diff --git a/.github/workflows/docker-build.yml b/.github/workflows/docker-build.yml
index 6603717..46fc003 100644
--- a/.github/workflows/docker-build.yml
+++ b/.github/workflows/docker-build.yml
@@ -4,13 +4,27 @@ name: Docker build and run
 permissions:
   contents: read
 jobs:
+  php-versions:
+    name: Lookup PHP versions
+    runs-on: ubuntu-24.04
+    outputs:
+      matrix: ${{ steps.versions.outputs.matrix }}
+    steps:
+      - uses: actions/checkout@v6
+      - uses: antfroger/php-version-action@v1
+        id: versions
+
   build:
-    name: Docker build and run
+    name: Docker build and run (PHP ${{ matrix.php-version }})
+    needs: php-versions
     if: '!github.event.deleted'
     runs-on: ubuntu-24.04
+    strategy:
+      matrix:
+        php-version: ${{ fromJSON(needs.php-versions.outputs.matrix) }}
     steps:
       - uses: actions/checkout@v6
       - name: Docker build
-        run: docker build --tag github-security-jira:latest .
+        run: docker build --build-arg PHP_VERSION=${{ matrix.php-version }} --tag github-security-jira:php${{ matrix.php-version }} .
       - name: Run in Docker
-        run: docker run -t --rm github-security-jira:latest --version
+        run: docker run -t --rm github-security-jira:php${{ matrix.php-version }} --version
diff --git a/Dockerfile b/Dockerfile
index 52efa46..02fcbc6 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,5 +1,16 @@
+# Build arguments for version flexibility
+ARG PHP_VERSION=8.3
+ARG COMPOSER_VERSION=2
+
+# -----------------
+# Get Composer binary from official image
+FROM composer:${COMPOSER_VERSION} AS composer
+
 # -----------------
-FROM composer:2.9.1@sha256:7384cf9fa70b710af02c9f40bec6e44472e07138efa5ab3428a058087c0d2724 AS build-env
+# Build stage: install dependencies using matching PHP version
+FROM php:${PHP_VERSION}-alpine AS build-env
+
+COPY --from=composer /usr/bin/composer /usr/bin/composer
 
 COPY . /opt/ghsec-jira/
 
@@ -8,7 +19,8 @@ WORKDIR /opt/ghsec-jira
 RUN composer install --prefer-dist --no-dev
 
 # -----------------
-FROM php:8.3.7-alpine3.18@sha256:3da837b84db645187ae2f24ca664da3faee7c546f0e8d930950b12d24f0d8fa0
+# Runtime stage
+FROM php:${PHP_VERSION}-alpine
 
 COPY --from=build-env /opt/ghsec-jira/ /opt/ghsec-jira/