There is no `db-all` make target

[naddeoa]

The docs say that you can build the trivy db by checking out the repo and running make db-all.

https://github.com/aquasecurity/trivy-db/blob/e76bad987018b0ad3f1076c7a3d4d1b01ef935a2/README.md?plain=1#L52

As far as I can tell, the target was removed in commit 6121d35293a33365ef61c8474525571861f9fe47. I was going to work around it by just building the docker image instead with docker build . -t trivy-db, but that references make db-all also, which implies it doesn't work at all and probably isn't used in general.

The CI file uses the db-build target instead but the README has no instructions for setting up your dev environment to make that actually work locally.

https://github.com/aquasecurity/trivy-db/blob/e76bad987018b0ad3f1076c7a3d4d1b01ef935a2/.github/workflows/cron.yml#L43-L44

Is there another target we should use? Experimentally, I can get it working by recreating what that old deleted target was doing but I'm not sure why I would have to do that.

For context, I'm just trying to build the db to work around the rate limiting issues described in https://github.com/aquasecurity/trivy-action/issues/389

[naddeoa]

Follow up question.

Are the docker and public.ecr.aws repos fair game for the public to use as well? Compared to the ghcr repo they're very underutilized. If I can just add --db-repository public.ecr.aws/aquasecurity/trivy-db:2 to my trivy command and get my images from a non ghcr source then that's probably much easier, unless the AWS one isn't updated as often or has some other issue.

[halamix2]

git log -S db-all points that thsi target was removed in #347 Still, readme and Dockerfile files reference this target

As a workaround, running make build db-fetch-langs db-fetch-vuln-list db-build db-compact db-compress should work

• https://github.com/aquasecurity/trivy-db/pull/347