The project currently provides only PHP 7.2:

This was also mentioned as a problem here:
https://twitter.com/mwop/status/1012417504319279107

It might make sense to provide an image for each officially supported PHP Docker image currently available. If you're running on Travis, you'd just pass the version through your env vars, wouldn't even need to request PHP.

Would be nice to schedule nightly build which builds new image with latest tools each day. I often find myself checking your releases, but I would feel being rude to ask you constantly to update it.

$ docker run -it --rm -v `pwd`:/project -v /tmp/tmp-phpqa:/tmp -w /project jakzal/phpqa:alpine phpstan analyze
Note: Using configuration file /project/phpstan.neon.dist.
 10/10 [▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓] 100%

(...)
                                                                                                                        
 [ERROR] Found 5 errors                                                                                                 
                                                                                                                        

$ docker run -it --rm -v `pwd`:/project -v /tmp/tmp-phpqa:/tmp -w /project -u `id -u`:`id -g` jakzal/phpqa:alpine phpstan analyze
/usr/local/bin/docker-php-entrypoint: exec: line 9: phpstan: Permission denied

It's because tools are embedded in /root which is not world-readable.

What i can to do for use slevomat/coding-standard?

You've mentioned (somewhere) in a PR / issue you're planning on shipping some PHPStan extensions by default.

Here are some worth while IMO:

• Deprecation rules (official)
• Strict rules (official)
• Doctrine support (official)
• PHPUnit support (official)
• Symfony support (official)
• Beberlei assert support (official)
• Webmozart assert support (official)
• Exception rules (community)
• Nette support (official, suggested to be omitted by @ondrejmirtes)
• Dibi support (official, suggested to be omitted by @ondrejmirtes)

see #135

Beta2 is currently available, it should be a pretty good signal what's available. We can enable tools as they become compatible, some of which already are AFAIK.

Now that simple-phpunit is enabled, it could be nice to make its default installation directory writeable.

That is: /tools/.composer/vendor-bin/symfony/vendor/bin/.phpunit/

It improves installing any version when running the container as a non-root user, without having to set SYMFONY_PHPUNIT_DIR.

If set to auto_globals_jit=1, it breaks PHPUnit when running through phpdbg, sebastianbergmann/phpunit#3514

See http://php.net/manual/en/ini.core.php#ini.auto-globals-jit

Currently the latest master branch is built, which might not be stable.

If you want to run coverage tools, you need xdebug. Might want to disable by default.

I have this issue in my build after bumping to 1.30:

Generating code coverage report in PHPUnit XML format ... done
sh -c "  phpdbg -qrr /tools/infection run --verbose --show-mutations --no-interaction --only-covered --coverage var/ --min-msi=100 --min-covered-msi=100 --threads 4"
zend_mm_heap corrupted

Check the build output here (open it manually, Github's UI seems to not properly expand the output fully currently), the only thing that changed is the image version. It works locally (as did the previous version).

https://github.com/bmitch/churn-php

It seems there's an official PHP 7.3 RC image.

Since we added it, it might make sense to add this to the build and allow testing on 7.3 even before Travis supports it.

Im not aware of the autoloader complexity on anybody's side, so im starting here :) I think it's related to PHPstan isolation due this image.

composer.json requires symfony/dependency-injection, which on itself requires symfony/contracts

running vendor/bin/phpstan locally, Symfony\Contracts\Service\ServiceProviderInterface points to /app/vendor/symfony/contracts/Service/ServiceSubscriberInterface.php 👍

running phpstan globally, it points to /tools/.composer/vendor-bin/phpstan/vendor/symfony/contracts/Service/ServiceSubscriberInterface.php 👎

I discovered it as the versions are incompatible, and as such the build broke: https://travis-ci.org/msgphp/msgphp/jobs/513370572#L305

https://github.com/krakjoe/pcov

i.e. graphviz font-bitstream-type1 ghostscript-fonts

This tool detects vulnerabilities in composer dependencies https://github.com/sensiolabs/security-checker

Hey,

I use your image for running PHPStan for one of my project. As I declared some global functions in a bootstrap file of the project, I must pass the bootstrap configuration option for PHPStan. The problem is that the gettext extension is used during bootstrap, so the analysis fails with a fatal error because the bindtextdomain function can't be found.

