Trying to install Trivy using the ghcr.io/devcontainers-contrib/features/trivy:1 feature and it seems as though the OS detection is not working correctly.
The line #0 6.463 nanolayer.installers.gh_release.resolvers.asset_resolver.AssetResolver.AssetResolverError: Too many matches found: ['trivy_0.48.3_Linux-64bit.tar.gz', 'trivy_0.48.3_Linux-ARM.tar.gz'] specifically catches my eye.
Relevant log output
------
> [dev_containers_target_stage 6/12] RUN --mount=type=bind,from=dev_containers_feature_content_source,source=trivy_1,target=/tmp/build-features-src/trivy_1 cp -ar /tmp/build-features-src/trivy_1 /tmp/dev-container-features && chmod -R 0755 /tmp/dev-container-features/trivy_1 && cd /tmp/dev-container-features/trivy_1 && chmod +x ./devcontainer-features-install.sh && ./devcontainer-features-install.sh && rm -rf /tmp/dev-container-features/trivy_1:
#0 0.238 ===========================================================================
#0 0.238 Feature : Trivy (via Github Releases)
#0 0.238 Description : Trivy is a comprehensive and versatile security scanner. It finds vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more.
#0 0.238 Id : ghcr.io/devcontainers-contrib/features/trivy
#0 0.238 Version : 1.0.9
#0 0.238 Documentation : http://github.com/devcontainers-contrib/features/tree/main/src/trivy
#0 0.238 Options :
#0 0.238 VERSION="v0.48.3"
#0 0.238 ===========================================================================
#0 1.231 nanolayer
#0 4.315 cd /tmp/tmpncwm7xyh && chmod +x -R . && _REMOTE_USER="vscode" _REMOTE_USER_HOME="/home/vscode" REPO="aquasecurity/trivy" BINARYNAMES="trivy" VERSION="v0.48.3" ASSETREGEX="" RELEASETAGREGEX="" BINLOCATION="/usr/local/bin" LIBNAME="" LIBLOCATION="/usr/local/lib" ADDITIONALFLAGS="" NANOLAYER_VERBOSE="" NANOLAYER_FORCE_CLI_INSTALLATION="" NANOLAYER_PROPAGATE_CLI_LOCATION="1" NANOLAYER_CLI_LOCATION="/tmp/nanolayer-9CYIFGXELc/nanolayer" bash -i +H ./install.sh
#0 4.315 Found a pre-existing nanolayer which were given in env variable: /tmp/nanolayer-9CYIFGXELc/nanolayer
#0 4.451 skipping usage of pre-existing nanolayer. (required version v0.5.4 does not match existing version 0.5.4)
#0 5.323 nanolayer
#0 6.440 'bom.json' filtered by '(\.json$|\.sbom$|\.blockmap$)' (negative)
#0 6.440 'trivy_0.48.3_checksums.txt' filtered by '(\.sig$|\.text$|\.txt$|[Cc]hecksums|sha256|\.sha1$|\.md5$)' (negative)
#0 6.440 'trivy_0.48.3_checksums.txt.pem' filtered by '(\.sig$|\.text$|\.txt$|[Cc]hecksums|sha256|\.sha1$|\.md5$)' (negative)
#0 6.440 'trivy_0.48.3_checksums.txt.sig' filtered by '(\.sig$|\.text$|\.txt$|[Cc]hecksums|sha256|\.sha1$|\.md5$)' (negative)
#0 6.440 'trivy_0.48.3_FreeBSD-32bit.tar.gz' filtered by '(32[Bb]it|32\-[Bb]it)' (negative)
#0 6.440 'trivy_0.48.3_FreeBSD-32bit.tar.gz.pem' filtered by '(\.pub$|\.pem$|\.crt$|\.asc$|pivkey|pkcs11key)' (negative)
#0 6.440 'trivy_0.48.3_FreeBSD-32bit.tar.gz.sig' filtered by '(\.sig$|\.text$|\.txt$|[Cc]hecksums|sha256|\.sha1$|\.md5$)' (negative)
