https://github.com/dlespiau/quay-exporter
https://github.com/dlespiau/quay-exporter
prometheus prometheus-exporter quay
Last synced: 7 months ago
JSON representation
- Host: GitHub
- URL: https://github.com/dlespiau/quay-exporter
- Owner: dlespiau
- License: apache-2.0
- Created: 2017-11-13T13:39:21.000Z (almost 8 years ago)
- Default Branch: master
- Last Pushed: 2017-12-14T18:39:07.000Z (almost 8 years ago)
- Last Synced: 2024-10-18T20:49:11.915Z (about 1 year ago)
- Topics: prometheus, prometheus-exporter, quay
- Language: Go
- Size: 3.63 MB
- Stars: 2
- Watchers: 2
- Forks: 2
- Open Issues: 6
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# quay.io exporter
`quay-exporter` is a daemon exposing information about your quay.io
repositories as Prometheus metrics. Those metrics can be then used to monitor
the number and severity of vulnerabilities present in the docker images
published in that service.
## Install Instructions
### Compiling from sources
To run the daemon locally, use:
```shell
$ go get github.com/dlespiau/quay-exporter
$ quay-exporter weaveworks
```
`quay-exporter` can access private repositories when provided with an OAUTH 2
bearer token using the `-quay-token` command line parameter.
### Using the Docker image
Using `quay-expoter` from the published Docker image is one command away:
```shell
docker run -p 8080:8080 quay.io/damien.lespiau/quay-exporter weaveworks
```
### Deploying on Kubernetes
A sample Deployment manifest is provided to deploy `quay-exporter` on a
Kubernetes cluster:
```shell
kubectl -n monitoring apply -f quay-exporter-deploy.yaml
```
## Visualize Metrics
To view the available metrics, point your browser at `http://localhost:8080/metrics/`:
```
quay_vulnerabilities{organization="weaveworks",os="debian:9",repository="build-golang",severity="critical"} 7
```
The latest tag of `weaveworks/build-golang` is running a Debian 9 image with
7 known critical vulnerabilities. Fortunately, `build-golang` is only used for
building containers images, not running services! Also rebuilding the image
will update the packages in the base image, which will fix the known
vulnerabilities.
## Troubleshooting
One can find more information about what the daemon is doing by increasing the log level:
```shell
$ quay-exporter -log-level debug weaveworks
```