From 32e5303b144a599aeb8b1720da3b536054f2e0fa Mon Sep 17 00:00:00 2001 From: Nick Schuch Date: Mon, 12 Jan 2026 14:53:29 +1000 Subject: [PATCH 1/9] Fix stable name --- .github/workflows/build-push-stable.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-push-stable.yml b/.github/workflows/build-push-stable.yml index f6dfe18..b4bcdfa 100644 --- a/.github/workflows/build-push-stable.yml +++ b/.github/workflows/build-push-stable.yml @@ -1,4 +1,4 @@ -name: 🏗️ Build and Push Latest +name: 🏗️ Build and Push Stable on: push: From 148194ac0eb1dfc399b6e689540d656b0ac50d1e Mon Sep 17 00:00:00 2001 From: Nick Schuch Date: Tue, 13 Jan 2026 11:33:45 +1000 Subject: [PATCH 2/9] Revert "Update skpr.rsa.pub location" This reverts commit 2514049b6d89b0923c0a284cd4e9e8913bc0b532. --- base/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/base/Dockerfile b/base/Dockerfile index 03a51e6..d69d229 100644 --- a/base/Dockerfile +++ b/base/Dockerfile @@ -25,7 +25,7 @@ RUN mkdir /data && \ WORKDIR /data RUN apk add --no-cache curl && \ - curl -sSL "https://packages.skpr.io/php-alpine/${ALPINE_VERSION}/php${PHP_VERSION}/skpr-${TARGETARCH}.rsa.pub" -o /etc/apk/keys/skpr.rsa.pub && \ + curl -sSL https://packages.skpr.io/php-alpine/skpr.rsa.pub -o /etc/apk/keys/skpr.rsa.pub && \ echo "https://packages.skpr.io/php-alpine/${ALPINE_VERSION}/php${PHP_VERSION}" >> /etc/apk/repositories RUN apk --update --no-cache add \ From d795bc65168fbe58061754cde35d8d738ec3f997 Mon Sep 17 00:00:00 2001 From: Nick Schuch Date: Tue, 13 Jan 2026 11:48:28 +1000 Subject: [PATCH 3/9] Don't cache --- .github/workflows/build-pr.yml | 6 ++++++ .github/workflows/build-push.yml | 5 +++++ 2 files changed, 11 insertions(+) diff --git a/.github/workflows/build-pr.yml b/.github/workflows/build-pr.yml index 0f054d6..36b7035 100644 --- a/.github/workflows/build-pr.yml +++ b/.github/workflows/build-pr.yml @@ -27,3 +27,9 @@ jobs: env: PHP_VERSION: ${{ matrix.php }} STREAM: ${{ env.stream }} + with: + set: | + *.no-cache=true + *.pull=true + *.cache-from= + *.cache-to= diff --git a/.github/workflows/build-push.yml b/.github/workflows/build-push.yml index 4898a5b..c40a383 100644 --- a/.github/workflows/build-push.yml +++ b/.github/workflows/build-push.yml @@ -69,3 +69,8 @@ jobs: STREAM: ${{ inputs.stream }} with: push: ${{ inputs.push }} + set: | + *.no-cache=true + *.pull=true + *.cache-from= + *.cache-to= From aac443195956458ad28b032cc7d078de000f5a67 Mon Sep 17 00:00:00 2001 From: Nick Schuch Date: Thu, 15 Jan 2026 19:30:34 +1000 Subject: [PATCH 4/9] Bump skprmail to v1.0.2 (#111) --- base/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/base/Dockerfile b/base/Dockerfile index d69d229..db2bb2f 100644 --- a/base/Dockerfile +++ b/base/Dockerfile @@ -75,7 +75,7 @@ RUN if [ "${PHP_VERSION}" != "8.5" ]; then \ apk add --no-cache php${PHP_VERSION}-opcache; \ fi -RUN export SKPRMAIL_VERSION=1.0.1 && \ +RUN export SKPRMAIL_VERSION=1.0.2 && \ curl -sSL https://github.com/skpr/mail/releases/download/v${SKPRMAIL_VERSION}/skprmail_${SKPRMAIL_VERSION}_linux_${TARGETARCH} -o /usr/local/bin/skprmail && \ chmod +rx /usr/local/bin/skprmail From dbb0d913865f1f855864d3ed3a0c6a78f9dc73d9 Mon Sep 17 00:00:00 2001 From: Nick Schuch Date: Tue, 20 Jan 2026 14:24:16 +1000 Subject: [PATCH 5/9] Bake source (#112) * Use cache again * Update source on Docker Bake to be local --- .github/workflows/build-pr.yml | 6 +----- .github/workflows/build-push.yml | 7 ++----- 2 files changed, 3 insertions(+), 10 deletions(-) diff --git