Open pF-luis opened 2 years ago
has same problem
^^this
Features as OCI artifacts should resolve this. Any ETA for support in VSCode?
https://code.visualstudio.com/blogs/2022/09/15/dev-container-features
Features as OCI artifacts should resolve this. Any ETA for support in VSCode?
https://code.visualstudio.com/blogs/2022/09/15/dev-container-features
Sadly for me it did not resolve the problem
No one feature is working in this version..... : https://github.com/microsoft/vscode-remote-release/issues/7060
same problem
Features as OCI artifacts should resolve this. Any ETA for support in VSCode?
https://code.visualstudio.com/blogs/2022/09/15/dev-container-features
That solved it for me. Replace old style feature with this new way, and it works.
Features as OCI artifacts should resolve this. Any ETA for support in VSCode? https://code.visualstudio.com/blogs/2022/09/15/dev-container-features
That solved it for me. Replace old style feature with this new way, and it works.
how does your devcontainer definition look? my vscode is not happy with every way i tried. so i guessed it‘s not supported yet.
For us, the workaround we found is to run the install.sh
scripts in the dockerfile itself:
https://github.com/demisto/content/blob/master/.devcontainer/Dockerfile
Sorry for bringing this back up, but we are also stuck in the same scenario - in vscode as well as when running devcontainer/cli@0.20.0 (I'm not sure where the functionality was changed.
We need to ensure that our "self-signed" cert is installed PRIOR to any feature additions - If it is not, the first feature install fails due to invalid signatures.
I understand from the thread in https://github.com/microsoft/vscode-remote-release/issues/6995, it's not a vscode bug - so how do we solve the issue locally?
Using devcontainer/cli@0.6.0 or an older vscode I can build our devcontainer with a Dockerfile that looks something like this
// For format details, see https://aka.ms/devcontainer.json. For config options, see the README at:
// https://github.com/microsoft/vscode-dev-containers/tree/v0.245.2/containers/cpp
{
"name": "C++",
"build": {
"dockerfile": "Dockerfile",
// Update 'VARIANT' to pick an Debian / Ubuntu OS version: debian-11, debian-10, ubuntu-22.04, ubuntu-20.04, ubuntu-18.04
// Use Debian 11, Ubuntu 18.04 or Ubuntu 22.04 on local arm64/Apple Silicon
"args": {
"VARIANT": "ubuntu-22.04" ,
"ADD_LOCAL_CERTS": "true"
}
},
"runArgs": ["--cap-add=SYS_PTRACE", "--security-opt", "seccomp=unconfined"],
// Configure tool-specific properties.
"customizations": {
// Configure properties specific to VS Code.
"vscode": {
// Add the IDs of extensions you want installed when the container is created.
"extensions": [
"ms-vscode.cpptools",
"ms-vscode.cmake-tools"
]
}
},
// Use 'forwardPorts' to make a list of ports inside the container available locally.
// "forwardPorts": [],
// Use 'postCreateCommand' to run commands after the container is created.
// "postCreateCommand": "gcc -v",
// Comment out to connect as root instead. More info: https://aka.ms/vscode-remote/containers/non-root.
"remoteUser": "vscode",
"features": {
"docker-in-docker": "latest",
"git": "latest",
"golang": "1.18.4"
}
}
# See here for image contents: https://github.com/microsoft/vscode-dev-containers/tree/v0.236.0/containers/cpp/.devcontainer/base.Dockerfile
# [Choice] Debian / Ubuntu version (use Debian 11, Ubuntu 18.04/22.04 on local arm64/Apple Silicon): debian-11, debian-10, ubuntu-22.04, ubuntu-20.04, ubuntu-18.04
ARG VARIANT="bullseye"
FROM mcr.microsoft.com/vscode/devcontainers/cpp:0-${VARIANT}
#################################
# Fixup the Certs if needed
# Need for Certificate on
ARG ADD_LOCAL_CERTS="none"
COPY install-local-certs.sh /tmp/
COPY certs.zip /tmp/
RUN if [ "${ADD_LOCAL_CERTS}" = "true" ]; then \
chmod +x /tmp/install-local-certs.sh && \
/tmp/install-local-certs.sh; \
fi && \
rm /tmp/install-local-certs.sh && \
rm /tmp/certs.zip
#################################
# [Optional] Install CMake version different from what base image has already installed.
# CMake reinstall choices: none, 3.21.5, 3.22.2, or versions from https://cmake.org/download/
ARG REINSTALL_CMAKE_VERSION_FROM_SOURCE="none"
# Optionally install the cmake for vcpkg
COPY ./reinstall-cmake.sh /tmp/
RUN if [ "${REINSTALL_CMAKE_VERSION_FROM_SOURCE}" != "none" ]; then \
chmod +x /tmp/reinstall-cmake.sh && /tmp/reinstall-cmake.sh ${REINSTALL_CMAKE_VERSION_FROM_SOURCE}; \
fi \
&& rm -f /tmp/reinstall-cmake.sh
# [Optional] Uncomment this section to install additional vcpkg ports.
# RUN su vscode -c "${VCPKG_ROOT}/vcpkg install <your-port-name-here>"
# [Optional] Uncomment this section to install additional packages.
# RUN apt-get update && export DEBIAN_FRONTEND=noninteractive \
# && apt-get -y install --no-install-recommends <your-package-list-here>
With the latest devcontainer/cli and vscode we are failing before we fix the certs and of course, if I have no features added the devcontainer build succeeds
BTW: I was also hoping to create a local "feature" to install the certs in specified order - and there is still some preprocessing I don't YET understand that is blocked - I got excited that the "feature" trick might work
I am also facing the same issue. I am getting following error when I try to create a dev container configuration file. My system uses netskope mitm proxy, and the netskope root ca is a part of the certificate store on my windows sytstem.