#0 6.441 'trivy_0.48.3_FreeBSD-64bit.tar.gz.pem' filtered by '(\.pub$|\.pem$|\.crt$|\.asc$|pivkey|pkcs11key)' (negative)
#0 6.441 'trivy_0.48.3_FreeBSD-64bit.tar.gz.sig' filtered by '(\.sig$|\.text$|\.txt$|[Cc]hecksums|sha256|\.sha1$|\.md5$)' (negative)
#0 6.441 'trivy_0.48.3_Linux-32bit.deb' filtered by '(\.deb|\.rpm|\.pkg|\.apk|\.[Aa]ppImage|\.snap)' (negative)
#0 6.441 'trivy_0.48.3_Linux-32bit.deb.pem' filtered by '(\.deb|\.rpm|\.pkg|\.apk|\.[Aa]ppImage|\.snap)' (negative)
#0 6.441 'trivy_0.48.3_Linux-32bit.deb.sig' filtered by '(\.deb|\.rpm|\.pkg|\.apk|\.[Aa]ppImage|\.snap)' (negative)
#0 6.441 'trivy_0.48.3_Linux-32bit.rpm' filtered by '(\.deb|\.rpm|\.pkg|\.apk|\.[Aa]ppImage|\.snap)' (negative)
#0 6.441 'trivy_0.48.3_Linux-32bit.rpm.pem' filtered by '(\.deb|\.rpm|\.pkg|\.apk|\.[Aa]ppImage|\.snap)' (negative)
#0 6.441 'trivy_0.48.3_Linux-32bit.rpm.sig' filtered by '(\.deb|\.rpm|\.pkg|\.apk|\.[Aa]ppImage|\.snap)' (negative)
#0 6.441 'trivy_0.48.3_Linux-32bit.tar.gz' filtered by '(32[Bb]it|32\-[Bb]it)' (negative)
#0 6.441 'trivy_0.48.3_Linux-32bit.tar.gz.pem' filtered by '(\.pub$|\.pem$|\.crt$|\.asc$|pivkey|pkcs11key)' (negative)
#0 6.441 'trivy_0.48.3_Linux-32bit.tar.gz.sig' filtered by '(\.sig$|\.text$|\.txt$|[Cc]hecksums|sha256|\.sha1$|\.md5$)' (negative)
#0 6.441 'trivy_0.48.3_Linux-64bit.deb' filtered by '(\.deb|\.rpm|\.pkg|\.apk|\.[Aa]ppImage|\.snap)' (negative)
#0 6.441 'trivy_0.48.3_Linux-64bit.deb.pem' filtered by '(\.deb|\.rpm|\.pkg|\.apk|\.[Aa]ppImage|\.snap)' (negative)
#0 6.441 'trivy_0.48.3_Linux-64bit.deb.sig' filtered by '(\.deb|\.rpm|\.pkg|\.apk|\.[Aa]ppImage|\.snap)' (negative)
#0 6.441 'trivy_0.48.3_Linux-64bit.rpm' filtered by '(\.deb|\.rpm|\.pkg|\.apk|\.[Aa]ppImage|\.snap)' (negative)
#0 6.441 'trivy_0.48.3_Linux-64bit.rpm.pem' filtered by '(\.deb|\.rpm|\.pkg|\.apk|\.[Aa]ppImage|\.snap)' (negative)
#0 6.441 'trivy_0.48.3_Linux-64bit.rpm.sig' filtered by '(\.deb|\.rpm|\.pkg|\.apk|\.[Aa]ppImage|\.snap)' (negative)
#0 6.441 'trivy_0.48.3_Linux-64bit.tar.gz.pem' filtered by '(\.pub$|\.pem$|\.crt$|\.asc$|pivkey|pkcs11key)' (negative)
#0 6.441 'trivy_0.48.3_Linux-64bit.tar.gz.sig' filtered by '(\.sig$|\.text$|\.txt$|[Cc]hecksums|sha256|\.sha1$|\.md5$)' (negative)
#0 6.441 'trivy_0.48.3_Linux-ARM.deb' filtered by '(\.deb|\.rpm|\.pkg|\.apk|\.[Aa]ppImage|\.snap)' (negative)
#0 6.441 'trivy_0.48.3_Linux-ARM.deb.pem' filtered by '(\.deb|\.rpm|\.pkg|\.apk|\.[Aa]ppImage|\.snap)' (negative)
#0 6.441 'trivy_0.48.3_Linux-ARM.deb.sig' filtered by '(\.deb|\.rpm|\.pkg|\.apk|\.[Aa]ppImage|\.snap)' (negative)
#0 6.441 'trivy_0.48.3_Linux-ARM.rpm' filtered by '(\.deb|\.rpm|\.pkg|\.apk|\.[Aa]ppImage|\.snap)' (negative)
#0 6.441 'trivy_0.48.3_Linux-ARM.rpm.pem' filtered by '(\.deb|\.rpm|\.pkg|\.apk|\.[Aa]ppImage|\.snap)' (negative)
#0 6.441 'trivy_0.48.3_Linux-ARM.rpm.sig' filtered by '(\.deb|\.rpm|\.pkg|\.apk|\.[Aa]ppImage|\.snap)' (negative)