a/.github/workflows/build-pr.yml b/.github/workflows/build-pr.yml index 36b7035..a249ce8 100644 --- a/.github/workflows/build-pr.yml +++ b/.github/workflows/build-pr.yml @@ -28,8 +28,4 @@ jobs: PHP_VERSION: ${{ matrix.php }} STREAM: ${{ env.stream }} with: - set: | - *.no-cache=true - *.pull=true - *.cache-from= - *.cache-to= + source: . diff --git a/.github/workflows/build-push.yml b/.github/workflows/build-push.yml index c40a383..f99a5e0 100644 --- a/.github/workflows/build-push.yml +++ b/.github/workflows/build-push.yml @@ -45,6 +45,7 @@ jobs: uses: actions/checkout@v6 with: ref: ${{ inputs.branch }} + fetch-depth: 0 - name: 🔑 Login to Docker Hub uses: docker/login-action@v3 @@ -68,9 +69,5 @@ jobs: PHP_VERSION: ${{ matrix.php }} STREAM: ${{ inputs.stream }} with: + source: . push: ${{ inputs.push }} - set: | - *.no-cache=true - *.pull=true - *.cache-from= - *.cache-to= From 54962ca871359a90efa372485d354d2a1201e0aa Mon Sep 17 00:00:00 2001 From: Nick Schuch Date: Thu, 19 Feb 2026 11:43:33 +1000 Subject: [PATCH 6/9] Bump skprmail to v1.0.3 (#113) --- base/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/base/Dockerfile b/base/Dockerfile index db2bb2f..4ae8948 100644 --- a/base/Dockerfile +++ b/base/Dockerfile @@ -75,7 +75,7 @@ RUN if [ "${PHP_VERSION}" != "8.5" ]; then \ apk add --no-cache php${PHP_VERSION}-opcache; \ fi -RUN export SKPRMAIL_VERSION=1.0.2 && \ +RUN export SKPRMAIL_VERSION=1.0.3 && \ curl -sSL https://github.com/skpr/mail/releases/download/v${SKPRMAIL_VERSION}/skprmail_${SKPRMAIL_VERSION}_linux_${TARGETARCH} -o /usr/local/bin/skprmail && \ chmod +rx /usr/local/bin/skprmail From e3c222208bf1332d92c7e2fdc313904851c6e7d9 Mon Sep 17 00:00:00 2001 From: Nick Schuch Date: Thu, 5 Mar 2026 17:32:06 +1000 Subject: [PATCH 7/9] feat: Compass PHP extension package (#114) * feat: Compass PHP extension package * Adds a test --- base/Dockerfile | 6 ------ fpm/Dockerfile | 4 ++++ fpm/goss.yml | 6 ++++++ 3 files changed, 10 insertions(+), 6 deletions(-) diff --git a/base/Dockerfile b/base/Dockerfile index 4ae8948..646db4a 100644 --- a/base/Dockerfile +++ b/base/Dockerfile @@ -2,7 +2,6 @@ ARG ALPINE_VERSION=3.21 ARG PHP_VERSION=8.0 FROM docker.io/skpr/docconv:alpine${ALPINE_VERSION} AS docconv -FROM ghcr.io/skpr/compass-extension:v1.10.0-php${PHP_VERSION} AS compass FROM from_image AS base @@ -79,11 +78,6 @@ RUN export SKPRMAIL_VERSION=1.0.3 && \ curl -sSL https://github.com/skpr/mail/releases/download/v${SKPRMAIL_VERSION}/skprmail_${SKPRMAIL_VERSION}_linux_${TARGETARCH} -o /usr/local/bin/skprmail && \ chmod +rx /usr/local/bin/skprmail -# https://github.com/skpr/compass -ENV COMPASS_ENABLED=false -COPY --from=compass /etc/php/conf.d/00_compass.ini /etc/php/conf.d/00_compass.ini -COPY --from=compass /usr/lib/php/modules/compass.so /usr/lib/php/modules/compass.so - # Built using an updated build approach in this fork: https://github.com/skpr/docconv COPY --from=docconv /usr/local/bin/docconv /usr/local/bin/docconv diff --git a/fpm/Dockerfile b/fpm/Dockerfile index ca29f76..cea37c4 100644 --- a/fpm/Dockerfile +++ b/fpm/Dockerfile @@ -2,6 +2,7 @@ FROM from_image AS base ARG PHP_VERSION=8.0 RUN apk --update --no-cache add \ + php${PHP_VERSION}-compass \ php${PHP_VERSION}-fpm COPY conf.d/50_fpm.ini /etc/php/conf.d/50_fpm.ini @@ -33,6 +34,9 @@ COPY --from=ghcr.io/goss-org/goss:latest /usr/bin/goss /usr/bin/goss ADD goss.yml /tmp/goss.yml RUN goss --gossfile /tmp/goss.yml validate +ENV COMPASS_ENABLED=false +ENV COMPASS_FUNCTION_THRESHOLD=1000000 + # The final stage