php-docker-images-for-ci
php-docker-images-for-ci copied to clipboard
A repository with a set of Docker files created from official PHP images with some CI tools.
php-docker-images-for-ci
Table of Contents
- Introduction
- List of PHP Images
- List of Alpine Based PHP Images
-
List of CI Tools
- PHP Code Sniffer
- PHP Copy/Paste Detector (PHPCPD)
- PHP Dead Code Detector
- SensioLabs Security Checker
- PhpMetrics
- Psecio Parse
- PHP VarDump Check
- PHP Parallel Lint
- PHP Magic Number Detector (PHPMND)
- PHP Assumptions
- churn-php
- Fink
- PHPMD
- PHP_Testability
- composer-normalize
- infection
- Deptrac
- PHP Insights
- PHPStan
- Local PHP Security Checker
- Pint
- Custom Tools
- How to use images locally
- How to Use in Gitlab CI
- How to Use in CircleCI
- How To Contribute
- Code of Conduct
Introduction
A repository of Docker files to create images from official PHP images (from latest tag per PHP version) with some CI tools installed.
The tools that are installed by Composer are isolated by using different folder per tool and linked to /usr/local/bin
folder.
List of PHP Images
- umutphp/php-docker-images-for-ci:5.6 (PHP 5.6.6)
- umutphp/php-docker-images-for-ci:7.0 (PHP 7.0.33)
- umutphp/php-docker-images-for-ci:7.1 (PHP 7.1.33)
- umutphp/php-docker-images-for-ci:7.2 (PHP 7.2.34)
- umutphp/php-docker-images-for-ci:7.3 (PHP 7.3.29)
- umutphp/php-docker-images-for-ci:7.4 (PHP 7.4.21)
- umutphp/php-docker-images-for-ci:8.0 (PHP 8.0.8)
- umutphp/php-docker-images-for-ci:8.1 (PHP 8.1.0alpha2)
List of Alpine Based PHP Images
- umutphp/php-docker-images-for-ci:7.0-alpine (PHP 7.0.33)
- umutphp/php-docker-images-for-ci:7.1-alpine (PHP 7.1.33)
- umutphp/php-docker-images-for-ci:7.2-alpine (PHP 7.2.34)
- umutphp/php-docker-images-for-ci:7.3-alpine (PHP 7.3.29)
- umutphp/php-docker-images-for-ci:7.4-alpine (PHP 7.4.21)
- umutphp/php-docker-images-for-ci:8.0-alpine (PHP 8.0.8)
- umutphp/php-docker-images-for-ci:8.1-alpine (PHP 8.1.0alpha2-alpine)
List of CI Tools
PHP Code Sniffer
PHP_CodeSniffer tokenizes PHP, JavaScript and CSS files and detects violations of a defined set of coding standards. PHP_CodeSniffer comes with two PHP scripts; the main phpcs
script that tokenizes PHP, JavaScript and CSS files to detect violations of a defined coding standard, and a second phpcbf
script to automatically correct coding standard violations.
docker run -v /path/to/project:/app umutphp/php-docker-images-for-ci:7.1 phpcs /app
PHP Copy/Paste Detector (PHPCPD)
PHP Copy/Paste Detector (PHPCPD) is a Copy/Paste Detector (CPD) for PHP code. It checks all the files under the folder given as a parameter and determines the code blocks which are copied and pasted.
docker run -v /path/to/project:/app umutphp/php-docker-images-for-ci:7.1 phpcpd /app
PHP Dead Code Detector
PHP Dead Code Detector is a Dead Code Detector (DCD) for PHP code. It scans a PHP project for all declared functions and methods and reports those as being "dead code" that are not called at least once.
docker run -v /path/to/project:/app umutphp/php-docker-images-for-ci:7.1 phpdcd /app
SensioLabs Security Checker
Warning The tool is deprecated and you can use Local PHP Security Checker instead. Don't use this piece of software anymore as the underlying web service will stop working after the end of January 2021.
The SensioLabs Security Checker is a command line tool that checks if your application uses dependencies with known security vulnerabilities. It uses the Security Check Web service and the Security Advisories Database.
docker run -v /path/to/project:/app umutphp/php-docker-images-for-ci:7.1 security-checker security:check /app
PhpMetrics
PhpMetrics provides software metrics about PHP project and classes. It generates readable and accessible reports about maintainability, quality and complexity of a source code.
docker run -v /path/to/project:/app umutphp/php-docker-images-for-ci:7.1 phpmetrics /app
Psecio Parse
Psecio Parse scanner is a static scanning tool to review your PHP code for potential security-related issues. . It requires atleast PHP 7.0.
docker run -v /path/to/project:/app umutphp/php-docker-images-for-ci:7.1 psecio-parse scan /app
PHP VarDump Check
PHP VarDump Check is a PHP console application for finding forgotten variable dump lines. It supports PHP build in method print_r, var_dump and var_export methods and also methods from Tracy debugger, Ladybug, Symfony, Laravel, Doctrine and Zend Framework.
docker run -v /path/to/project:/app umutphp/php-docker-images-for-ci:7.1 var-dump-check /app
PHP Parallel Lint
PHP Parallel Lint checks syntax of PHP files faster than serial check with a fancier output. Running parallel jobs in PHP is inspired by Nette framework tests.
docker run -v /path/to/project:/app umutphp/php-docker-images-for-ci:7.1 parallel-lint /app
PHP Magic Number Detector (PHPMND)
PHP Magic Number Detector (PHPMND) is a tool that aims to help you to detect magic numbers in your PHP code. By default 0 and 1 are not considered to be magic numbers. This tool is incompatible with PHP 8.0.