#0 6.441 'trivy_0.48.3_Linux-ARM.tar.gz.pem' filtered by '(\.pub$|\.pem$|\.crt$|\.asc$|pivkey|pkcs11key)' (negative)
#0 6.441 'trivy_0.48.3_Linux-ARM.tar.gz.sig' filtered by '(\.sig$|\.text$|\.txt$|[Cc]hecksums|sha256|\.sha1$|\.md5$)' (negative)
#0 6.441 'trivy_0.48.3_Linux-ARM64.deb' filtered by '([Aa]rm64|ARM64)' (negative)
#0 6.441 'trivy_0.48.3_Linux-ARM64.deb.pem' filtered by '([Aa]rm64|ARM64)' (negative)
#0 6.441 'trivy_0.48.3_Linux-ARM64.deb.sig' filtered by '([Aa]rm64|ARM64)' (negative)
#0 6.441 'trivy_0.48.3_Linux-ARM64.rpm' filtered by '([Aa]rm64|ARM64)' (negative)
#0 6.441 'trivy_0.48.3_Linux-ARM64.rpm.pem' filtered by '([Aa]rm64|ARM64)' (negative)
#0 6.442 'trivy_0.48.3_Linux-ARM64.rpm.sig' filtered by '([Aa]rm64|ARM64)' (negative)
#0 6.442 'trivy_0.48.3_Linux-ARM64.tar.gz' filtered by '([Aa]rm64|ARM64)' (negative)
#0 6.442 'trivy_0.48.3_Linux-ARM64.tar.gz.pem' filtered by '([Aa]rm64|ARM64)' (negative)
#0 6.442 'trivy_0.48.3_Linux-ARM64.tar.gz.sig' filtered by '([Aa]rm64|ARM64)' (negative)
#0 6.442 'trivy_0.48.3_Linux-PPC64LE.deb' filtered by '(\-ppc|ppc64|PPC64|_ppc)' (negative)
#0 6.442 'trivy_0.48.3_Linux-PPC64LE.deb.pem' filtered by '(\-ppc|ppc64|PPC64|_ppc)' (negative)
#0 6.442 'trivy_0.48.3_Linux-PPC64LE.deb.sig' filtered by '(\-ppc|ppc64|PPC64|_ppc)' (negative)
#0 6.442 'trivy_0.48.3_Linux-PPC64LE.rpm' filtered by '(\-ppc|ppc64|PPC64|_ppc)' (negative)
#0 6.442 'trivy_0.48.3_Linux-PPC64LE.rpm.pem' filtered by '(\-ppc|ppc64|PPC64|_ppc)' (negative)
#0 6.442 'trivy_0.48.3_Linux-PPC64LE.rpm.sig' filtered by '(\-ppc|ppc64|PPC64|_ppc)' (negative)
#0 6.442 'trivy_0.48.3_Linux-PPC64LE.tar.gz' filtered by '(\-ppc|ppc64|PPC64|_ppc)' (negative)
#0 6.442 'trivy_0.48.3_Linux-PPC64LE.tar.gz.pem' filtered by '(\-ppc|ppc64|PPC64|_ppc)' (negative)
#0 6.442 'trivy_0.48.3_Linux-PPC64LE.tar.gz.sig' filtered by '(\-ppc|ppc64|PPC64|_ppc)' (negative)
#0 6.442 'trivy_0.48.3_Linux-s390x.deb' filtered by '(s390x|s390)' (negative)
#0 6.442 'trivy_0.48.3_Linux-s390x.deb.pem' filtered by '(s390x|s390)' (negative)
#0 6.442 'trivy_0.48.3_Linux-s390x.deb.sig' filtered by '(s390x|s390)' (negative)
#0 6.442 'trivy_0.48.3_Linux-s390x.rpm' filtered by '(s390x|s390)' (negative)
#0 6.442 'trivy_0.48.3_Linux-s390x.rpm.pem' filtered by '(s390x|s390)' (negative)
#0 6.442 'trivy_0.48.3_Linux-s390x.rpm.sig' filtered by '(s390x|s390)' (negative)
#0 6.442 'trivy_0.48.3_Linux-s390x.tar.gz' filtered by '(s390x|s390)' (negative)
#0 6.442 'trivy_0.48.3_Linux-s390x.tar.gz.pem' filtered by '(s390x|s390)' (negative)
#0 6.442 'trivy_0.48.3_Linux-s390x.tar.gz.sig' filtered by '(s390x|s390)' (negative)
#0 6.442 'trivy_0.48.3_macOS-64bit.tar.gz' filtered by '([Mm]ac[Oo][Ss]|[Mm]ac\-[Oo][Ss]|\-osx\-|_osx_|[Dd]arwin|\.dmg)' (negative)
#0 6.442 'trivy_0.48.3_macOS-64bit.tar.gz.pem' filtered by '(\.pub$|\.pem$|\.crt$|\.asc$|pivkey|pkcs11key)' (negative)
