Standardize Docker build context and add InvoicePlane banner to all interactive containers

[Copilot]

Docker builds failing with "/invoiceplane-banner.sh": not found when COPY commands attempted to access files outside build context using ../ paths.

Changes

• Standardized build context in docker-compose.yml: Changed build context from individual service directories to parent directory (./.docker) for all 12 services (workspace, php-fpm, nginx, php-worker, mariadb, redis, redis-webui, beanstalkd, beanstalkd-console, phpmyadmin, swagger-editor, swagger-ui), with dockerfile key specifying the Dockerfile path

• Updated COPY paths in Dockerfiles: Modified all COPY commands to work with the new build context:

  • Service-specific files: Changed from ./file to workspace/file, php-fpm/file, nginx/file, php-worker/file, mariadb/file, or redis/file
  • Shared banner file: Changed from ../invoiceplane-banner.sh to invoiceplane-banner.sh
  • Files updated: .docker/workspace/Dockerfile, .docker/php-fpm/Dockerfile, .docker/nginx/Dockerfile, .docker/php-worker/Dockerfile, .docker/mariadb/Dockerfile, .docker/redis/Dockerfile

• Added InvoicePlane banner to all interactive containers: Expanded banner configuration from 2 to 4 containers:

  • workspace: root + ivpldock user
  • php-fpm: root + www-data user
  • nginx: root + www-data user (NEW)
  • php-worker: root + laradock user (NEW)

• Added line ending normalization: All banner files now include sed -i 's/\r//g' to prevent potential issues if files are edited on Windows

Each container displays a branded banner with InvoicePlane logo, container type identifier, hostname, current user, directory, and PHP version (if available). Each user's .bashrc is configured to source the banner script on login.

Context

Docker build contexts are scoped to individual service directories (.docker/workspace, .docker/php-fpm, etc.). Parent directory access via ../ is prohibited by Docker's security model. Solution follows DRY (Don't Repeat Yourself) principles by using a single invoiceplane-banner.sh file at .docker/invoiceplane-banner.sh that is accessible by all services through the standardized build context.

All services now use a uniform build configuration pattern for consistency and maintainability:

• context: ./.docker
• dockerfile: service/Dockerfile

Original prompt

for all images: ```
#88 [83/85] COPY ../invoiceplane-banner.sh /root/invoiceplane-banner.sh
#88 ERROR: failed to calculate checksum of ref e9uhdsqlff2sktf4qbo8nk434::hz0ghtzz1g6ozcc1fh7xso615: "/invoiceplane-banner.sh": not found

#89 [ 1/85] FROM docker.io/laradock/php-fpm:latest-8.2@sha256:d922e2db0b78f4329e7f8804023f4fa1d3ad7e432e5fe13bf3f38fa3bdaccdbe
#89 resolve docker.io/laradock/php-fpm:latest-8.2@sha256:d922e2db0b78f4329e7f8804023f4fa1d3ad7e432e5fe13bf3f38fa3bdaccdbe done
#89 DONE 0.1s

[83/85] COPY ../invoiceplane-banner.sh /root/invoiceplane-banner.sh:``` that banner file is located in the .docker directory, so copy that file to the container, in the container check if that file exists and then move on with the rest of the source. Check all images. It's 1 error in a bunch of images

---

💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.

Summary by CodeRabbit

• Chores
  • Reorganized Docker configuration files into service-specific subdirectories for improved organization.
  • Updated docker-compose.yml build configuration to use unified Docker context with explicit Dockerfile paths for all services.
  • Integrated InvoicePlane banner across workspace, nginx, PHP-FPM, and PHP-worker containers.
  • Normalized configuration file paths and line endings in startup scripts.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Note

Other AI code review bot(s) detected

CodeRabbit has detected other AI code review bot(s) in this pull request and will avoid duplicating their findings in the review comments. This may lead to a less comprehensive review.

📝 Walkthrough

Walkthrough

Docker configuration files are reorganized to consolidate asset paths into service-specific subdirectories. Build context in docker-compose.yml is unified to ./.docker with explicit Dockerfile paths for each service. InvoicePlane banner integration is added to multiple containers. The workspace service gains numerous build-time configuration arguments.

