Bump proxy base image to caddy/caddy:2.11.2-alpine (#21338)

geropl · ona-agent · web-flow · commit 51a7a8c8b5d4 · 2026-03-09T12:11:53.000+01:00
Same fix as the other Caddy-based images (dashboard, ide-proxy) from Together with the existing apk upgrade --no-cache, this resolves CVE-2026-22184 (zlib 1.3.1-r2 -> 1.3.2-r0). Co-authored-by: Ona <no-reply@ona.com>
diff --git a/components/proxy/Dockerfile b/components/proxy/Dockerfile
@@ -9,7 +9,7 @@ WORKDIR /plugins
 COPY plugins /plugins
 
 # build caddy
-RUN xcaddy build v2.11.1 \
+RUN xcaddy build v2.11.2 \
   --output /caddy \
   --with github.com/gitpod-io/gitpod/proxy/plugins/corsorigin=/plugins/corsorigin \
   --with github.com/gitpod-io/gitpod/proxy/plugins/secwebsocketkey=/plugins/secwebsocketkey \
@@ -22,7 +22,7 @@ RUN xcaddy build v2.11.1 \
   --with github.com/gitpod-io/gitpod/proxy/plugins/sshtunnel=/plugins/sshtunnel \
   --with github.com/gitpod-io/gitpod/proxy/plugins/frontend_dev=/plugins/frontend_dev
 
-FROM caddy/caddy:2.11-alpine
+FROM caddy/caddy:2.11.2-alpine
 
 # Ensure latest packages are present, like security updates.
 RUN apk upgrade --no-cache \