docker run -v /path/to/project:/app umutphp/php-docker-images-for-ci:7.1 phpmnd /app
PHP Assumptions
PHP Assumptions is the result of a proof of concept inspired by the "From assumptions to assertions" blog post. It's a static code analysis tool doing checks for weak assumptions.
docker run -v /path/to/project:/app umutphp/php-docker-images-for-ci:7.1 phpa /app
churn-php
churn-php is a package that helps you identify php files in your project that could be good candidates for refactoring. It requires atleast PHP 7.1.
docker run -v /path/to/project:/app umutphp/php-docker-images-for-ci:7.1 churn run src /app
Fink
Fink (pronounced "Phpink") is a command line tool for checking HTTP links written in PHP. It requires atleast PHP 7.1.
docker run -v /path/to/project:/app umutphp/php-docker-images-for-ci:7.1 fink http://yoursite.domain
PHPMD
PHPMD is a spin-off project of PHP Depend and aims to be a PHP equivalent of the well known Java tool PMD. PHPMD can be seen as an user friendly frontend application for the raw metrics stream measured by PHP Depend.
docker run -v /path/to/project:/app umutphp/php-docker-images-for-ci:7.1 phpmd /app text codesize,unusedcode,naming
PHP_Testability
PHP_Testability analyses and produces a report with testability issues of a php codebase. It requires atleast PHP 7.0.
docker run -v /path/to/project:/app umutphp/php-docker-images-for-ci:7.1 testability /app -o report
composer-normalize
composer-normalize Provides a composer plugin for normalizing composer.json
. It requires atleast PHP 7.1.
docker run -v /path/to/project:/app umutphp/php-docker-images-for-ci:7.1 cd /app && composer normalize
infection
Infection is a PHP mutation testing framework based on AST (Abstract Syntax Tree) mutations. It works as a CLI tool and can be executed from your project’s root. It requires atleast PHP 7.1 and does not work with PHP 8.1.
docker run -v /path/to/project:/app umutphp/php-docker-images-for-ci:7.1 infection
Deptrac
Deptrac is a static code analysis tool that helps to enforce rules for dependencies between software layers in your PHP projects. It requires atleast PHP 7.1.
PHP Insights
PHP Insights was carefully crafted to simplify the analysis of your code directly from your terminal. It requires atleast PHP 7.2 and It is not supporting PHP 8.0 for now.
docker run -v /path/to/project:/app umutphp/php-docker-images-for-ci:7.3 phpinsights
PHPStan
PHPStan focuses on finding errors in your code without actually running it. It catches whole classes of bugs even before you write tests for the code. It requires atleast PHP 7.1.
docker run -v /path/to/project:/app umutphp/php-docker-images-for-ci:7.3 phpstan analyse
Local PHP Security Checker
The Local PHP Security Checker is a command line tool that checks if your PHP application depends on PHP packages with known security vulnerabilities. It uses the Security Advisories Database.
docker run -v /path/to/project:/app umutphp/php-docker-images-for-ci:7.3 local-php-security-checker --path=/app/composer.lock
Pint
Pint is an opinionated PHP code style fixer for minimalists. Pint is built on top of PHP-CS-Fixer and makes it simple to ensure that your code style stays clean and consistent. Pint requires atleast PHP 8.0.
docker run -v /path/to/project:/app umutphp/php-docker-images-for-ci:8.1 pint
Custom Tools
-
Gitignore Checker:
gitignore_checker
checks the .gitignore file under the directory that the command executed and finds if there are file or files both in the git ignore file and the repository. -
Git Merge Conflict Marker Checker:
merge_conflict_checker
checks all the files in the given folder (current folder is checked if not given) to find the forgotten merge conflict markers like "<<<<<<< HEAD".
How to use images locally
- A sample execution for PHP Code Sniffer;
docker run -v /path/to/project:/app umutphp/php-docker-images-for-ci:7.1 phpcs /app
- A sample execution for SensioLabs Security Checker;
docker run -v /path/to/project:/app umutphp/php-docker-images-for-ci:7.1 security-checker security:check /app/composer.lock
- A sample execution for Psecio Parse;
docker run -v /path/to/project:/app umutphp/php-docker-images-for-ci:7.1 /root/.composer/vendor/bin/psecio-parse scan /app
How to Use in Gitlab CI
You need to enable Docker executors on Gitlab CI. You can find sample job definitions for executing the tools on Gitlab CI pipeline for your repo.
A sample job definition for PHP Code Sniffer;
code_sniffer:
stage: stage_name
image: umutphp/php-docker-images-for-ci:7.1
script:
- cd /path/to/code/base
- phpcs
A sample job definition for SensioLabs Security Checker;
security_composer_checker:
stage: stage_name
image: umutphp/php-docker-images-for-ci:7.1
script:
- security-checker security:check /path/to/composer.lock
A sample job definition for Psecio Parse;
security_psecio_parse:
stage: stage_name
image: umutphp/php-docker-images-for-ci:7.1
script:
- psecio-parse scan /path/to/your/codebase/
How to Use in CircleCI
You can make some static code checks before bulding and testing your application on CircleCI.
# PHP CircleCI 2.0 configuration file
#
version: 2
jobs:
checks:
docker:
- image: umutphp/php-docker-images-for-ci:7.2
steps:
- checkout
- run:
name: Composer-normalize
no_output_timeout: 20m
command: composer normalize --dry-run
- run:
name: PHP-Lint
no_output_timeout: 20m
command: parallel-lint --exclude vendor .
- run:
name: Var-Dump-Check
no_output_timeout: 20m
command: var-dump-check .
- run:
name: Merge-Conflict-Checker
no_output_timeout: 20m
command: merge_conflict_checker .
workflows:
version: 2
build:
jobs:
- checks
How To Contribute
Please read the instructions in CONTRIBUTING.md file.
Code of Conduct
See CODE_OF_CONDUCT for information.