#0 6.442 'trivy_0.48.3_macOS-64bit.tar.gz.sig' filtered by '(\.sig$|\.text$|\.txt$|[Cc]hecksums|sha256|\.sha1$|\.md5$)' (negative)
#0 6.442 'trivy_0.48.3_macOS-ARM64.tar.gz' filtered by '([Aa]rm64|ARM64)' (negative)
#0 6.442 'trivy_0.48.3_macOS-ARM64.tar.gz.pem' filtered by '([Aa]rm64|ARM64)' (negative)
#0 6.442 'trivy_0.48.3_macOS-ARM64.tar.gz.sig' filtered by '([Aa]rm64|ARM64)' (negative)
#0 6.442 'trivy_0.48.3_windows-64bit.zip' filtered by '(windows|Windows|WINDOWS|win32|\-win\-|\.msi$|.msixbundle$|\.exe$)' (negative)
#0 6.442 'trivy_0.48.3_windows-64bit.zip.pem' filtered by '(\.pub$|\.pem$|\.crt$|\.asc$|pivkey|pkcs11key)' (negative)
#0 6.442 'trivy_0.48.3_windows-64bit.zip.sig' filtered by '(\.sig$|\.text$|\.txt$|[Cc]hecksums|sha256|\.sha1$|\.md5$)' (negative)
#0 6.444 'trivy_0.48.3_FreeBSD-64bit.tar.gz' filtered by '([Aa]md64|\-x64|x64|x86[_-]64)'
#0 6.444 'trivy_0.48.3_Linux-64bit.tar.gz' filtered by '([Aa]md64|\-x64|x64|x86[_-]64)'
#0 6.444 'trivy_0.48.3_Linux-ARM.tar.gz' filtered by '([Aa]md64|\-x64|x64|x86[_-]64)'
#0 6.444 'trivy_0.48.3_FreeBSD-64bit.tar.gz' filtered by '([Ll]inux)'
#0 6.444 'trivy_0.48.3_Linux-64bit.tar.gz' filtered by '(?i)(ubuntu)'
#0 6.444 'trivy_0.48.3_Linux-ARM.tar.gz' filtered by '(?i)(ubuntu)'
#0 6.444 'trivy_0.48.3_Linux-64bit.tar.gz' filtered by '.*static.*'
#0 6.444 'trivy_0.48.3_Linux-ARM.tar.gz' filtered by '.*static.*'
#0 6.444 'trivy_0.48.3_Linux-64bit.tar.gz' filtered by '(?i)(debian)'
#0 6.444 'trivy_0.48.3_Linux-ARM.tar.gz' filtered by '(?i)(debian)'
#0 6.462 Traceback (most recent call last):
#0 6.462 File "<string>", line 1, in <module>
#0 6.462 File "nanolayer.__main__", line 50, in main
#0 6.462 File "typer.main", line 328, in __call__
#0 6.462 File "typer.main", line 311, in __call__
#0 6.462 File "click.core", line 1157, in __call__
#0 6.462 File "typer.core", line 778, in main
#0 6.463 File "typer.core", line 216, in _main
#0 6.463 File "click.core", line 1688, in invoke
#0 6.463 File "click.core", line 1688, in invoke
#0 6.463 File "click.core", line 1434, in invoke
#0 6.463 File "click.core", line 783, in invoke
#0 6.463 File "typer.main", line 683, in wrapper
#0 6.463 File "nanolayer.cli.install", line 156, in install_gh_release_binary
#0 6.463 File "nanolayer.installers.gh_release.gh_release_installer", line 145, in install
#0 6.463 File "nanolayer.installers.gh_release.resolvers.asset_resolver", line 327, in resolve
#0 6.463 nanolayer.installers.gh_release.resolvers.asset_resolver.AssetResolver.AssetResolverError: Too many matches found: ['trivy_0.48.3_Linux-64bit.tar.gz', 'trivy_0.48.3_Linux-ARM.tar.gz']
#0 6.602 Traceback (most recent call last):
#0 6.603 File "<string>", line 1, in <module>
#0 6.603 File "nanolayer.__main__", line 50, in main
#0 6.603 File "typer.main", line 328, in __call__
#0 6.603 File "typer.main", line 311, in __call__
#0 6.603 File "click.core", line 1157, in __call__
