Skip to content

Update Docker images to latest stable versions #257

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
josecelano merged 4 commits into from
Dec 29, 2025
Merged

Update Docker images to latest stable versions #257

josecelano merged 4 commits into from
Dec 29, 2025

Conversation

@josecelano
Copy link
Member

@josecelano josecelano commented Dec 29, 2025

Summary

Updates Docker images to their latest stable versions with long-term support, prioritizing security and maintenance windows.

Closes #253

Changes

Docker Image Updates

  • Prometheus: v3.0.1 → v3.5.0 (LTS) - 7 months support remaining
  • Grafana: 11.4.0 → 12.3.1 (latest major version)
  • MySQL: 8.0 (generic) → 8.4 (explicit LTS) - 6+ years support remaining

MySQL 8.4 Compatibility Fix

  • Fixed MySQL authentication parameter for 8.4 compatibility
  • Changed --default-authentication-plugin=mysql_native_password to --mysql-native-password=ON
  • Old parameter was deprecated in MySQL 8.4 and caused container initialization failures

Documentation Updates

  • Updated security scan documentation with Trivy v0.68.2 results
  • Added MySQL configuration guidance to manual testing guides
  • Fixed example configurations in docs/e2e-testing/manual/mysql-verification.md
  • Added complete MySQL configuration example with all required fields

Testing

Manual E2E Tests Completed

SQLite Test - Full deployment workflow verified with:

  • Prometheus v3.5.0 running and healthy
  • Grafana 12.3.1 accessible and responsive
  • Tracker successfully handling HTTP requests

MySQL Test - Full deployment workflow verified with:

  • MySQL 8.4 container running and healthy with new authentication parameter
  • Tracker successfully connected to MySQL database
  • All services (Prometheus, Grafana, Tracker, MySQL) running with correct versions
  • BitTorrent announce requests working correctly

Security Scans

All images scanned with Trivy v0.68.2:

See docs/security/docker-image-security-scans.md for detailed vulnerability information.

Commits

  • docs: update Trivy version to 0.68.2 in security scan documentation
  • fix: update MySQL 8.4 authentication parameter
  • docs: add MySQL configuration guidance to manual testing docs

@josecelano
docs: [#253] update issue spec with correct image versions
ec66d31 
- Use Prometheus v3.5.0 LTS instead of v3.8.1 for 1-year support
- Use Grafana 12.3.1 (latest major) instead of 11.5.0
- Update all references in table, specifications, and acceptance criteria
- Maintain MySQL 8.4 LTS recommendation
@josecelano
docs: [#253] update security scans with trivy v0.68.2
fa175d8 
- Update Trivy version from 0.65.0 to 0.68.2
- Re-run security scans on all three Docker images
- Update scan results in docs/security/docker-image-security-scans.md

Scan Results:
- Prometheus v3.5.0: 3 HIGH (Go stdlib CVE-2025-47907, CVE-2025-58183, CVE-2025-61729)
- Grafana 12.3.1: 0 vulnerabilities (clean)
- MySQL 8.4: 4 HIGH (urllib3 CVE-2025-66418, CVE-2025-66471, gosu Go stdlib issues)

All vulnerabilities are in dependencies (Go stdlib, urllib3, gosu), not core application code.
Risk assessment: LOW - waiting for upstream vendors to release patched images.
@josecelano
fix: [#253] update MySQL 8.4 authentication parameter
6171a6b 
MySQL 8.4 deprecated --default-authentication-plugin in favor of
--mysql-native-password=ON. This change updates the docker-compose
template to use the correct MySQL 8.4 syntax.

The old parameter caused MySQL container initialization to fail with:
'unknown variable default-authentication-plugin=mysql_native_password'

Verified working with MySQL 8.4.7 in manual E2E test.
@josecelano
docs: [#253] add MySQL configuration guidance to manual testing docs
eac6bbc 
Added comprehensive MySQL configuration examples and guidance to help
users understand how to configure MySQL instead of SQLite.

Changes:
- docs/e2e-testing/manual/README.md: Added MySQL configuration example
  with required fields (host, port, database_name, username, password)
- docs/e2e-testing/manual/mysql-verification.md: Fixed example
  configuration to show complete structure with all required fields

The previous example was incomplete and showed an incorrect structure
with a separate 'database' section. The correct configuration embeds
all MySQL settings under tracker.core.database.
@josecelano josecelano self-assigned this Dec 29, 2025
@josecelano
Copy link
Member Author

josecelano commented Dec 29, 2025

ACK eac6bbc

@josecelano josecelano merged commit 69ae424 into main Dec 29, 2025
42 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@josecelano josecelano

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Update Docker Images to Latest Stable Versions

2 participants

@josecelano