Open smythp opened 2 weeks ago
It errors on GitHub, and seems that I need a token.
Indeed to run the vunnel provider (which is being invoked by grype-db) then you'll need a github token. I don't think any special permissions are needed.
I'm using the following .grype-db.yaml
file to run this:
provider:
root: data/vunnel
vunnel:
executor: docker
docker-tag: latest
generate-configs: true
env:
GITHUB_TOKEN: $GITHUB_TOKEN
This will forward the GITHUB_TOKEN
env var from your host to the container that is running vunnel.
Ideally we should document:
I seem to be able to download the data cache for all providers using the make command without issues, but when using
It errors on GitHub, and seems that I need a token. I'm wondering if there are docs on which token is needed? Looking at the config, it seems the token should be set an an env variable, but correct me if I'm wrong.
Alternatively, is there a way to run the grype-db build command and use all the cached data in the data folder? It seems like it really wants grype-db -g to be run to configure providers first, but I have the data sitting here in the cache, and just grype-db to build a database using all of it.