#0 6.603 File "typer.core", line 778, in main
#0 6.603 File "typer.core", line 216, in _main
#0 6.603 File "click.core", line 1688, in invoke
#0 6.603 File "click.core", line 1688, in invoke
#0 6.603 File "click.core", line 1434, in invoke
#0 6.603 File "click.core", line 783, in invoke
#0 6.603 File "typer.main", line 683, in wrapper
#0 6.603 File "nanolayer.cli.install", line 66, in install_devcontainer_feature
#0 6.603 File "nanolayer.installers.devcontainer_feature.oci_feature_installer", line 134, in install
#0 6.603 File "nanolayer.utils.invoker", line 59, in invoke
#0 6.603 nanolayer.utils.invoker.Invoker.InvokerException: The command 'cd /tmp/tmpncwm7xyh && chmod +x -R . && _REMOTE_USER="vscode" _REMOTE_USER_HOME="/home/vscode" REPO="aquasecurity/trivy" BINARYNAMES="trivy" VERSION="v0.48.3" ASSETREGEX="" RELEASETAGREGEX="" BINLOCATION="/usr/local/bin" LIBNAME="" LIBLOCATION="/usr/local/lib" ADDITIONALFLAGS="" NANOLAYER_VERBOSE="" NANOLAYER_FORCE_CLI_INSTALLATION="" NANOLAYER_PROPAGATE_CLI_LOCATION="1" NANOLAYER_CLI_LOCATION="/tmp/nanolayer-9CYIFGXELc/nanolayer" bash -i +H ./install.sh' failed. error: Return Code: 1. see logs for details.
#0 6.668 ERROR: Feature "Trivy (via Github Releases)" (ghcr.io/devcontainers-contrib/features/trivy) failed to install! Look at the documentation at http://github.com/devcontainers-contrib/features/tree/main/src/trivy for help troubleshooting this error.
------
Dockerfile.extended:33
--------------------
32 |
33 | >>> RUN --mount=type=bind,from=dev_containers_feature_content_source,source=trivy_1,target=/tmp/build-features-src/trivy_1 \
34 | >>> cp -ar /tmp/build-features-src/trivy_1 /tmp/dev-container-features \
35 | >>> && chmod -R 0755 /tmp/dev-container-features/trivy_1 \
36 | >>> && cd /tmp/dev-container-features/trivy_1 \
37 | >>> && chmod +x ./devcontainer-features-install.sh \
38 | >>> && ./devcontainer-features-install.sh \
39 | >>> && rm -rf /tmp/dev-container-features/trivy_1
40 |
--------------------
error: failed to solve: process "/bin/sh -c cp -ar /tmp/build-features-src/trivy_1 /tmp/dev-container-features && chmod -R 0755 /tmp/dev-container-features/trivy_1 && cd /tmp/dev-container-features/trivy_1 && chmod +x ./devcontainer-features-install.sh && ./devcontainer-features-install.sh && rm -rf /tmp/dev-container-features/trivy_1" did not complete successfully: exit code: 1
Feature id and version
ghcr.io/devcontainers-contrib/features/trivy:1
Devcontainer base Image
mcr.microsoft.com/devcontainers/base:jammy
What happened?
Trying to install Trivy using the ghcr.io/devcontainers-contrib/features/trivy:1 feature and it seems as though the OS detection is not working correctly.
The line
#0 6.463 nanolayer.installers.gh_release.resolvers.asset_resolver.AssetResolver.AssetResolverError: Too many matches found: ['trivy_0.48.3_Linux-64bit.tar.gz', 'trivy_0.48.3_Linux-ARM.tar.gz']
specifically catches my eye.Relevant log output