chore: update to latest OLS version

[ma-04]

Summary by CodeRabbit

• Updates
  • Updated OpenLiteSpeed to version 1.9.0 in Docker builds.

[coderabbitai]

Walkthrough

This PR updates the OpenLiteSpeed version used in the Docker image by bumping the default OLS_VERSION build argument from 1.8.5 to 1.9.0. This changes the OpenLiteSpeed package archive version downloaded during the container build process.

Changes

OpenLiteSpeed Version Update

Layer / File(s)	Summary
OpenLiteSpeed version bump openlitespeed/Dockerfile	The OLS_VERSION build argument default is updated from 1.8.5 to 1.9.0, controlling the OpenLiteSpeed package archive version downloaded and installed during image builds.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Possibly related PRs

• flywp/dockerfiles#21: Prior PR that modified the same OLS_VERSION build argument in openlitespeed/Dockerfile
• flywp/dockerfiles#26: Earlier version bump PR that updated OLS_VERSION from 1.8.4 to 1.8.5

Poem

🐰 A version hops forward with grace and delight,
From 1.8.5 to 1.9.0 tonight!
The OpenLite burns ever brighter and new,
Container builds fresher with every bold move.
Simple, yet steady—a rabbit's true sprint! 🚀

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main change: updating the OpenLiteSpeed version from 1.8.5 to 1.9.0 in the Dockerfile.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

🧹 Nitpick comments (1)

openlitespeed/Dockerfile (1)

7-7: ⚡ Quick win

Add checksum validation for the OpenLiteSpeed tarball.

The current Dockerfile downloads an external tarball without verifying its integrity. Since the version is parameterized and will be updated in future bumps, add a checksum ARG and validate the archive before extraction to prevent supply-chain risks.

Suggested implementation

 ARG LSPHP=lsphp82
 ARG OLS_VERSION=1.9.0
+ARG OLS_SHA256
 ARG DEBIAN_FRONTEND=noninteractive
 ARG TARGETPLATFORM
@@
-    && wget "https://openlitespeed.org/packages/openlitespeed-$OLS_VERSION-$ARCH-linux.tgz" \
+    && wget "https://openlitespeed.org/packages/openlitespeed-$OLS_VERSION-$ARCH-linux.tgz" \
+    && echo "${OLS_SHA256}  openlitespeed-$OLS_VERSION-$ARCH-linux.tgz" | sha256sum -c - \
     && tar xzf openlitespeed-$OLS_VERSION-$ARCH-linux.tgz \

Both release artifacts for version 1.9.0 are available for x86_64 and aarch64 architectures, so this approach is compatible with your multi-arch build strategy.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@openlitespeed/Dockerfile` at line 7, The Dockerfile currently uses the
build-time ARG OLS_VERSION without any checksum validation for the downloaded
OpenLiteSpeed tarball; add a new ARG (e.g., OLS_SHA256) and modify the
download/extract steps to verify the archive's SHA256 against that ARG before
extraction—fail the build if the checksum does not match—so update the
Dockerfile's tarball download block (the lines that reference ARG OLS_VERSION
and perform curl/wget and tar -xzf) to perform a sha256sum (or similar) check
using the new ARG prior to tar.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Nitpick comments:
In `@openlitespeed/Dockerfile`:
- Line 7: The Dockerfile currently uses the build-time ARG OLS_VERSION without
any checksum validation for the downloaded OpenLiteSpeed tarball; add a new ARG
(e.g., OLS_SHA256) and modify the download/extract steps to verify the archive's
SHA256 against that ARG before extraction—fail the build if the checksum does
not match—so update the Dockerfile's tarball download block (the lines that
reference ARG OLS_VERSION and perform curl/wget and tar -xzf) to perform a
sha256sum (or similar) check using the new ARG prior to tar.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: ffdedf90-68db-4cd0-823c-1543b42ec85c

📥 Commits

Reviewing files that changed from the base of the PR and between 942d474 and 13a0b7c.

📒 Files selected for processing (1)

• openlitespeed/Dockerfile

[ma-04]

Resolves #33