Bump php-extension-installer

[cardil]

Summary by CodeRabbit

• Chores
  • Updated the container build tooling and CI runner to newer upstream versions to improve build reliability and compatibility.
  • No changes to application features, extensions, or runtime configuration; end-user behavior is unchanged.
  • Helps ensure smoother, more consistent builds and reduced risk of build-time issues going forward.

[coderabbitai]

Walkthrough

Updated the Containerfile to fetch docker-php-extension-installer v2.9.0 (was v2.7.28) and changed the GitHub Actions runner image from ubuntu-22.04 to ubuntu-24.04; no other functional or configuration edits.

Changes

Cohort / File(s)	Summary of Changes
Container Build Config Containerfile	Bumped docker-php-extension-installer download URL from v2.7.28 to v2.9.0 in the ADD instruction; no other changes.
CI Workflow .github/workflows/multiarch-build.yaml	Updated workflow runner image from ubuntu-22.04 to ubuntu-24.04; all other steps unchanged.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Possibly related PRs

• Updated the image for PHP 8.3 with a few added extensions, plus a GH actions build #1 — Introduces/changes the ADD-based installer flow for docker-php-extension-installer, related to the version/update in this PR.

Poem

I hopped through layers, crisp and spry,
A tiny bump beneath the sky.
Installer fresh, the runner new,
Builds will skip and hum on through.
🐇✨

✨ Finishing Touches

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch bugfix/bump-php-extension-installer

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

CodeRabbit Commands (Invoked using PR/Issue comments)

Type @coderabbitai help to get the list of available commands.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Status, Documentation and Community

• Visit our Status Page to check the current availability of CodeRabbit.
• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 0

🔭 Outside diff range comments (1)

Containerfile (1)

8-32: Remove built-in PHP extensions & enable parallel installation

Both filter and pdo are bundled in PHP 8.x and will cause docker-php-extension-installer to error out; adding -j"$(nproc)" speeds up builds by installing in parallel.

• Containerfile (lines 8–32):

• Remove filter and pdo from the install-php-extensions list
• Add -j"$(nproc)" to the installer command

Apply this diff:

-RUN install-php-extensions \
+RUN install-php-extensions -j"$(nproc)" \
   apcu \
   bcmath \
   curl \
   exif \
-  filter \
   gd \
   gettext \
   gmp \
   iconv \
   imagick \
   intl \
   ldap \
   mbstring \
   memcached \
   mysqli \
   opcache \
   pcntl \
-  pdo \
   pdo_mysql \
   pdo_pgsql \
   pgsql \
   redis \
   sysvsem \
   zip

🧹 Nitpick comments (1)

Containerfile (1)

5-6: Version bump looks fine; consider parameterizing or using 'latest' to reduce churn.

To avoid future PRs for this one-liner and keep the Dockerfile tidy, either:

• Use a build arg for the installer version, or
• Point to the latest release URL (trades reproducibility for convenience).

Option A: Parameterize version

+ARG IPE_VERSION=2.9.0
 ADD --chmod=0755 \
-  https://github.com/mlocati/docker-php-extension-installer/releases/download/2.9.0/install-php-extensions \
+  https://github.com/mlocati/docker-php-extension-installer/releases/download/${IPE_VERSION}/install-php-extensions \
   /usr/local/bin/

Option B: Always use latest (non-reproducible, but minimal maintenance)

 ADD --chmod=0755 \
-  https://github.com/mlocati/docker-php-extension-installer/releases/download/2.9.0/install-php-extensions \
+  https://github.com/mlocati/docker-php-extension-installer/releases/latest/download/install-php-extensions \
   /usr/local/bin/

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 2e81eea and d03f559.

📒 Files selected for processing (1)

• Containerfile (1 hunks)

🧰 Additional context used

🧠 Learnings (1)

📓 Common learnings

Learnt from: cardil
PR: wavesoftware/container-php#1
File: Containerfile:1-2
Timestamp: 2024-11-12T12:04:16.956Z
Learning: In the `Containerfile` of this project, it's acceptable to use the major PHP version tag `php:8-fpm` instead of pinning to a specific minor version.

🪛 GitHub Actions: Multiarch build

Containerfile

[error] 1-1: Container image build failed. Step 'RUN install-php-extensions apcu bcmath curl exif filter gd gettext gmp iconv imagick intl ldap mbstring memcached mysqli opcache pcntl pdo pdo_mysql pdo_pgsql pgsql redis sysvsem zip' exited with code 2.

