Support more modern PHP versions out of the box.

Question

Support more modern PHP versions out of the box.

Closed this issue 3 years ago · 7 comments

This will probably require some extra channels and what not, ( e.g. using this PPA on Ubuntu for 7.2 ). But I think it's worth it.

Answer 1 · 2020-06-16T16:29:53.000Z

With Ubuntu 18.04 & 20.04, the default versions of PHP that are installed are 7.2, and 7.4, respectively, which may make this issue moot.

Thoughts, @damacus?

Answer 2 · 2020-06-20T14:34:18.000Z

That solves it for Ubuntu but not rhel/centos/debian. It's nice that we get those out of the box. Also ideally we would be able to install 7.4 on 18.04

Answer 3 · 2020-06-20T15:47:45.000Z

@damacus certainly we could use a PPA to give 18.04 the ability to install more modern versions.

For the time being, my effort is to get this cookbook to support all the current supported OS versions, and whatever PHP version they include as their default packaging.

I think providing for using a PPA is something we can consider in a larger refactor to convert this cookbook to use resources instead of recipes + attributes.

RHEL/CentOS/Debian are certainly their own kettle of fish, and we should at least support those (and probably Amazon Linux 2). Might be helpful to drop the other distros to focus our efforts?

Answer 4 · 2020-06-30T17:00:43.000Z

@damacus, things are fixed up nicely now, and you can install a newer version by building from source, at least. Do you think that‘s enough? I’m wary of trying to add PPA support.

Answer 5 · 2021-02-10T21:46:53.000Z

I’m wary of trying to add PPA support.

@jeffbyrnes I believe I understand this point, but as a sysadmin with lots of PHP systems to build and give support to while being compliant with strict security policies, I have to say that compiling from source is not always an option, especially for production systems, since having a compilation toolkit in production may rise some alarms and I believe it is not considered a good practice in terms of security, or so I've read in some CIS hardening benchmarks.

Now, this doesn't mean I'm a fan of using unofficial repositories like the Ondřej Surý one, but having to chose between compiling in production and this... I'd pick the unofficial-yet-famous repository.

Hope I brought a different angle to this discussion 😄

Answer 6 · 2021-02-10T23:38:57.000Z

@axl89 very good points all around, you’ve convinced me.

And we can always refactor & change it up if something arises that makes it easier to avoid the PPA (or it becomes clearly unsafe).

Answer 7 · 2021-02-21T21:24:41.000Z

Looks like for RHEL family distros, we can use the REMI repository.