- Delete renovate.json: custom manager for jcabillot/phpapache ARG VERSION
is obsolete since migration to dunglas/frankenphp.
- Update AGENTS.md: reflect FrankenPHP/Caddy base image, /app/public,
no ARG VERSION, fixed tag.
Extra "f" character inserted at position 29 made the SHA 41 chars
instead of 40, causing "reference not found" on Gitea Actions runner.
Fixes CI run #2440 job #6174.
The SHA for docker/build-push-action@v7.2.0 in tag.yaml and cron.yaml
was corrupted: 0d7f5c8f should be 0d6e8b85.
Correct SHA from git ls-remote refs/tags/v7.2.0:
f9f3042f7e2789586610d6e8b85c8f03e5195baf
Fixes CI run #2437 job #6165 (reference not found on docker/login-action
clone — likely cascade from the corrupted build-push-action SHA).
The SHA in the tag job of main.yaml was corrupted — missing the leading
'4' and with mutated bytes in the middle (da04aec3cc → da9f2a04ec).
Correct SHA for v1.75.0 is 4ed44965e0db8dab2b466a16da04aec3cc312fd8.
Fixes CI run #1981 job #4861: reference not found.
@@ -6,18 +6,19 @@ Lightweight PHP micro-service that returns the client's public IP address as JSO
## 2. Folder Structure
-`root/`: Application source code served by Apache.
-`root/`: Application source code served by FrankenPHP/Caddy.
-`index.php`: Single endpoint returning `REMOTE_ADDR` as JSON.
-`Caddyfile`: FrankenPHP/Caddy web server configuration — PHP handler on `:8080` with `try_files` + `php_server`.
-`.gitea/workflows/`: Gitea Actions CI pipelines.
-`docker-build.yaml`: Build and push Docker image to Docker Hub on push/PR to master + daily cron.
-`Dockerfile`: Multi-stage build extending `jcabillot/phpapache` base image, copies `root/` into `/var/www/html`.
-`Dockerfile`: Single-stage build from `dunglas/frankenphp:1-php8.5-alpine`, copies `root/` into `/app/public`.
-`.gitlab-ci.yml`: Legacy GitLab CI config (deprecated, replaced by Gitea Actions).
-`Jenkinsfile`: Legacy Jenkins pipeline (deprecated, replaced by Gitea Actions).
## 3. Core Behaviors & Patterns
- **Request/Response Flow**: Single PHP endpoint sets `Content-Type: application/json` header and returns `$_SERVER['REMOTE_ADDR']` encoded as JSON string. No routing, no framework, no state.
- **Container Base Image Pattern**: `Dockerfile`uses `ARG VERSION="latest"` to allow version pinning at build time, extends `jcabillot/phpapache` which provides PHP + Apache pre-configured. Application code is layered on top via `COPY root /var/www/html`.
- **Container Base Image Pattern**: `Dockerfile`is a single-stage build from a fixed `dunglas/frankenphp:1-php8.5-alpine` tag (Alpine-based FrankenPHP with Caddy). No `ARG VERSION` — the tag is pinned, Renovate auto-detects it. Application code is layered via `COPY root /app/public`. FrankenPHP provides PHP + Caddy pre-configured.
- **Traefik IngressRoute with HTTPS Redirect**: Two IngressRoute resources handle traffic — `ip-websecure` serves HTTPS on the `websecure` entrypoint, `ip-web` catches HTTP on `web` entrypoint and applies a `redirectScheme` middleware for permanent HTTPS redirect. The Service reference in the HTTP IngressRoute is required by Traefik even though the middleware intercepts before reaching it.
- **Health Probes**: Deployment defines both `livenessProbe` and `readinessProbe` using `httpGet` on `/` at the named `http` port (8080). Kubernetes uses these to restart unhealthy pods and exclude unready pods from the Service endpoints.
- **Security Hardening**: Pod spec sets `automountServiceAccountToken: false` to prevent unnecessary Kubernetes API access from the container.
"description":"Detect ARG VERSION pin for jcabillot/phpapache base image",
"managerFilePatterns":[
"/^Dockerfile$/"
],
"matchStrings":[
"ARG\\s+VERSION=\"(?<currentValue>[^\"]+)\""
],
"depNameTemplate":"jcabillot/phpapache",
"datasourceTemplate":"docker"
}
]
}
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
jcabillot
Hermes Agent
renovate
cloudix_mcp_server