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (1)

.github/workflows/multiarch-build.yaml (1)

21-22: Minor: streamline apt install to be leaner and faster

Use --no-install-recommends and clean apt lists to reduce noise and time on ephemeral runners.

Apply:

-          sudo apt-get update
-          sudo apt-get install -y qemu-user-static
+          sudo apt-get update -y
+          sudo apt-get install -y --no-install-recommends qemu-user-static
+          sudo rm -rf /var/lib/apt/lists/*

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between d03f559 and 2a0380a.

📒 Files selected for processing (1)

• .github/workflows/multiarch-build.yaml (1 hunks)

🧰 Additional context used

🧠 Learnings (2)

📓 Common learnings

Learnt from: cardil
PR: wavesoftware/container-php#1
File: Containerfile:1-2
Timestamp: 2024-11-12T12:04:16.956Z
Learning: In the `Containerfile` of this project, it's acceptable to use the major PHP version tag `php:8-fpm` instead of pinning to a specific minor version.

📚 Learning: 2024-11-12T11:11:57.864Z

Learnt from: cardil
PR: wavesoftware/container-php#1
File: .github/workflows/multiarch-build.yaml:23-30
Timestamp: 2024-11-12T11:11:57.864Z
Learning: In the `.github/workflows/multiarch-build.yaml` file, the image name should remain as 'php' even if it's a custom image.

Applied to files:

• .github/workflows/multiarch-build.yaml

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: Build images

[coderabbitai]

💡 Verification agent

🧩 Analysis chain

Runner bump to ubuntu-24.04: verify availability and GA status for your org

ubuntu-24.04 runners have been rolling out; ensure it’s GA for your repo/org and not restricted. Also confirm your buildah/qemu steps behave the same under 24.04.

Run this web check to confirm GA status:

---

🌐 Web query:

Is `ubuntu-24.04` available as a supported GitHub Actions runner label for general availability (not preview), and are there any breaking changes compared to `ubuntu-22.04` that affect common build tools like buildah or qemu?

💡 Result:

ubuntu-24.04 is now generally available as a supported runner label for GitHub Actions, and all users can use it for workflows by specifying runs-on: ubuntu-24.04. This release introduces several changes compared to ubuntu-22.04, notably a significantly trimmed pre-installed package list, which can lead to breaking changes for common build tools such as buildah and qemu[1][3][5].

Essential context and details

• General Availability:
  The ubuntu-24.04 runner image is out of preview and generally available. You can specify it directly in your workflow:

  jobs:
    build:
      runs-on: ubuntu-24.04

  This is officially supported by GitHub and the label is not a preview[1][5].

• Migration of ubuntu-latest:
  GitHub is actively migrating the ubuntu-latest label from Ubuntu 22.04 to 24.04 throughout Fall 2024. This means any workflows using ubuntu-latest will soon default to ubuntu-24.04, potentially exposing breakages if workflows depend on outdated assumptions[1][3].

Breaking Changes Affecting Build Tools

• Reduced Pre-Installed Packages:
  A critical change is that the Ubuntu 24.04 runners have a “significantly trimmed” pre-installed package list compared to Ubuntu 22.04. Many tools that were previously present by default may now need to be installed explicitly in your workflow—a shift from previous best practice[3].

• Docker/QEMU/Buildah Specific Issues:
  There are confirmed reports of Docker, Buildah, and QEMU-related jobs failing on GitHub-hosted Ubuntu 24.04 runners, particularly for cross-architecture builds (e.g., using QEMU or Docker Buildx for ARM64 targets on x86_64 hosts).

  • Community members note builds that work fine on self-hosted or regular Ubuntu 24.04 VMs but fail on GitHub’s hosted runners[7].
  • The main causes appear to be changes in base runner setup, certain missing dependencies, or altered defaults.

  Workarounds currently suggested:

  • Use runs-on: ubuntu-22.04 where issues are encountered
  • Install required packages (like qemu-user-static, buildah, etc.) at the start of your workflow
  • Consider self-hosted runners for reliable Docker/QEMU support[7].

• Kernel and System-Level Changes:
  The new runner image brings a newer kernel (6.7/6.8), updated GNOME, and system package versions, which can affect compatibility for low-level tools[2][6].

What to do when migrating

• Audit your workflow for dependencies:
  If your job relies on pre-installed tools (especially container or virtualization tooling), explicitly add installation steps to ensure reproducibility.