That's why I'd like to ask you to enable let's say the gettext and intl and maybe other widely used extensions like phpredis, imagick and curl.

docker run jakzal/phpqa:1.43.0-php7.4-alpine psalm

Psalm 4.2.1@ea9cb72143b77e7520c52fa37290bd8d8bc88fd9
Fatal error: Could not create cache directory: //.cache/psalm/5733b69be4963fd578e82e5fa92a3d5d6e73a093 in phar:///tools/psalm/src/Psalm/Config.php on line 688
...

$ docker pull jakzal/phpqa:1.38.0-php7.3-alpine
Error response from daemon: manifest for jakzal/phpqa:1.38.0-php7.3-alpine not found: manifest unknown: manifest unknown

though, 1.38-php7.3-alpine is present

When running analyze like this:

analyze analyze src/

I get error:

fatal: There is no path src/vendor/composer/autoload_real.php in the commit
Exception: Command "git 'log' '--format=format:qacommit: %H' '--no-patch' '-L' '5,52:/home/src/vendor/composer/autoload_real.php'" exited with non zero exit code 128:  in /tools/QualityAnalyzer/src/php/Qafoo/Analyzer/Shell.php:54
Stack trace:
#0 /tools/QualityAnalyzer/src/php/Qafoo/Analyzer/Handler/GitDetailed.php(104): Qafoo\Analyzer\Shell->exec('git', Array, Array, '/home/src')

The problem is not with my code but the analyze library, because when I have installed it like this:

git clone https://github.com/Qafoo/QualityAnalyzer.git
cd QualityAnalyzer
composer install

it works successfully.

I'd be happy to add the following package to download composer packages faster (in parallel) ?

https://github.com/hirak/prestissimo

Do you think this is doable, and a good idea for this project ?

Docker hub hasn't been the most reliable platform. Very often builds fail on connections to github.

GIthub actions on the other hand has been rather stable so far.

Expectations:

• built and pushed daily:
  • latest and alpine images
• built and pushed on tag creation:
  • 1.38, 1.38-alpine
  • 1.38-php7.2, 1.38-php7.3, 1.38-php7.3, 1.38-php7.2-alpine, 1.38-php7.3-alpine, 1.38-php7.3-alpine
  • 1.38.0, 1.38.0-alpine
  • 1.38.0-php7.2, 1.38.0-php7.3, 1.38.0-php7.4, 1.38.0-php7.2-alpine, 1.38.0-php7.3-alpine, 1.38.0-php7.4-alpine
• scheduled tag creation (weekly) - increment the patch version

Using this command

docker run -it --rm -v ${PWD}:/project -w /project jakzal/phpqa:alpine dephpend uml --output=uml.png ./

I get this error

Something went wrong, this shouldn't happen. Please take a minute and report this issue: https://github.com/mihaeu/dephpend/issues

PlantUML installation not found.

[phar:///tools/dephpend/src/OS/PlantUmlWrapper.php at line 57]

So I guess, PlantUML should be installed directly in the docker image to be able to generate uml graph.

The following tags 1.14.2-php7.1 and 1.14.2-php7.1-alpine are missing on docker hub.

The last 7.1 release with minor number is 1.13.0-php7.1

Docker image: jakzal/phpqa:latest
Cmd line:

docker pull jakzal/phpqa:latest
docker run -v C:\xampp\htdocs\:/project -w /project --rm jakzal/phpqa:latest php-cs-fixer --diff --dry-run -v fix . 

Output: /entrypoint.sh: 6: exec: php-cs-fixer: not found

9 november 2020 all work fine

With the following psalm.xml in place

<\?xml version="1.0"\?>
<psalm
        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
        totallyTyped="false"
        errorLevel="4"
        resolveFromConfigFile="true"
        xmlns="https://getpsalm.org/schema/config"
        xsi:schemaLocation="https://getpsalm.org/schema/config vendor/vimeo/psalm/config.xsd"
        errorBaseline="build/psalm/baseline.xml"
>
    <projectFiles>
        <directory name="src"/>
        <ignoreFiles>
            <directory name="vendor"/>
        </ignoreFiles>
    </projectFiles>
</psalm>

and running
sudo docker run --init -it --rm -v "$(pwd):/project" -v "$(pwd)/tmp-phpqa:/tmp" -w /project jakzal/phpqa psalm analyse

I am getting the following error:

Problem parsing /project/psalm.xml: Error on line 10: Element '{https://getpsalm.org/schema/config}psalm', attribute 'errorLevel': The attribute 'errorLevel' is not allowed.
The schema at https://psalm.dev/schema/config has the attribute 'errorLevel' for the element 'psalm' but it seems that this attribute was renamed from 'level' to 'errorLevel' two months ago: vimeo/psalm@320f3ec

At this point, this appear to be an issue with the toolbox instead.