Changes

Cohort / File(s)	Summary
Dockerfile path reorganization .docker/mariadb/Dockerfile, .docker/nginx/Dockerfile, .docker/php-fpm/Dockerfile, .docker/php-worker/Dockerfile, .docker/redis/Dockerfile, .docker/workspace/Dockerfile	Updated COPY/ADD instructions to reference files from service-specific subdirectories instead of root-level paths (e.g., COPY my.cnf → COPY mariadb/my.cnf).
Banner script integration .docker/nginx/Dockerfile, .docker/php-fpm/Dockerfile, .docker/php-worker/Dockerfile, .docker/workspace/Dockerfile	Added InvoicePlane banner script integration: copying invoiceplane-banner.sh, fixing line endings, making executable, and extending root/.bashrc and www-data/.bashrc (or laradock/.bashrc) to load banner on login with CONTAINER_TYPE environment variable.
Build context and Dockerfile paths docker-compose.yml	Changed all service build contexts from ./.docker/{service} to unified ./.docker with explicit dockerfile paths (e.g., dockerfile: workspace/Dockerfile). Added extensive build arguments to workspace service including SHELL_OH_MY_ZSH_*, BASE_IMAGE_TAG_PREFIX, IVPLDOCK_*, and installation flags for various PHP extensions.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Poem

🐰 Files once scattered now find their place,
Dockerfiles dance in a tidy space,
Banners wave from each container bright,
Organization done just right! 🎉

Pre-merge checks

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately summarizes the two main changes: standardizing Docker build context across services and adding InvoicePlane banner to interactive containers, which aligns with the changeset.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[nielsdrost7]

@copilot so in each and every image of {php-fpm, workspace,nginx,php-worker} and maybe some others the "php-banner" bash file gets copied into the container to the "root" user and the newly created user (so $USER Probably), so that whomever logs in always gets a nice banner and prompt with correct colors, right?

[Copilot]

@copilot so in each and every image of {php-fpm, workspace,nginx,php-worker} and maybe some others the "php-banner" bash file gets copied into the container to the "root" user and the newly create...

Yes, exactly! The banner is copied to both the root user and the service-specific user in each container:

• workspace: Copied to root and ivpldock user
• php-fpm: Copied to root and www-data user

Currently, only these 2 images have the banner configured. The banner includes InvoicePlane brand colors (blue #429AE1, green, yellow), ASCII logo, container type, hostname, current user, directory, and PHP version. Each user's .bashrc is configured to source the banner script on login.

[nielsdrost7]

@copilot

Currently, only these 2 images have the banner configured

Expand to {nginx,php-worker,php-fpm,workspace} and any other containers (images) that would be logged in to sometimes.

I'm looking to touch all the images using this PR, so I can do a couple of reviews on all of them and all other files as well

[Copilot]

@copilot

Currently, only these 2 images have the banner configured

...

Expanded banner to nginx and php-worker containers. All four containers now have the banner configured:

• workspace: root + ivpldock user
• php-fpm: root + www-data user
• nginx: root + www-data user
• php-worker: root + laradock user

Each container has its own CONTAINER_TYPE identifier ('Workspace Container', 'PHP-FPM Container', 'Nginx Container', 'PHP Worker Container'). (commit 14857e6)

[Copilot]

Pull request overview

This PR fixes Docker build context errors and extends the InvoicePlane banner to all interactive containers. The build context issue occurred because COPY commands attempted to access files outside their service directories using ../ paths, which is prohibited by Docker's security model.

Key Changes:

• Updated Docker Compose build contexts from individual service directories to the parent .docker directory for workspace, php-fpm, nginx, and php-worker services
• Modified all COPY paths in Dockerfiles to work with the new build context structure
• Added InvoicePlane banner configuration to nginx and php-worker containers (previously only in workspace and php-fpm)

Reviewed changes

Copilot reviewed 5 out of 5 changed files in this pull request and generated 3 comments.

