docs(hosting): document keeping the Docker setup up to date#2361
Open
Soner (shyim) wants to merge 4 commits into
Open
docs(hosting): document keeping the Docker setup up to date#2361Soner (shyim) wants to merge 4 commits into
Soner (shyim) wants to merge 4 commits into
Conversation
Add a 'Keeping the setup up to date' section to the Docker Image guide covering the three things that need updating (PHP base image, Shopware, own code) and how they differ. - Explain that a container built once keeps running outdated PHP unless it is rebuilt and redeployed, and that build != deploy. - Add an 'Am I affected?' check via 'php -v' and image scanning with Trivy/Grype; recommend scanning on a schedule and rebuilding only when a scan finds a vulnerability, rather than blind daily rebuilds. - Document the full rebuild-and-redeploy commands using the compose setup from the page. - Describe the recommended combined Shopware + PHP major upgrade path (e.g. 6.6/PHP 8.2 to 6.7/PHP 8.5) as separate, ordered steps.
Developer Docs healthcheckStatus: Completed with |
Contributor
There was a problem hiding this comment.
Pull request overview
Adds a new maintenance-focused section to the Docker-based hosting guide to help users keep their Shopware runtime and dependencies up to date over time, with practical checks, scanning guidance, and a safe major-upgrade sequence.
Changes:
- Adds a “Keeping the setup up to date” section explaining what needs updating (PHP base image vs. Shopware vs. custom code) and how to validate current versions.
- Documents a scan-driven rebuild/redeploy workflow (Trivy/Grype +
docker compose build --pull+docker compose up -d) and warns about build vs. deploy. - Extends the spellcheck wordlist with new terms introduced in the docs (e.g., CVEs, Trivy, Grype).
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.
| File | Description |
|---|---|
| guides/hosting/installation-updates/docker.md | Adds guidance and step-by-step instructions for keeping a Docker-based Shopware setup updated, including scanning and major upgrade sequencing. |
| .wordlist.txt | Adds newly used security/tooling terms to the accepted spellcheck wordlist. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Why
User feedback asked us to document the recommended way to keep a Docker-based Shopware environment up to date — and specifically the combined upgrade path (e.g. Docker image with PHP 8.2 / Shopware 6.6 → PHP 8.5 / Shopware 6.7). The existing Docker Image guide helps users get a container running but never explains how to maintain it afterwards, which leaves shops (especially smaller ones) running outdated, unpatched PHP.
What
Adds a "Keeping the setup up to date" section to
guides/hosting/installation-updates/docker.md:php -vinside the container plus image scanning with Trivy / Grype.Written for the non-expert shop owner, since that's who most often hits this problem.
Notes
performing-updates.mdandsystem-requirements.mdrather than duplicating the general update procedure.::: warning/::: dangercontainers and<PageRef>(no.mdextension) match existing repo conventions.