umutphp/php-docker-images-for-ci

A repository with a set of Docker files created from official PHP images with some CI tools.

php-docker-images-for-ci

Table of Contents

• Introduction
• List of PHP Images
• List of Alpine Based PHP Images
• List of CI Tools
  • PHP Code Sniffer
  • PHP Copy/Paste Detector (PHPCPD)
  • PHP Dead Code Detector
  • SensioLabs Security Checker
  • PhpMetrics
  • Psecio Parse
  • PHP VarDump Check
  • PHP Parallel Lint
  • PHP Magic Number Detector (PHPMND)
  • PHP Assumptions
  • churn-php
  • Fink
  • PHPMD
  • PHP_Testability
  • composer-normalize
  • infection
  • Deptrac
  • PHP Insights
  • PHPStan
  • Local PHP Security Checker
  • Pint
• Custom Tools
• How to use images locally
• How to Use in Gitlab CI
• How to Use in CircleCI
• How To Contribute
• Code of Conduct

Introduction

A repository of Docker files to create images from official PHP images (from latest tag per PHP version) with some CI tools installed.

The tools that are installed by Composer are isolated by using different folder per tool and linked to /usr/local/bin folder.

List of PHP Images

• umutphp/php-docker-images-for-ci:5.6 (PHP 5.6.6)
• umutphp/php-docker-images-for-ci:7.0 (PHP 7.0.33)
• umutphp/php-docker-images-for-ci:7.1 (PHP 7.1.33)
• umutphp/php-docker-images-for-ci:7.2 (PHP 7.2.34)
• umutphp/php-docker-images-for-ci:7.3 (PHP 7.3.33)
• umutphp/php-docker-images-for-ci:7.4 (PHP 7.4.33)
• umutphp/php-docker-images-for-ci:8.0 (PHP 8.0.28)
• umutphp/php-docker-images-for-ci:8.1 (PHP 8.1.18)
• umutphp/php-docker-images-for-ci:8.2 (PHP 8.2.5)
• umutphp/php-docker-images-for-ci:8.3 (PHP 8.3.0)

List of Alpine Based PHP Images

• umutphp/php-docker-images-for-ci:7.0-alpine (PHP 7.0.33)
• umutphp/php-docker-images-for-ci:7.1-alpine (PHP 7.1.33)
• umutphp/php-docker-images-for-ci:7.2-alpine (PHP 7.2.34)
• umutphp/php-docker-images-for-ci:7.3-alpine (PHP 7.3.33-alpine)
• umutphp/php-docker-images-for-ci:7.4-alpine (PHP 7.4.33-alpine)
• umutphp/php-docker-images-for-ci:8.0-alpine (PHP 8.0.28-apline)
• umutphp/php-docker-images-for-ci:8.1-alpine (PHP 8.1.18-alpine)
• umutphp/php-docker-images-for-ci:8.1-alpine (PHP 8.2.5-alpine)
• umutphp/php-docker-images-for-ci:8.3-alpine (PHP 8.3.0-alpine)

List of CI Tools

PHP Code Sniffer

PHP_CodeSniffer tokenizes PHP, JavaScript and CSS files and detects violations of a defined set of coding standards. PHP_CodeSniffer comes with two PHP scripts; the main phpcs script that tokenizes PHP, JavaScript and CSS files to detect violations of a defined coding standard, and a second phpcbf script to automatically correct coding standard violations.

docker run -v /path/to/project:/app umutphp/php-docker-images-for-ci:7.1 phpcs /app

PHP Copy/Paste Detector (PHPCPD)

PHP Copy/Paste Detector (PHPCPD) is a Copy/Paste Detector (CPD) for PHP code. It checks all the files under the folder given as a parameter and determines the code blocks which are copied and pasted.

docker run -v /path/to/project:/app umutphp/php-docker-images-for-ci:7.1 phpcpd /app

PHP Dead Code Detector

PHP Dead Code Detector is a Dead Code Detector (DCD) for PHP code. It scans a PHP project for all declared functions and methods and reports those as being "dead code" that are not called at least once.

docker run -v /path/to/project:/app umutphp/php-docker-images-for-ci:7.1 phpdcd /app

SensioLabs Security Checker

Warning The tool is deprecated and you can use Local PHP Security Checker instead. Don't use this piece of software anymore as the underlying web service will stop working after the end of January 2021.

