Multi-arch base Docker images for Utopia PHP libraries, built on Alpine with Swoole and a curated set of PHP extensions.
- PHP 8.3
- PHP 8.4
- PHP 8.5
Each version is published as a multi-arch image (linux/amd64, linux/arm64).
Images are published to appwrite/utopia-base on Docker Hub.
| Tag | Source | Stability |
|---|---|---|
php-<X.Y>-<release> |
release.yml on a published GitHub release |
Stable — pin to this in production |
php-<X.Y>-<sha> |
publish.yml on every push to main after CI passes |
Tracks main — useful for testing, garbage-collected after 14 days |
<X.Y> is one of 8.3, 8.4, 8.5. <release> is the GitHub release tag (e.g. 0.5.0). <sha> is the full 40-char commit SHA.
Four workflows:
ci.yml— runs on PRs, pushes tomain, and weekly. Builds each(php × arch)once, shares the image via artifact, then runs structure tests, dive efficiency checks, and Trivy CVE scans against the artifact. SARIF results upload to the Security tab.publish.yml—workflow_run-triggered after CI succeeds onmain. Pushes per-arch tags and assembles the multi-arch manifest underphp-<X.Y>-<sha>. No rebuild — uses CI's artifacts.release.yml— triggered byrelease: published. Promotes the existingphp-<X.Y>-<sha>manifest tophp-<X.Y>-<release-tag>viadocker buildx imagetools create. No rebuild.cleanup.yml— daily cron. Deletesphp-<X.Y>-<sha>[-arch]tags older than 14 days from Docker Hub. Release tags don't match the regex and are never touched.
All publishing workflows share a build-<sha> concurrency group so a release queues behind in-flight CI on the same commit.
A single Dockerfile is templated by the per-version configs in versions/<X.Y>.env. Use the Makefile:
make build VERSION=8.4 # build a single version
make test VERSION=8.4 # build + run structure tests
make all # build all supported versionsTo bump an extension version, edit the relevant versions/<X.Y>.env. To add a new PHP version, drop in a new versions/<X.Y>.env and add the version to the matrix in .github/workflows/ci.yml and publish.yml.