• Check the runner image’s installed software list:
  Review the [official runner image documentation](see: github/actions/runner-images) for the specific package set included with ubuntu-24.04—do not assume parity with ubuntu-22.04[1].

• Expect and test for breaking changes:

  • Common breakages reported for:
    • QEMU: Cross-compilation or emulation tasks
    • Buildah: Container building workflows
    • Docker/buildx: Multi-arch builds
  • These may fail due to missing packages, altered container runtime defaults, or other environmental changes[7].

Summary of changes and risks

Feature/Tool	Ubuntu 22.04	Ubuntu 24.04 (GitHub Actions Runner)	Potential Action Needed
Pre-installed tools	Many container & emu tools	Fewer pre-installed, more minimal	Explicit install in workflow
QEMU cross-builds	Generally worked	Known issues on x86_64 runners	Use Ubuntu 22.04 or self-hosted
Buildah, Docker	Stable	May require manual package installation	Add install steps
Default Software	Larger default set	Significantly trimmed	Audit & update workflows

In conclusion:
If you rely on containerization tools or cross-platform emulation (QEMU/Buildah/Docker/buildx), you should test workflows thoroughly on ubuntu-24.04 before switching, and expect to update your workflows to install more dependencies than you previously did. For reliability, ubuntu-22.04 is still available for the time being[1][3][5][7].

Citations:

• 1: https://github.blog/changelog/2024-09-25-actions-new-images-and-ubuntu-latest-changes/
• 2: https://linuxconfig.org/ubuntu-24-04-lts-vs-22-04-lts-a-comparison-guide-and-whats-new
• 3: https://dev.to/siddhantkcode/critical-changes-coming-to-github-actions-ubuntu-24-migration-guide-oo8
• 4: https://talk.jekyllrb.com/t/building-error-on-github-actions/9471
• 5: Ubuntu 24.04 is now available actions/runner-images#9848
• 6: https://www.omgubuntu.co.uk/2024/04/ubuntu-24-04-lts-20-changes-to-look-out-for
• 7: Ubuntu 24.04: Build using Docker/QEMU fails for Build-Target Linux/ARM64 actions/runner-images#11561
• 8: The Ubuntu 20.04 Actions runner image will begin deprecation on 2025-02-01 and will be fully unsupported by 2025-04-15 actions/runner-images#11101
• 9: https://depot.dev/docs/github-actions/runner-types
• 10: https://itsfoss.com/ubuntu-24-04-vs-22-04/

---

Runner bump to ubuntu-24.04: confirm GA support and install missing container tools

ubuntu-24.04 runners are now generally available (GA) and will become the default for ubuntu-latest in Fall 2024. However, they include a significantly trimmed package set compared to 22.04, which can break Buildah/QEMU/Docker-based workflows. Please update .github/workflows/multiarch-build.yaml as follows:

• Confirm that runs-on: ubuntu-24.04 is supported in your org (it’s GA for all users).
• Add explicit installation of container/emulation tools before your multi-arch build steps. For example:

jobs:
  build-multiarch:
    runs-on: ubuntu-24.04
    steps:
      - name: Install container/emulation tools
        run: |
          sudo apt-get update
          sudo apt-get install -y qemu-user-static buildah
      # …your existing steps…

• Run your QEMU and Buildah steps on the 24.04 runner to verify they succeed.
• If you encounter failures, either pin back to ubuntu-22.04 or use a self-hosted runner with the required dependencies.

🤖 Prompt for AI Agents

.github/workflows/multiarch-build.yaml around line 15: the runner was changed to
ubuntu-24.04 but 24.04 has a trimmed package set and may lack
container/emulation tooling; update the job to (1) confirm your org supports
runs-on: ubuntu-24.04, (2) add an early step before the multi-arch build that
runs apt-get update and installs required packages (for example qemu-user-static
and buildah, and docker if your workflow needs it), and (3) run/verify the QEMU
and Buildah steps succeed on the 24.04 runner and if they fail either pin back
to ubuntu-22.04 or use a self-hosted runner with the dependencies.

[coderabbitai]

🛠️ Refactor suggestion

Security hardening: pin Actions by commit SHA

Pin third-party actions to immutable commit SHAs to mitigate supply-chain risk. Keep a comment with the tag name for readability.

Example (replace with actual SHAs from the action’s releases page):

• actions/checkout@
• redhat-actions/buildah-build@
• redhat-actions/push-to-registry@

Also applies to: 26-26, 35-35