Hi,
Thanks for creating this project !
while running phpstan on a medium project , I am running into memory exhausted issue.
Fatal error: Allowed memory size of xxxxxxxx bytes exhausted (tried to allocate x bytes) in phar:///usr/local/bin/phpstan/src/File/FileHelper.php on line 49

can you please consider setting the default value to -1 ?

Edit : Just to make sure that my system's RAM is not completely exhausted and that it's not already to set to -1

# sudo docker run -it --rm jakzal/phpqa php -i | grep memory_limit
memory_limit => 128M => 128M

WDYT? https://github.com/Roave/BackwardCompatibilityCheck

Mentioned in #95, but here it is again. I might be missing something, but don't see 7.3-related tags?

A Docker Hub issue?

Would it be possible to have the phpstan-phpunit extension automatically installed, please?

Here's an example from the docs:

FROM phpstan/phpstan:0.9
RUN apk --update --progress --no-cache --repository http://dl-cdn.alpinelinux.org/alpine/v3.7/community add \
    php7-dom \
    php7-xmlwriter \
    && composer global require phpstan/phpstan-phpunit

I know from reading the docs of Toolbox that it is possible to load custom tool definitions:
e.g. ./toolbox list-tools --tools path/to/file1.json --tools path/to/file2.json

Is it possible to start and use Phpqa with a custom tools definitions file? I would like to install custom verions of some tools.

Digest: sha256:587653b041fe4a77767706d3d94f7f6ecdfb7ca61a75d595c1de231c7f8b69be

$ docker run --init -it --rm -v "$(pwd):/project" -v "$(pwd)/tmp-phpqa:/tmp" -w /project jakzal/phpqa:php7.2-alpine

Available tools

Name Summary

composer Dependency Manager for PHP
https://getcomposer.org/

composer-bin-plugin Composer plugin to install bin vendors in isolated locations
https://github.com/bamarni/composer-bin-plugin

box Fast, zero config application bundler with PHARs
https://github.com/humbug/box

box-legacy Legacy version of box
https://box-project.github.io/box2/

analyze Visualizes metrics and source code
https://github.com/Qafoo/QualityAnalyzer

behat Helps to test business expectations
http://behat.org/

churn Discovers good candidates for refactoring
https://github.com/bmitch/churn-php

composer-normalize Composer plugin to normalize composer.json files
https://github.com/ergebnis/composer-normalize

dephpend Detect flaws in your architecture
https://dephpend.com/

deprecation-detector Finds usages of deprecated code
https://github.com/sensiolabs-de/deprecation-detector

deptrac Enforces dependency rules between software layers
https://github.com/sensiolabs-de/deptrac

diffFilter Applies QA tools to run on a single pull request
https://github.com/exussum12/coverageChecker

ecs Sets up and runs coding standard checks
https://github.com/Symplify/EasyCodingStandard

parallel-lint Checks PHP file syntax
https://github.com/JakubOnderka/PHP-Parallel-Lint

==== skip === #

As i do composer install i get

As there is no 'unzip' command installed zip files are being unpacked using the PHP zip extension.
This may cause invalid reports of corrupted archives. Installing 'unzip' may remediate them.

Everything seems to work fine in my gitlab-ci experiment tough. So just for thought.

Hey,

Thx a lot for your work.
I'm trying to run command from a make file but make seems not installed.

php -v
PHP 7.3.2 (cli) (built: Feb  9 2019 01:32:35) ( NTS )
Copyright (c) 1997-2018 The PHP Group
Zend Engine v3.3.2, Copyright (c) 1998-2018 Zend Technologies
$ make test
/bin/bash: line 76: make: command not found

Could we install make on every build ?

My Makefile

test:
	php-cs-fixer fix --dry-run --using-cache=no --verbose --diff

My gitlab ci:

php-cs-fixer:
  image: jakzal/phpqa
  stage: test
  script:
    - php -v
    - make test
  allow_failure: true

Thx for advance.

docker/hub-feedback#508 (comment)

It works: https://hub.docker.com/r/dkarlovi/docker-hugo/builds/

Looking at the Dockerfile and the image's history (see below), it seems we can save quite a bit of space by switching to the multi-stage build pattern.

