From 0a6c4e7c68c8e1099cf5e02ec3739fbdd0e26027 Mon Sep 17 00:00:00 2001 From: Sebastian Mendel Date: Sun, 18 Jan 2026 19:55:36 +0100 Subject: [PATCH] chore: remove GD extension from Docker image PHPSpreadsheet requires ext-gd, but we only use it for data export (Xlsx Writer) without charts or images. GD is only needed for: - Chart rendering - Image manipulation in spreadsheets - Drawing objects Since we don't use these features, we can safely omit GD and use --ignore-platform-req=ext-gd in composer commands. PHPSpreadsheet maintainers decided to keep GD required (PR #3766), but recommend this workaround for advanced users who know their use case doesn't need GD. Benefits: - Reduces image size by ~9MB - Removes libpng, libjpeg, freetype dependencies - Smaller attack surface Refs: https://github.com/PHPOffice/PhpSpreadsheet/pull/3766 --- .github/workflows/ci.yml | 9 +++++---- Dockerfile | 19 +++++++++---------- Makefile | 7 ++++--- 3 files changed, 18 insertions(+), 17 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index c69a54699..97a16aa36 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -35,9 +35,10 @@ jobs: # Create directories with proper permissions for non-root container user mkdir -p vendor var/cache var/log bin chmod -R 777 vendor var bin - # --ignore-platform-req=php needed until laminas-ldap adds PHP 8.5 support - # See: https://github.com/laminas/laminas-ldap/issues/62 - docker compose run --rm app-tools composer install --no-interaction --prefer-dist --ignore-platform-req=php + # --ignore-platform-req needed for: + # - php: laminas-ldap PHP 8.5 support (https://github.com/laminas/laminas-ldap/issues/62) + # - ext-gd: PHPSpreadsheet requires GD but we only use data export + docker compose run --rm app-tools composer install --no-interaction --prefer-dist --ignore-platform-req=php --ignore-platform-req=ext-gd - name: Validate composer.json env: @@ -106,7 +107,7 @@ jobs: COMPOSE_PROFILES: dev run: | # Image already built by bake - just install deps and start services - docker compose run --rm app-dev composer install --ignore-platform-req=php + docker compose run --rm app-dev composer install --ignore-platform-req=php --ignore-platform-req=ext-gd docker compose run --rm app-dev npm install --legacy-peer-deps docker compose up -d docker compose exec -T db_unittest mariadb-admin ping -h 127.0.0.1 -uroot -pglobal123 --wait --connect-timeout=60 diff --git a/Dockerfile b/Dockerfile index 037d1e407..f10da5958 100644 --- a/Dockerfile +++ b/Dockerfile @@ -28,27 +28,25 @@ FROM ${COMPOSER_IMAGE} AS composer FROM ${PHP_BASE_IMAGE} AS base # Install system dependencies and PHP extensions in single layer +# Note: GD intentionally omitted - PHPSpreadsheet requires it but we only use data export (no charts/images) +# PHPSpreadsheet decided to keep GD required: https://github.com/PHPOffice/PhpSpreadsheet/pull/3766 +# We use --ignore-platform-req=ext-gd in composer install commands RUN set -ex \ && apt-get update \ && apt-get upgrade -y \ && apt-get install -y --no-install-recommends \ libzip-dev \ - libpng-dev \ libxml2-dev \ libldap2-dev \ - libjpeg62-turbo-dev \ - libfreetype6-dev \ libicu-dev \ unzip \ zlib1g-dev \ - && docker-php-ext-configure gd --with-jpeg --with-freetype \ && docker-php-ext-configure ldap --with-libdir=lib/x86_64-linux-gnu/ \ && docker-php-ext-install \ pdo_mysql \ ldap \ zip \ xml \ - gd \ intl \ && apt-get clean \ && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* \ @@ -102,9 +100,10 @@ RUN npm ci --legacy-peer-deps COPY --chown=app:app composer.json composer.lock symfony.lock ./ -# --ignore-platform-req=php needed until laminas-ldap adds PHP 8.5 support -# See: https://github.com/laminas/laminas-ldap/issues/62 -RUN composer install --no-dev --no-scripts --no-autoloader --ignore-platform-req=php +# --ignore-platform-req needed for: +# - php: laminas-ldap PHP 8.5 support (https://github.com/laminas/laminas-ldap/issues/62) +# - ext-gd: PHPSpreadsheet requires GD but we only use data export, not charts/images +RUN composer install --no-dev --no-scripts --no-autoloader --ignore-platform-req=php --ignore-platform-req=ext-gd # Copy application code COPY --chown=app:app . . @@ -129,7 +128,7 @@ FROM deps AS tools COPY --from=composer /usr/bin/composer /usr/bin/composer # Install dev dependencies for static analysis -RUN composer install --ignore-platform-req=php +RUN composer install --ignore-platform-req=php --ignore-platform-req=ext-gd USER app @@ -167,7 +166,7 @@ RUN curl -sS https://get.symfony.com/cli/installer | bash \ && echo 'source /etc/bash_completion.d/symfony' >> /etc/bash.bashrc # Install dev dependencies -RUN composer install --ignore-platform-req=php +RUN composer install --ignore-platform-req=php --ignore-platform-req=ext-gd RUN git config --global --add safe.directory '*' diff --git a/Makefile b/Makefile index 8dd6d0fc8..7d3fcc3aa 100644 --- a/Makefile +++ b/Makefile @@ -103,9 +103,10 @@ sh: install: composer-install npm-install composer-install: - # --ignore-platform-req=php needed until laminas-ldap adds PHP 8.5 support - # See: https://github.com/laminas/laminas-ldap/issues/62 - docker compose run --rm app-dev composer install --ignore-platform-req=php + # --ignore-platform-req needed for: + # - php: laminas-ldap PHP 8.5 support (https://github.com/laminas/laminas-ldap/issues/62) + # - ext-gd: PHPSpreadsheet requires GD but we only use data export + docker compose run --rm app-dev composer install --ignore-platform-req=php --ignore-platform-req=ext-gd composer-update: docker compose run --rm app-dev composer update