Skip to content

Add GRYPE_DB_EXECUTABLE_PATH support to bypass Go build requirement #699

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Oct 6, 2025
Merged

Add GRYPE_DB_EXECUTABLE_PATH support to bypass Go build requirement #699

merged 3 commits into from
Oct 6, 2025

Conversation

jamestexas
Copy link
Contributor

Summary

Add opt-in environment variable GRYPE_DB_EXECUTABLE_PATH to allow using pre-built grype-db binaries instead of building from source. This enables running grype-db-manager in distroless containers or environments without Go toolchain installed.

Changes

  • Added GRYPE_DB_EXECUTABLE_PATH environment variable support
  • Uses cross-platform shutil.which() for executable validation
  • Logs warning and falls back to source build if path is invalid
  • No behavior change for existing users (opt-in only)
  • Comprehensive test coverage for all scenarios

Use Case

Useful for CI environments where grype-db binary is already available, eliminating the need for Go toolchain in container images. This does include the same checks, but skips the build / pull if the executable exists.

Testing

# Run new tests
uv run pytest manager/tests/unit/test_grypedb.py::TestGrypeDB::test_install_grype_db_with_executable_path -v

# All manager tests pass
uv run pytest manager/tests/unit/test_grypedb.py

@jamestexas jamestexas marked this pull request as draft September 25, 2025 18:29
@jamestexas
feat: add GRYPE_DB_EXECUTABLE_PATH support to bypass go build issues
41a6267 
Add opt-in env var GRYPE_DB_EXECUTABLE_PATH to allow using pre-built grype-db binaries
instead of building from source. This enables easier execution of grype-db-manager in
distroless environments without the Go toolchain installed
- Uses cross-platform shutil.which() for executable validation
- Logs warnings and falls back to source build if path is invalid or not exe
- No behavior changes for existing users (opt-in only)
- Test coverage added for new branching logic changes

Signed-off-by: James Gardner <[email protected]>
@jamestexas jamestexas force-pushed the grypedb-executable-path branch from b199cf8 to 41a6267 Compare September 25, 2025 19:09
@jamestexas jamestexas marked this pull request as ready for review September 25, 2025 19:10
@jamestexas jamestexas changed the title Grypedb executable path Add GRYPE_DB_EXECUTABLE_PATH support to bypass Go build requirement Sep 25, 2025
@jamestexas
chore:(manager/src/grype_db_manager/grypedb.py): move env check to ow…
4fbe12b 
…n method for cyclomatic complexity linting

Signed-off-by: James Gardner <[email protected]>
@jamestexas
lint(src/grype_db_manager/grypedb.py): exclude c901 failure on _insta…
9dcfa15 
…ll_grype_db

Signed-off-by: James Gardner <[email protected]>
@jamestexas
Copy link
Contributor Author

jamestexas commented Sep 26, 2025
edited
Loading

The failing stuff in CI was related to cyclomatic complexity (C901), as the number of conditionals in the method already are at the limit.

@wagoodman - I am happy to refactor this, but due to this being load bearing think it might be appropriate to add in an exclusion for that rule there. I've gone ahead and added it, but if you'd prefer for me to refactor just let me know! Thanks.

@wagoodman wagoodman added the enhancement New feature or request label Oct 6, 2025
@wagoodman wagoodman merged commit d1477f3 into anchore:main Oct 6, 2025
11 checks passed
@jamestexas
Copy link
Contributor Author

Thanks @wagoodman !

@jamestexas jamestexas deleted the grypedb-executable-path branch October 6, 2025 20:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@wagoodman wagoodman wagoodman approved these changes

Assignees

No one assigned

Labels

enhancement New feature or request

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@jamestexas @wagoodman