It should allow us to avoid having a 250MB+ intermediate layer in the image:

$ docker history jakzal/phpqa:alpine 
IMAGE               CREATED             CREATED BY                                      SIZE                COMMENT
76b1555a30f9        19 hours ago        /bin/sh -c #(nop)  CMD ["/bin/sh" "-c" "php …   0B                  
<missing>           19 hours ago        /bin/sh -c apk add --no-cache --virtual .too…   252MB               
<missing>           19 hours ago        /bin/sh -c #(nop) COPY file:60fad6cf4445b0d0…   1.88MB              
<missing>           19 hours ago        /bin/sh -c #(nop) COPY file:287ae7377cdad1b1…   23.6kB              
<missing>           19 hours ago        /bin/sh -c #(nop) COPY file:850923d8354d1f73…   18.7kB              
<missing>           19 hours ago        /bin/sh -c #(nop)  ENV TOOLS_JSON=/tools/too…   0B                  
<missing>           19 hours ago        /bin/sh -c #(nop)  ENV PATH=/usr/local/sbin:…   0B                  
<missing>           19 hours ago        /bin/sh -c #(nop)  ENV TOOL_DEPS=git graphvi…   0B                  
<missing>           19 hours ago        /bin/sh -c #(nop)  ENV LIB_DEPS=zlib-dev        0B                  
<missing>           19 hours ago        /bin/sh -c #(nop)  ENV BUILD_DEPS=autoconf f…   0B                  
<missing>           19 hours ago        /bin/sh -c #(nop)  ENV COMPOSER_HOME=/tools/…   0B                  
<missing>           19 hours ago        /bin/sh -c #(nop)  ENV COMPOSER_ALLOW_SUPERU…   0B                  
<missing>           19 hours ago        /bin/sh -c #(nop)  LABEL maintainer=Jakub Za…   0B                  
<missing>           2 weeks ago         /bin/sh -c #(nop)  CMD ["php" "-a"]             0B                  
<missing>           2 weeks ago         /bin/sh -c #(nop)  ENTRYPOINT ["docker-php-e…   0B                  
<missing>           2 weeks ago         /bin/sh -c docker-php-ext-enable sodium         168kB               
<missing>           2 weeks ago         /bin/sh -c #(nop) COPY multi:2cdcedabcf5a3b9…   6.42kB              
<missing>           2 weeks ago         /bin/sh -c set -xe  && apk add --no-cache --…   58.1MB              
<missing>           2 weeks ago         /bin/sh -c #(nop) COPY file:207c686e3fed4f71…   587B                
<missing>           2 weeks ago         /bin/sh -c set -xe;   apk add --no-cache --v…   12.2MB              
<missing>           2 weeks ago         /bin/sh -c #(nop)  ENV PHP_SHA256=da1a705c0b…   0B                  
<missing>           2 weeks ago         /bin/sh -c #(nop)  ENV PHP_URL=https://secur…   0B                  
<missing>           2 weeks ago         /bin/sh -c #(nop)  ENV PHP_VERSION=7.2.11       0B                  
<missing>           6 weeks ago         /bin/sh -c #(nop)  ENV GPG_KEYS=1729F83938DA…   0B                  
<missing>           6 weeks ago         /bin/sh -c #(nop)  ENV PHP_LDFLAGS=-Wl,-O1 -…   0B                  
<missing>           6 weeks ago         /bin/sh -c #(nop)  ENV PHP_CPPFLAGS=-fstack-…   0B                  
<missing>           6 weeks ago         /bin/sh -c #(nop)  ENV PHP_CFLAGS=-fstack-pr…   0B                  
<missing>           6 weeks ago         /bin/sh -c mkdir -p $PHP_INI_DIR/conf.d         0B                  
<missing>           6 weeks ago         /bin/sh -c #(nop)  ENV PHP_INI_DIR=/usr/loca…   0B                  
<missing>           6 weeks ago         /bin/sh -c set -x  && addgroup -g 82 -S www-…   4.85kB              
<missing>           6 weeks ago         /bin/sh -c apk add --no-cache --virtual .per…   2.69MB              
<missing>           6 weeks ago         /bin/sh -c #(nop)  ENV PHPIZE_DEPS=autoconf …   0B                  
<missing>           6 weeks ago         /bin/sh -c #(nop)  CMD ["/bin/sh"]              0B                  
<missing>           6 weeks ago         /bin/sh -c #(nop) ADD file:25c10b1d1b41d46a1…   4.41MB   

I'd like to add Exakat to the phpqa suite.

