Redis storage driver ignores --storage_driver_password, fails against AUTH-required Redis

[oyste]

What happened?

When running cAdvisor v0.52.1 with -storage_driver=redis, -storage_driver_host=redis:6379, and -storage_driver_password=redisPswrd, no metrics are persisted. Redis logs report a dropped connection with “Possible SECURITY ATTACK” and the LPUSH never reaches the database. Manually replaying the connection shows the driver never sends AUTH, so Redis immediately rejects the request.

How to reproduce?

1. Start Redis 7/8 with a password (e.g. requirepass redisPassword).

2. Run the stock cAdvisor image (gcr.io/cadvisor/cadvisor:v0.52.1) with:
   -storage_driver=redis -storage_driver_host=redis:6379 -storage_driver_password=redisPswrd

3. Watch Redis via MONITOR or check for the cadvisor list key.

What did you expect to happen?

cAdvisor should authenticate using the configured password and push container stats into Redis.

What actually happened?

Redis blocks the unauthenticated connection. No AUTH command is issued by the driver, so the subsequent LPUSH never succeeds.

Anything else we need to know?

• Confirmed by reading cmd/internal/storage/redis/redis.go—the driver dials Redis but ignores storage.ArgDbPassword.
• Reproduced on Docker Desktop / Debian Bookworm host.
• Workaround is to disable authentication on Redis, which isn’t desirable.