Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug]: Github Release (Trivy) Too many matches found #574

Open
BMeach opened this issue Jan 30, 2024 · 0 comments
Open

[Bug]: Github Release (Trivy) Too many matches found #574

BMeach opened this issue Jan 30, 2024 · 0 comments
Labels
bug Something isn't working

Comments

@BMeach
Copy link

BMeach commented Jan 30, 2024
edited

Feature id and version

ghcr.io/devcontainers-contrib/features/trivy:1

Devcontainer base Image

mcr.microsoft.com/devcontainers/base:jammy

What happened?

Trying to install Trivy using the ghcr.io/devcontainers-contrib/features/trivy:1 feature and it seems as though the OS detection is not working correctly.

The line #0 6.463 nanolayer.installers.gh_release.resolvers.asset_resolver.AssetResolver.AssetResolverError: Too many matches found: ['trivy_0.48.3_Linux-64bit.tar.gz', 'trivy_0.48.3_Linux-ARM.tar.gz'] specifically catches my eye.

Relevant log output

------                                                                                                                                                                                                                                                                                                            
 > [dev_containers_target_stage  6/12] RUN --mount=type=bind,from=dev_containers_feature_content_source,source=trivy_1,target=/tmp/build-features-src/trivy_1     cp -ar /tmp/build-features-src/trivy_1 /tmp/dev-container-features  && chmod -R 0755 /tmp/dev-container-features/trivy_1  && cd /tmp/dev-container-features/trivy_1  && chmod +x ./devcontainer-features-install.sh  && ./devcontainer-features-install.sh  && rm -rf /tmp/dev-container-features/trivy_1:                                                                                                                                                        
#0 0.238 ===========================================================================                                                                                                                                                                                                                              
#0 0.238 Feature       : Trivy (via Github Releases)                                                                                                                                                                                                                                                              
#0 0.238 Description   : Trivy is a comprehensive and versatile security scanner. It finds vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more.                                                                                                       
#0 0.238 Id            : ghcr.io/devcontainers-contrib/features/trivy
#0 0.238 Version       : 1.0.9
#0 0.238 Documentation : http://github.com/devcontainers-contrib/features/tree/main/src/trivy
#0 0.238 Options       :
#0 0.238     VERSION="v0.48.3"
#0 0.238 ===========================================================================
#0 1.231 nanolayer