What is the prefered process ? Shall I first submit the installation to toolbox?

I have a dockerfile for debian and another for alpine. PHP 7.0 to 7.3 are all OK to run exakat.

The main block I see is java and gremlin-server. Is there a prefered way to have available?
They are needed for processing the report, but are discarded after running it : docker is good for that.

I'm experimenting with the "image as mounted sideloaded volume for another container" approach we talked about in Slack before. It works very well, with some issues.

Currently, the image keeps most of its tools within /tools, with PHARs being an exception. This somewhat makes problems for the approach since I'd need to mount multiple volumes to match the layout.

My proposal:

1. create a new folder /tools/bin and add it to $PATH (can be last to not mess with anything)
2. dump all PHARs there instead of /usr/local/bin
3. (optional, but highly desirable) add all other bin files here to as symlinks too (from /tools/.composer/vendor/bin:/tools/QualityAnalyzer/bin:/tools/DesignPatternDetector/bin:/tools/EasyCodingStandard/bin, probably /usr/bin/composer too)

This allows me to:

1. mount /tools:/tools (QA image => my container)
2. add /tools/bin to $PATH in my own container
3. just use the tools from within my running container as if they're natively there

The setup for this approach becomes MUCH more simple and the current behaviour is mostly kept.

WDYT?

Currently get error:

Fatal error: Cannot use Riak\Object as Object because 'Object' is a special class name in /project/vendor/doctrine/cache/lib/Doctrine/Common/Cache/RiakCache.php on line 25

When I run:

docker run -it --rm -v $(pwd):/project -w /project jakzal/phpqa phpstan analyse .

Hi, I've run analyze successfully, but I've not figured out how to get analyze serve to allow me to connect to its web server from my host.

I've tried various Docker parameters like -p 8080:8080, --expose 8080, I've tried making my own Dockerfile with EXPOSE 8080 in it etc. and can never connect from my local browser using http://localhost:8080/ or http://127.0.0.1:8080/.

Does anyone know what the correct way is to access analyze's web server is from the Docker host?

By the way, I did try execing into the running container and running curl http://localhost:8080 and successfully got some HTML outputted into the terminal, so the server is running.

If I run curl http://127.0.0.1:8080 from my host, I get the error curl: (56) Recv failure: Connection reset by peer (I get a different error if I pick a different port, so it is getting through in some way).

The web server never outputs anything while running except for when I execd into the running container and did a curl from there.

Behat's --rerun stores failed tests into /tmp by default. Since the container is destroyed after each run, that data is also purged. It might make sense to support mounting a volume / scratch disk for the image which would allow supporting this feature.

A mutation framework https://github.com/infection/infection

Since the added value with this image is the selection and discovery of actually valuable PHP related QA and similar tools (which you might not know about), it might make sense to make that more prominent.

1. For example, there are tools which don't seem to work:

$ phpqa churn run

Fatal error: Uncaught TypeError: Argument 1 passed to Symfony\Component\Yaml\Yaml::parse() must be of the type string, boolean given, called in /tools/.composer/vendor-bin/tools/vendor/bmitch/churn-php/src/Commands/ChurnCommand.php on line 81 and defined in /tools/.composer/vendor-bin/tools/vendor/symfony/yaml/Yaml.php:76

2. There are also tools which were added, but in the meantime a better candidate for the same task appeared, example phpca vs. ComposerRequireChecker
3. some tools might be obsoleted upstream in the meantime

What I propose is this:

1. introduce a way to mark tools as broken or deprecated (with optional suggestion for an alternative)
2. introduce a way to tag tools (with tags such as composer, util, analysis, style, test, phpstan, etc).
3. introduce a way to list tools by tag, example phpqa list style
4. introduce a way to provide a short help about the tool, example phpqa info phpstan-doctrine would explain how to enable it, with even a short example
5. have a bit of a nicer CLI for the listing (can we use Symfony Console here?)

It would probably be best if we separated tools out ftom the JSON into something else to make it more maintainable in te future.

Overall, I think this project might gain some traction as other projects start using it for their CI more so it would benefit from these kind of small tweaks which raise the value quite a bit.

WDYT?