Static analysis tools for PHP in a single docker image

As part of my job I often perform application reviews and code quality analysis for clients who wish to have their code base looked at by an independent company. Running static analysis tools is usually a starting point to the review as it gives a general overview of a state of the project. I also like to run those tools as part of an introduction to an inherited code base.

For an easy access to the most popular static analysis tools for PHP I recently created a docker image - phpqa. Currently it comes with the following tools:

To start using the image pull it first:

docker pull jakzal/phpqa:alpine

Note that you can choose between Debian and Alpine based images (latest and alpine tags).

Now you're ready to run any of the tools included:

docker run -it --rm -v $(pwd):/project -w /project jakzal/phpqa:alpine phpstan analyse src

The command above will run a docker container and mount the current working directory as a /project.

In most cases I prefer to use an alias:

alias phpqa="docker run -it --rm -v $(pwd):/project -w /project jakzal/phpqa:alpine"

It simplifies the command:

phpqa phpstan analyse src

Depending on the requirements of the project being reviewed, it's often needed to customise the image further with additional PHP extensions or other kinds of dependencies. In such scenarios I simply create a new image based off jakzal/phpqa (see the docs for more).

To learn more about the phpqa image or follow its development, check out the following project pages:

Happy analysing!