Fix update-cache.yml so it won't run if no NVD_API_KEY

[terriko]

I'm getting messages from people's forks of cve-bin-tool indicating that they can't run the cache update in github actions. I'm guessing they're failing because the users in question haven't got an NVD_API_KEY set.

We probably just want to make the cache job not run at all in this case; probably if you don't have an API Key set you are someone who just dropped by to fix a quick bug and aren't interested in maintaining a regular development environment. Not sure what the best way to communicate with the user here is: I explicitly don't want the jobs failing (because what's the point) so maybe just a notice in the .yml file explaining how to get a key and have it run if you do want a personal data cache? And maybe something in the developer docs pointing at it?