The SensioLabs Security Checker is a command line tool that checks if your application uses dependencies with known security vulnerabilities. It uses the Security Check Web service and the Security Advisories Database.

docker run -v /path/to/project:/app umutphp/php-docker-images-for-ci:7.1 security-checker security:check /app

PhpMetrics

PhpMetrics provides software metrics about PHP project and classes. It generates readable and accessible reports about maintainability, quality and complexity of a source code.

docker run -v /path/to/project:/app umutphp/php-docker-images-for-ci:7.1 phpmetrics /app

Psecio Parse

Psecio Parse scanner is a static scanning tool to review your PHP code for potential security-related issues. . It requires atleast PHP 7.0.

docker run -v /path/to/project:/app umutphp/php-docker-images-for-ci:7.1 psecio-parse scan /app

PHP VarDump Check

PHP VarDump Check is a PHP console application for finding forgotten variable dump lines. It supports PHP build in method print_r, var_dump and var_export methods and also methods from Tracy debugger, Ladybug, Symfony, Laravel, Doctrine and Zend Framework.

docker run -v /path/to/project:/app umutphp/php-docker-images-for-ci:7.1 var-dump-check /app

PHP Parallel Lint

PHP Parallel Lint checks syntax of PHP files faster than serial check with a fancier output. Running parallel jobs in PHP is inspired by Nette framework tests.

docker run -v /path/to/project:/app umutphp/php-docker-images-for-ci:7.1 parallel-lint /app

PHP Magic Number Detector (PHPMND)

PHP Magic Number Detector (PHPMND) is a tool that aims to help you to detect magic numbers in your PHP code. By default 0 and 1 are not considered to be magic numbers. This tool is incompatible with PHP 8.0.

docker run -v /path/to/project:/app umutphp/php-docker-images-for-ci:7.1 phpmnd /app

PHP Assumptions

PHP Assumptions is the result of a proof of concept inspired by the "From assumptions to assertions" blog post. It's a static code analysis tool doing checks for weak assumptions.

docker run -v /path/to/project:/app umutphp/php-docker-images-for-ci:7.1 phpa /app

churn-php

churn-php is a package that helps you identify php files in your project that could be good candidates for refactoring. It requires atleast PHP 7.1.

docker run -v /path/to/project:/app umutphp/php-docker-images-for-ci:7.1 churn run src /app

Fink

Fink (pronounced "Phpink") is a command line tool for checking HTTP links written in PHP. It requires atleast PHP 7.1.

docker run -v /path/to/project:/app umutphp/php-docker-images-for-ci:7.1 fink http://yoursite.domain

PHPMD

PHPMD is a spin-off project of PHP Depend and aims to be a PHP equivalent of the well known Java tool PMD. PHPMD can be seen as an user friendly frontend application for the raw metrics stream measured by PHP Depend.

docker run -v /path/to/project:/app umutphp/php-docker-images-for-ci:7.1 phpmd /app text codesize,unusedcode,naming

PHP_Testability

PHP_Testability analyses and produces a report with testability issues of a php codebase. It requires atleast PHP 7.0.

docker run -v /path/to/project:/app umutphp/php-docker-images-for-ci:7.1 testability /app -o report

composer-normalize

composer-normalize Provides a composer plugin for normalizing composer.json. It requires atleast PHP 7.1.

docker run -v /path/to/project:/app umutphp/php-docker-images-for-ci:7.1 cd /app && composer normalize

infection

Infection is a PHP mutation testing framework based on AST (Abstract Syntax Tree) mutations. It works as a CLI tool and can be executed from your project’s root.

docker run -v /path/to/project:/app umutphp/php-docker-images-for-ci:7.1 infection

Deptrac

Deptrac is a static code analysis tool that helps to enforce rules for dependencies between software layers in your PHP projects. It requires atleast PHP 7.1.