I try to run Dev Contgainers: Add Dev Containers Configuration Files i get the following error:
The logs from dev container log are below:
[112595 ms] Dev Containers 0.266.1 in VS Code 1.74.3 (97dec172d3256f8ca4bfb2143f3f76b503ca0534).
[112594 ms] -- CREATEDEVCONTAINER v2
[117362 ms] Start: Run: C:\Users\xxxxxx\AppData\Local\Programs\Microsoft VS Code\Code.exe --ms-enable-electron-run-as-node c:\Users\xxxxxx\.vscode\extensions\ms-vscode-remote.remote-containers-0.266.1\dist\spec-node\devContainersSpecCLI.js templates apply --workspace-folder C:\Users\xxxxxx\AppData\Local\Temp\tmp-output-dir-1674139471111 --template-id ghcr.io/devcontainers/templates/docker-existing-docker-compose:latest --template-args {} --features [] --tmp-dir C:\Users\xxxxxx\AppData\Local\Temp\tmp-dir-1674139471111
[117653 ms] [2023-01-19T14:44:31.461Z] @devcontainers/cli 0.25.2. Node.js v16.14.2. win32 10.0.22621 x64.
[117669 ms] (node:39420) [DEP0005] DeprecationWarning: Buffer() is deprecated due to security and usability issues. Please use the Buffer.alloc(), Buffer.allocUnsafe(), or Buffer.from() methods instead.
[117669 ms] (Use `Code --trace-deprecation ...` to show where the warning was created)
[117722 ms] [2023-01-19T14:44:31.530Z] Failed to get registry auth token with error: Error: self signed certificate in certificate chain
[117752 ms] [2023-01-19T14:44:31.560Z] Failed to fetch template manifest for ghcr.io/devcontainers/templates/docker-existing-docker-compose:latest
[117753 ms] [2023-01-19T14:44:31.560Z] Failed to fetch template 'ghcr.io/devcontainers/templates/docker-existing-docker-compose:latest'.
[117765 ms] Exit code 1
The only way to get this to work is by disabling netskope
PS: Removed my windows user name from the output above.
looks like the feature installation changed again. it fetches the feature from the host instead of a bootstrapping image and the actual installation happens in the defined image of the devcontainer.
we got it working with adding certificate ripper to the dockerfile which we have defined in the devcontainer.json
# Export certs with crip and add them to the certificate store
RUN wget https://github.com/Hakky54/certificate-ripper/releases/download/2.0.1/crip-linux-amd64.tar.gz --no-check-certificate -qO- | tar xvz -C /tmp/
RUN sudo /tmp/crip export pem --url=https://www.google.com --destination /usr/local/share/ca-certificates/
RUN sudo update-ca-certificates
ENV NODE_OPTIONS=--use-openssl-ca
still have the self signed certificate issue with clone in volume though (#3713) as that happens still in the bootstrap container.
@chrmarti any chance this can be addressed soon?
I know that everyone has mixed results in trying to figure this out, including myself, but I finally found a way that works in my corporate environment where all systems need custom Root CA certificates loaded.
I published my findings at mholttech/devcontainer-features. I tested this with the repo residing inside of Windows and inside of an Ubuntu WSL2 instance.
This does not work for home environment as well. However, if I start the devcontainer directly from windows it work. Fails when started from wsl. I tried lot many solutions but doesn't seems to be working. If devcontainer file does not contain any featuers, then it works with wsl as well. No proxy involved. I tried various ways, but nothing seems to be working.
[2023-09-06T11:17:16.316Z] Start: Run: tar --no-same-owner -x -f -
[2023-09-06T11:17:16.354Z] Stop (38 ms): Run: tar --no-same-owner -x -f -
[2023-09-06T11:17:16.393Z] Resolving Feature dependencies for 'ghcr.io/devcontainers/features/java:1'...
[2023-09-06T11:17:16.394Z] * Processing feature: ghcr.io/devcontainers/features/java:1
[2023-09-06T11:17:16.774Z] Start: Run: docker-credential-desktop.exe get
[2023-09-06T11:17:17.414Z] Stop (640 ms): Run: docker-credential-desktop.exe get
[2023-09-06T11:19:31.927Z] Error getting blob: Error: connect ETIMEDOUT 198.51.44.1:443
[2023-09-06T11:19:31.929Z] Error: Failed to download package for ghcr.io/devcontainers/features/java
This, btw, worked for me on fedora wsl image seamlessly. However, Ubuntu wsl continues to fail with timeout error
same error here
I am getting the same error.