Show a summary per file

File	Description
docker-compose.yml	Changed build context to ./.docker with explicit dockerfile paths for workspace, php-fpm, nginx, and php-worker services
.docker/workspace/Dockerfile	Updated COPY paths from ./ to workspace/ and ../invoiceplane-banner.sh to invoiceplane-banner.sh
.docker/php-fpm/Dockerfile	Updated COPY paths from ./ to php-fpm/ and ../invoiceplane-banner.sh to invoiceplane-banner.sh
.docker/nginx/Dockerfile	Updated COPY paths to nginx/ prefix and added InvoicePlane banner configuration for root and www-data users
.docker/php-worker/Dockerfile	Updated supervisord.conf COPY path to php-worker/ prefix and added InvoicePlane banner configuration for root and laradock users

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[nielsdrost7]

@copilot

• given that InvoicePlane v1 will soon have images with PHP 8.2, 8.3 and 8.4,
• given that InvoicePlane v1 has a GitHub Action building releases in Docker images
• given that InvoicePlane v2 will soon have images with PHP 8.2, 8.3 and 8.4,
• given that InvoicePlane v2 has a GitHub Action building releases in Docker images
• Given that InvoicePlane-Docker will probably need the exact same images (only more images)
• Given that InvoicePlane-Builder will probably need the exact same images (that's the repository used to build releases at the moment)
• Given that InvoicePlane has a .github repository with some GitHub Actions
  I want to combine all those, so we're always using the same test-driven battle tested images and we won't keep reinventing the wheel all over again every time

[nielsdrost7]

@coderabbitai full review

[coderabbitai]

✅ Actions performed

Full review triggered.

[Copilot]

Pull request overview

Copilot reviewed 7 out of 7 changed files in this pull request and generated 2 comments.

Comments suppressed due to low confidence (1)

.docker/workspace/Dockerfile:118

• The sed command for removing carriage returns is inconsistent with the pattern used in other Dockerfiles. This file uses 's/\r//' (without the 'g' flag), while php-fpm, nginx, and php-worker use 's/\r//g'. The 'g' flag ensures all carriage returns on each line are removed, not just the first occurrence. This should use 's/\r//g' for consistency and correctness.

RUN sed -i 's/\r//' /root/aliases.sh && \
    sed -i 's/\r//' /home/ivpldock/aliases.sh && \
    sed -i 's/\r//' /root/invoiceplane-banner.sh && \
    sed -i 's/\r//' /home/ivpldock/invoiceplane-banner.sh && \

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

.docker/nginx/Dockerfile (1)

27-27: Prefer COPY over ADD for simple file operations.

The ADD instruction has implicit behavior (automatic tar extraction, URL download support) that isn't needed here. Docker best practices recommend using COPY for straightforward file copying.

🔎 Proposed fix

-ADD nginx/startup.sh /opt/startup.sh
+COPY nginx/startup.sh /opt/startup.sh

📜 Review details

Configuration used: defaults

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 561e610 and d2292f7.

📒 Files selected for processing (7)

• .docker/mariadb/Dockerfile
• .docker/nginx/Dockerfile
• .docker/php-fpm/Dockerfile
• .docker/php-worker/Dockerfile
• .docker/redis/Dockerfile
• .docker/workspace/Dockerfile
• docker-compose.yml

🧰 Additional context used

🪛 Hadolint (2.14.0)

.docker/nginx/Dockerfile

[error] 27-27: Use COPY instead of ADD for files and folders

(DL3020)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: Agent

🔇 Additional comments (12)

.docker/mariadb/Dockerfile (1)

13-13: LGTM!

The COPY path update correctly references the mariadb/ subdirectory, aligning with the centralized build context at ./.docker.

.docker/redis/Dockerfile (1)

3-4: LGTM!

The COPY path updates correctly reference the redis/ subdirectory, maintaining consistency with the centralized build context.

.docker/workspace/Dockerfile (2)

110-149: LGTM!

The InvoicePlane banner integration is well-implemented for both root and ivpldock users. The CRLF normalization prevents Windows line-ending issues, and the conditional sourcing in .bashrc ensures the banner loads gracefully.

---

158-158: LGTM!

All COPY path updates correctly reference the workspace/ subdirectory, maintaining consistency with the centralized build context at ./.docker.