PHP Insights

PHP Insights was carefully crafted to simplify the analysis of your code directly from your terminal. It requires atleast PHP 7.2 and It is not supporting PHP 8.0 for now.

docker run -v /path/to/project:/app umutphp/php-docker-images-for-ci:7.3 phpinsights

PHPStan

PHPStan focuses on finding errors in your code without actually running it. It catches whole classes of bugs even before you write tests for the code. It requires atleast PHP 7.1.

docker run -v /path/to/project:/app umutphp/php-docker-images-for-ci:7.3 phpstan analyse

Local PHP Security Checker

The Local PHP Security Checker is a command line tool that checks if your PHP application depends on PHP packages with known security vulnerabilities. It uses the Security Advisories Database.

docker run -v /path/to/project:/app umutphp/php-docker-images-for-ci:7.3 local-php-security-checker --path=/app/composer.lock

Pint

Pint is an opinionated PHP code style fixer for minimalists. Pint is built on top of PHP-CS-Fixer and makes it simple to ensure that your code style stays clean and consistent. Pint requires atleast PHP 8.0.

docker run -v /path/to/project:/app umutphp/php-docker-images-for-ci:8.1 pint

Custom Tools

• Gitignore Checker: gitignore_checker checks the .gitignore file under the directory that the command executed and finds if there are file or files both in the git ignore file and the repository.
• Git Merge Conflict Marker Checker: merge_conflict_checker checks all the files in the given folder (current folder is checked if not given) to find the forgotten merge conflict markers like "<<<<<<< HEAD".

How to use images locally

• A sample execution for PHP Code Sniffer;

docker run -v /path/to/project:/app umutphp/php-docker-images-for-ci:7.1 phpcs /app

• A sample execution for SensioLabs Security Checker;

docker run -v /path/to/project:/app umutphp/php-docker-images-for-ci:7.1 security-checker security:check /app/composer.lock

• A sample execution for Psecio Parse;

docker run -v /path/to/project:/app umutphp/php-docker-images-for-ci:7.1 /root/.composer/vendor/bin/psecio-parse scan /app

How to Use in Gitlab CI

You need to enable Docker executors on Gitlab CI. You can find sample job definitions for executing the tools on Gitlab CI pipeline for your repo.

A sample job definition for PHP Code Sniffer;

code_sniffer:
    stage: stage_name
    image: umutphp/php-docker-images-for-ci:7.1
    script:
        - cd /path/to/code/base
        - phpcs

A sample job definition for SensioLabs Security Checker;

security_composer_checker:
    stage: stage_name
    image: umutphp/php-docker-images-for-ci:7.1
    script:
        - security-checker security:check /path/to/composer.lock

A sample job definition for Psecio Parse;

security_psecio_parse:
    stage: stage_name
    image: umutphp/php-docker-images-for-ci:7.1
    script:
        - psecio-parse scan /path/to/your/codebase/

How to Use in CircleCI

You can make some static code checks before bulding and testing your application on CircleCI.

# PHP CircleCI 2.0 configuration file
#
version: 2
jobs:
  checks:
    docker:
      - image: umutphp/php-docker-images-for-ci:7.2
    steps:
      - checkout
      - run:
          name: Composer-normalize
          no_output_timeout: 20m
          command: composer normalize --dry-run
      - run:
          name: PHP-Lint
          no_output_timeout: 20m
          command: parallel-lint --exclude vendor .
      - run:
          name: Var-Dump-Check
          no_output_timeout: 20m
          command: var-dump-check .
      - run:
          name: Merge-Conflict-Checker
          no_output_timeout: 20m
          command: merge_conflict_checker .
workflows:
  version: 2
  build:
    jobs:
      - checks

How To Contribute

Please read the instructions in CONTRIBUTING.md file.

Code of Conduct

See CODE_OF_CONDUCT for information.