docs/content/get_started/open_source/installation.md b/docs/content/get_started/open_source/installation.md
index 0e96aa3229a..8e44b92d74c 100644
--- a/docs/content/get_started/open_source/installation.md
+++ b/docs/content/get_started/open_source/installation.md
@@ -26,12 +26,14 @@ DefectDojo publishes Docker images in multiple variants:
 
 | | AMD64 | ARM64 |
 |---|---|---|
-| **Debian** | Supported | Community |
-| **Alpine** | Community | Community |
+| **Debian** | ✅ Supported | ⚠️ Unit tested |
+| **Alpine** | ⚠️ Community | ⚠️ Community |
 
-**Debian on AMD64** is the officially supported and tested configuration. All CI tests (unit, integration, and performance) run exclusively against this combination.
+**Debian on AMD64** is the officially supported and tested configuration. All CI tests (unit, integration, and performance) run against this combination.
 
-The other variants (Alpine, ARM64) are built and published but are not covered by automated testing. Use them at your own risk.
+**Debian on ARM64** is built and covered by unit tests in CI, but integration and performance tests are not run against it.
+
+The **Alpine** variants are built and published but are not covered by any automated testing. Use them at your own risk.
 
 ---
 ## **Options for the brave (not officially supported)**

From 9fc71160b3f29f2efdd7031c3b33a233b44fd102 Mon Sep 17 00:00:00 2001
From: Cody Maffucci <46459665+Maffooch@users.noreply.github.com>
Date: Thu, 26 Mar 2026 13:03:26 -0600
Subject: [PATCH 3/3] Update
 .github/workflows/build-docker-images-for-testing.yml

Co-authored-by: valentijnscholten <valentijnscholten@gmail.com>
---
 .github/workflows/build-docker-images-for-testing.yml | 2 --
 1 file changed, 2 deletions(-)

diff --git a/.github/workflows/build-docker-images-for-testing.yml b/.github/workflows/build-docker-images-for-testing.yml
index fb687836676..d6deb628636 100644
--- a/.github/workflows/build-docker-images-for-testing.yml
+++ b/.github/workflows/build-docker-images-for-testing.yml
@@ -24,8 +24,6 @@ jobs:
         os: [alpine, debian]
         platform: ["${{ inputs.platform }}"]
         exclude:
-            - docker-image: django
-              os: alpine
             - docker-image: nginx
               os: debian
             - docker-image: integration-tests