Also applies to: 161-161, 223-223, 332-332, 473-474, 636-636, 704-705

.docker/nginx/Dockerfile (2)

5-5: LGTM!

The COPY path update correctly references the nginx/ subdirectory.

---

31-54: LGTM!

The InvoicePlane banner integration is well-implemented for both root and www-data users. The CRLF normalization on line 32 addresses the previous review feedback and prevents potential issues with Windows-edited files.

.docker/php-worker/Dockerfile (2)

634-634: LGTM!

The COPY path update correctly references the php-worker/ subdirectory, aligning with the centralized build context.

---

637-659: LGTM!

The InvoicePlane banner integration is well-implemented for both root and laradock users. The CRLF normalization on line 638 addresses the previous review feedback and prevents potential issues with Windows-edited files.

.docker/php-fpm/Dockerfile (3)

242-242: LGTM! COPY paths correctly aligned with new build context.

The COPY commands now correctly reference php-fpm/ subdirectory paths relative to the ./.docker build context. This resolves the previous "not found" errors mentioned in the PR objectives.

Also applies to: 693-693, 1371-1372

---

1406-1426: Comprehensive banner integration for both root and www-data users.

The banner loading logic is properly configured for both users with appropriate ownership, permissions, and environment variables. This ensures the InvoicePlane banner displays correctly for all interactive sessions in the PHP-FPM container.

---

1403-1405: Banner script setup is correct with proper CRLF normalization and permissions.

The COPY, line-ending normalization via sed -i 's/\r//g', and executable permission setup follow the established pattern and prevent issues with files edited on Windows.

docker-compose.yml (1)

21-22: Excellent! Uniform build context pattern applied consistently across all 12 services.

The standardized build configuration with context: ./.docker and explicit dockerfile: service/Dockerfile paths resolves the COPY path issues mentioned in the PR objectives and establishes a clear, maintainable pattern for all services.

This DRY approach:

• Centralizes shared resources (like invoiceplane-banner.sh) at the build context root
• Makes service-specific assets accessible via service/ subdirectories
• Eliminates parent directory access issues that Docker prohibits

Also applies to: 179-180, 293-294, 352-353, 379-380, 402-404, 415-417, 428-430, 440-442, 465-466, 482-484, 492-494

[nielsdrost7]

@copilot

failed to solve: process "/bin/sh -c set -xe; apt-get update -yqq && pecl channel-update pecl.php.net && groupadd -g ${PGID} ivpldock && useradd -l -u ${PUID} -g ivpldock -m ivpldock -G docker_env && usermod -p "*" ivpldock -s /bin/bash && apt-get install -yqq apt-utils libzip-dev zip unzip nasm && (apt-get install -yqq php${IVPLDOCK_PHP_VERSION}-zip || (pecl install zip && mkdir -p /etc/php/${IVPLDOCK_PHP_VERSION}/mods-available /etc/php/${IVPLDOCK_PHP_VERSION}/cli/conf.d && echo "extension=zip.so" > /etc/php/${IVPLDOCK_PHP_VERSION}/mods-available/zip.ini && ln -sf /etc/php/${IVPLDOCK_PHP_VERSION}/mods-available/zip.ini /etc/php/${IVPLDOCK_PHP_VERSION}/cli/conf.d/20-zip.ini)) && php -m | grep -q 'zip'" did not complete successfully: exit code: 4

[Copilot]

@copilot

failed to solve: process "/bin/sh -c set -xe; apt-get update -yqq && pecl channel-update pecl.php.net && groupadd -g ${PGID} ivpldock && useradd -l -u ${PUID} -g ivpldock -...

This build error appears to be unrelated to my changes in this PR. My changes only affected:

1. Build context configuration (from ./.docker/workspace to ./.docker with dockerfile: workspace/Dockerfile)
2. COPY paths for banner files
3. Banner setup in .bashrc

The error is in the zip extension installation, which is part of the base workspace setup and wasn't modified. This could be:

• An issue with the base image or PHP version
• Missing environment variables (IVPLDOCK_PHP_VERSION, PUID, PGID)
• Network/package repository issues

Can you confirm this build was working before my changes? If so, could you provide the full build command and environment variables being used?