chore: update Docker images for security vulnerability fixes

## Summary

The torrust-tracker-deployer has released vulnerability fixes for several third-party Docker images. This issue tracks updating the demo deployment to use the patched versions.

**Reference**: [PR torrust-tracker-deployer#436](https://github.com/torrust/torrust-tracker-deployer/pull/436) - Docker vulnerability remediation pass 1

## Images to Update

The following images have security updates available:

| Service | Current Version | Updated Version | CVE Reduction |
|---------|-----------------|-----------------|----------------|
| Prometheus | `v3.5.0` | `v3.5.1` | 16 HIGH → 6 HIGH, 4 CRITICAL |
| Grafana | `12.3.1` | `12.4.2` | 18 HIGH, 6 CRITICAL → 4 HIGH, 0 CRITICAL |
| Caddy | `2.10` (or untagged) | `2.10.2` | 18 HIGH, 6 CRITICAL → 14 HIGH, 4 CRITICAL |

## Update Procedure

### 1. Update docker-compose.yml

Edit `docker-compose.yml` and update the image references:

```yaml
services:
  prometheus:
    image: prom/prometheus:v3.5.1  # Updated from v3.5.0
    # ... rest of config

  grafana:
    image: grafana/grafana:12.4.2  # Updated from 12.3.1
    # ... rest of config

  caddy:
    image: caddy:2.10.2  # Updated from 2.10
    # ... rest of config
```

### 2. Pull new images

```bash
docker compose pull prometheus grafana caddy
```

### 3. Restart services

```bash
docker compose up -d prometheus grafana caddy
```

### 4. Verify

```bash
docker compose ps
docker images | grep -E "prom/prometheus|grafana/grafana|caddy"
```

Expected output:
```
prom/prometheus                     v3.5.1    ...
grafana/grafana                     12.4.2    ...
caddy                               2.10.2    ...
```

## Verification

After updates:

- [ ] All three services are running (`docker compose ps` shows healthy status)
- [ ] Prometheus is scraping metrics correctly
- [ ] Grafana dashboards are accessible
- [ ] Caddy reverse proxy is routing traffic properly
- [ ] No error logs related to service startup

## Related Issues

- **torrust-tracker-deployer#428** - Docker vulnerability analysis and remediation
- **torrust-tracker-deployer#436** - PR with complete remediation details
- **torrust-tracker-deployer#433** - Prometheus follow-up (remaining CVEs)
- **torrust-tracker-deployer#434** - Grafana follow-up (remaining CVEs)
- **torrust-tracker-deployer#432** - Caddy follow-up (remaining CVEs)

## Timeline

After the deployer PR#436 is merged, this update can be applied to keep the demo deployment current with security fixes.


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore: update Docker images for security vulnerability fixes #14

Summary

Images to Update

Update Procedure

1. Update docker-compose.yml

2. Pull new images

3. Restart services

4. Verify

Verification

Related Issues

Timeline

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Service	Current Version	Updated Version	CVE Reduction
Prometheus	`v3.5.0`	`v3.5.1`	16 HIGH → 6 HIGH, 4 CRITICAL
Grafana	`12.3.1`	`12.4.2`	18 HIGH, 6 CRITICAL → 4 HIGH, 0 CRITICAL
Caddy	`2.10` (or untagged)	`2.10.2`	18 HIGH, 6 CRITICAL → 14 HIGH, 4 CRITICAL

chore: update Docker images for security vulnerability fixes #14

Description

Summary

Images to Update

Update Procedure

1. Update docker-compose.yml

2. Pull new images

3. Restart services

4. Verify

Verification

Related Issues

Timeline

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions