php - tutorial - laravel docker production

Composer uses own Symfony path in docker(loading old files) (2)

  • I'm using docker.
  • Post update command (php class) is running after composer update.
  • Was working well till I did Laravel update 5.4->5.5 which downloaded new Symfony packages
  • composer clear cache didn't help
  • composer self-update didn't help
  • composer signatures are equal

[Symfony\Component\Debug\Exception\FatalThrowableError] Call to undefined method Illuminate\Foundation\Console\ClosureCommand::setHidden()

I was serching the files and this method exist in parent class! I put this little thing in constructor what is going on:

use Symfony\Component\Console\Command\Command as SymfonyCommand;

class Command extends SymfonyCommand
    public function __construct()
        $r1 = new \ReflectionClass($this);
        $r2 = new \ReflectionClass(SymfonyCommand::class);
        var_dump([$r1->getFileName(), $r2->getFileName()]);
// rest of class

Result: composer autoload own, older Command.php instead of this from project.

array(2) {
  string(91) "/var/www/html/vendor/laravel/framework/src/Illuminate/Foundation/Console/ClosureCommand.php"
  string(67) "phar:///usr/bin/composer/vendor/symfony/console/Command/Command.php"

I would like to know why symfony class is not loaded from project but from some magic place and how I can fix that.

Additional info:

Dockerfile for php that add composer:

# Composer
ENV PATH "/composer/vendor/bin:$PATH"

RUN curl -s -f -L -o /tmp/composer-setup.php
RUN curl -s -f -L -o /tmp/composer-setup.sig
RUN php -r " \
    \$signature_php = hash('SHA384', file_get_contents('/tmp/composer-setup.php')); \
    \$signature_sig = trim(file_get_contents('/tmp/composer-setup.sig')); \
    echo ' SIGNATURE PHP: [' . \$signature_php . \"]\\n\"; \
    echo ' SIGNATURE SIG: [' . \$signature_sig . \"]\\n\"; \
    if (\$signature_php !== \$signature_sig) { \
        unlink('/tmp/composer-setup.php'); \
        echo 'Integrity check failed, installer is either corrupt or worse.' . PHP_EOL; \
        exit(1); \
RUN php /tmp/composer-setup.php --no-ansi --install-dir=/usr/bin cd --filename=composer --version=${COMPOSER_VERSION} \
 && rm /tmp/composer-setup.php \
 && composer --ansi --version --no-interaction

Composer part:

"post-update-cmd": [
   "php artisan vendor:publish --tag=public --force",
   "php artisan optimize"

I think that running composer self-update command updates the composer's signature as well. Also i would suggest try the following if you have ssh access to the server:

  • Remove composer.lock.
  • Remove vendor folder.
  • Run composer install

This should fix all the issues you mentioned.

Maybe the signature for obtain composer is not matching, you have to know that signature can change, if you want to obtain the last one use this url

Use this snippet for verify signature.

php -r "copy('', 'composer-setup.php');" && \
            php -r "if (hash_file('SHA384', 'composer-setup.php') === '$(wget -q -O -') { \
                echo 'Installer good'; \
            } else { \
                echo 'Installer corrupt'; die; \
            } echo PHP_EOL;"