which is used to run the image. FROM base AS run CMD ["php-fpm", "-F"] diff --git a/fpm/goss.yml b/fpm/goss.yml index bc8f64e..d8d6863 100644 --- a/fpm/goss.yml +++ b/fpm/goss.yml @@ -5,3 +5,9 @@ command: stdout: not: contain-substring: "WARNING" + + check-php-compass-extension: + exec: "php -m | grep -i compass" + exit-status: 0 + stdout: + contain-substring: "compass" From 4ecbd51a60daccaa7684acb9d1cc2e2bf1399c21 Mon Sep 17 00:00:00 2001 From: Nathan ter Bogt Date: Wed, 25 Mar 2026 17:04:57 +1300 Subject: [PATCH 8/9] Adding cloudfront ingress headers to logging. (#115) --- fpm/php-fpm.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fpm/php-fpm.conf b/fpm/php-fpm.conf index 39c402a..2ed2f31 100644 --- a/fpm/php-fpm.conf +++ b/fpm/php-fpm.conf @@ -19,7 +19,7 @@ pm.status_path = /status ping.path = /readyz ping.response = 'Ready!' -access.format='{ "timestamp": "%{%Y-%m-%dT%H:%M:%S%z}T", "skpr_component": "fpm", "client_ip": "%{HTTP_X_FORWARDED_FOR}e", "remote_addr": "%R", "remote_user": "%u", "request_uri": "%{REQUEST_URI}e", "status": "%s", "body_bytes_sent": "%l", "request_time": "%d", "http_referrer": "%{HTTP_REFERER}e", "http_user_agent": "%{HTTP_USER_AGENT}e", "request_id": "%{HTTP_X_REQUEST_ID}e", "cpu": "%C", "memory": "%M", "headers": { "Cache-Control": "%{Cache-Control}o"} }' +access.format='{ "timestamp": "%{%Y-%m-%dT%H:%M:%S%z}T", "skpr_component": "fpm", "client_ip": "%{HTTP_X_FORWARDED_FOR}e", "remote_addr": "%R", "remote_user": "%u", "request_uri": "%{REQUEST_URI}e", "status": "%s", "body_bytes_sent": "%l", "request_time": "%d", "http_referrer": "%{HTTP_REFERER}e", "http_user_agent": "%{HTTP_USER_AGENT}e", "request_id": "%{HTTP_X_REQUEST_ID}e", "cpu": "%C", "memory": "%M", "headers": { "Cache-Control": "%{Cache-Control}o" }, "cloudfront": { "CloudFront-Viewer-Address": "%{HTTP_CLOUDFRONT_VIEWER_ADDRESS}e", "CloudFront-Viewer-JA4-Fingerprint": "%{HTTP_CLOUDFRONT_VIEWER_JA4_FINGERPRINT}e" } }' access.log = /proc/self/fd/2 clear_env = no From d413276c26272ad29518a1c529c8f92589ddf7ee Mon Sep 17 00:00:00 2001 From: Nathan ter Bogt Date: Mon, 30 Mar 2026 11:16:11 +1300 Subject: [PATCH 9/9] Releases (#117) * Revert to Alpine 3.20 * Fix Alpine version * Revert "Update skpr.rsa.pub location" This reverts commit 2514049b6d89b0923c0a284cd4e9e8913bc0b532. * Don't cache * Bake source (#112) * Use cache again * Update source on Docker Bake to be local --------- Co-authored-by: Nick Schuch --- base/Dockerfile | 4 ++-- cli/Dockerfile | 2 +- docker-bake.hcl | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/base/Dockerfile b/base/Dockerfile index 646db4a..b15eaf6 100644 --- a/base/Dockerfile +++ b/base/Dockerfile @@ -1,4 +1,4 @@ -ARG ALPINE_VERSION=3.21 +ARG ALPINE_VERSION=3.20 ARG PHP_VERSION=8.0 FROM docker.io/skpr/docconv:alpine${ALPINE_VERSION} AS docconv @@ -6,7 +6,7 @@ FROM docker.io/skpr/docconv:alpine${ALPINE_VERSION} AS docconv FROM from_image AS base ARG TARGETARCH -ARG ALPINE_VERSION=3.21 +ARG ALPINE_VERSION=3.20 ARG PHP_VERSION=8.0 ENV ALPINE_VERSION=${ALPINE_VERSION} diff --git a/cli/Dockerfile b/cli/Dockerfile index abe3c0c..a4b6712 100644 --- a/cli/Dockerfile +++ b/cli/Dockerfile @@ -1,4 +1,4 @@ -ARG ALPINE_VERSION=3.21 +ARG ALPINE_VERSION=3.20 FROM alpine:${ALPINE_VERSION} AS redis-cli diff --git a/docker-bake.hcl b/docker-bake.hcl index 390bbec..24fc180 100644 --- a/docker-bake.hcl +++ b/docker-bake.hcl @@ -3,7 +3,7 @@ variable "PHP_VERSION" { } variable "ALPINE_VERSION" { - default = "3.21" + default = "3.20" } variable "STREAM" {