CLI seems to require more setup than shown in the documentation
pnacht opened this issue · comments
After installing the CLI (from @main
, see #288), I'm trying to run the example shown in the README. However, I'm getting an error:
$ criticality_score github.com/kubernetes/kubernetes
> 2022-12-21 11:40:20.631 INFO Preparing default scorer
> 2022-12-21 11:40:20.639 ERROR Failed to create collector {"error": "init deps.dev source: bigquery: constructing client: google: could not find default credentials. See https://developers.google.com/accounts/docs/application-default-credentials for more information."}
> main.main
> /Users/pnacht/go/pkg/mod/github.com/ossf/criticality_score@v1.0.8-0.20221208223852-95942e03caa6/cmd/criticality_score/main.go:160
> runtime.main
> /usr/local/go/src/runtime/proc.go:250
Seems to require additional credentials...
I've also found cmd/criticality_score/README.md, which says we need to log into GCP before using the CLI. Maybe that's what it needs.
I therefore ran gcloud auth login --update-adc
(btw, the README has the command as gcloud login --update-adc
, which isn't recognized) and repeated the criticality_score command:
$ criticality_score github.com/kubernetes/kubernetes
> 2022-12-21 14:47:20.748 INFO Preparing default scorer
> 2022-12-21 14:47:20.750 ERROR Failed to create collector {"error": "init deps.dev source: unable to detect projectID, please refer to docs for DetectProjectID"}
> main.main
> /Users/pnacht/go/pkg/mod/github.com/ossf/criticality_score@v1.0.8-0.20221208223852-95942e03caa6/cmd/criticality_score/main.go:160
> runtime.main
> /usr/local/go/src/runtime/proc.go:250
The error is different now, something about "DetectProjectID"? Looking through the criticality_score codebase, I only found one reference to it and honestly didn't know how to proceed from here.
What else is required to run the CLI as a standalone?
I fixed one reference to gcloud auth login --update-adc
but missed this one. I have prepared a PR with a fix to clarify this and the project-id
configuration.
It would be great if there were working instructions in the top level readme
+1