#0 4.315 cd /tmp/tmpncwm7xyh && chmod +x -R . && _REMOTE_USER="vscode" _REMOTE_USER_HOME="/home/vscode" REPO="aquasecurity/trivy" BINARYNAMES="trivy" VERSION="v0.48.3" ASSETREGEX="" RELEASETAGREGEX="" BINLOCATION="/usr/local/bin" LIBNAME="" LIBLOCATION="/usr/local/lib" ADDITIONALFLAGS="" NANOLAYER_VERBOSE="" NANOLAYER_FORCE_CLI_INSTALLATION="" NANOLAYER_PROPAGATE_CLI_LOCATION="1" NANOLAYER_CLI_LOCATION="/tmp/nanolayer-9CYIFGXELc/nanolayer" bash  -i  +H ./install.sh
#0 4.315 Found a pre-existing nanolayer which were given in env variable: /tmp/nanolayer-9CYIFGXELc/nanolayer
#0 4.451 skipping usage of pre-existing nanolayer. (required version v0.5.4 does not match existing version 0.5.4)
#0 5.323 nanolayer
#0 6.440 'bom.json' filtered by '(\.json$|\.sbom$|\.blockmap$)' (negative)
#0 6.440 'trivy_0.48.3_checksums.txt' filtered by '(\.sig$|\.text$|\.txt$|[Cc]hecksums|sha256|\.sha1$|\.md5$)' (negative)
#0 6.440 'trivy_0.48.3_checksums.txt.pem' filtered by '(\.sig$|\.text$|\.txt$|[Cc]hecksums|sha256|\.sha1$|\.md5$)' (negative)
#0 6.440 'trivy_0.48.3_checksums.txt.sig' filtered by '(\.sig$|\.text$|\.txt$|[Cc]hecksums|sha256|\.sha1$|\.md5$)' (negative)
#0 6.440 'trivy_0.48.3_FreeBSD-32bit.tar.gz' filtered by '(32[Bb]it|32\-[Bb]it)' (negative)
#0 6.440 'trivy_0.48.3_FreeBSD-32bit.tar.gz.pem' filtered by '(\.pub$|\.pem$|\.crt$|\.asc$|pivkey|pkcs11key)' (negative)
#0 6.440 'trivy_0.48.3_FreeBSD-32bit.tar.gz.sig' filtered by '(\.sig$|\.text$|\.txt$|[Cc]hecksums|sha256|\.sha1$|\.md5$)' (negative)
#0 6.441 'trivy_0.48.3_FreeBSD-64bit.tar.gz.pem' filtered by '(\.pub$|\.pem$|\.crt$|\.asc$|pivkey|pkcs11key)' (negative)
#0 6.441 'trivy_0.48.3_FreeBSD-64bit.tar.gz.sig' filtered by '(\.sig$|\.text$|\.txt$|[Cc]hecksums|sha256|\.sha1$|\.md5$)' (negative)
#0 6.441 'trivy_0.48.3_Linux-32bit.deb' filtered by '(\.deb|\.rpm|\.pkg|\.apk|\.[Aa]ppImage|\.snap)' (negative)
#0 6.441 'trivy_0.48.3_Linux-32bit.deb.pem' filtered by '(\.deb|\.rpm|\.pkg|\.apk|\.[Aa]ppImage|\.snap)' (negative)
#0 6.441 'trivy_0.48.3_Linux-32bit.deb.sig' filtered by '(\.deb|\.rpm|\.pkg|\.apk|\.[Aa]ppImage|\.snap)' (negative)
#0 6.441 'trivy_0.48.3_Linux-32bit.rpm' filtered by '(\.deb|\.rpm|\.pkg|\.apk|\.[Aa]ppImage|\.snap)' (negative)
#0 6.441 'trivy_0.48.3_Linux-32bit.rpm.pem' filtered by '(\.deb|\.rpm|\.pkg|\.apk|\.[Aa]ppImage|\.snap)' (negative)
#0 6.441 'trivy_0.48.3_Linux-32bit.rpm.sig' filtered by '(\.deb|\.rpm|\.pkg|\.apk|\.[Aa]ppImage|\.snap)' (negative)
#0 6.441 'trivy_0.48.3_Linux-32bit.tar.gz' filtered by '(32[Bb]it|32\-[Bb]it)' (negative)
#0 6.441 'trivy_0.48.3_Linux-32bit.tar.gz.pem' filtered by '(\.pub$|\.pem$|\.crt$|\.asc$|pivkey|pkcs11key)' (negative)
#0 6.441 'trivy_0.48.3_Linux-32bit.tar.gz.sig' filtered by '(\.sig$|\.text$|\.txt$|[Cc]hecksums|sha256|\.sha1$|\.md5$)' (negative)
#0 6.441 'trivy_0.48.3_Linux-64bit.deb' filtered by '(\.deb|\.rpm|\.pkg|\.apk|\.[Aa]ppImage|\.snap)' (negative)
#0 6.441 'trivy_0.48.3_Linux-64bit.deb.pem' filtered by '(\.deb|\.rpm|\.pkg|\.apk|\.[Aa]ppImage|\.snap)' (negative)
#0 6.441 'trivy_0.48.3_Linux-64bit.deb.sig' filtered by '(\.deb|\.rpm|\.pkg|\.apk|\.[Aa]ppImage|\.snap)' (negative)
#0 6.441 'trivy_0.48.3_Linux-64bit.rpm' filtered by '(\.deb|\.rpm|\.pkg|\.apk|\.[Aa]ppImage|\.snap)' (negative)
#0 6.441 'trivy_0.48.3_Linux-64bit.rpm.pem' filtered by '(\.deb|\.rpm|\.pkg|\.apk|\.[Aa]ppImage|\.snap)' (negative)
#0 6.441 'trivy_0.48.3_Linux-64bit.rpm.sig' filtered by '(\.deb|\.rpm|\.pkg|\.apk|\.[Aa]ppImage|\.snap)' (negative)
#0 6.441 'trivy_0.48.3_Linux-64bit.tar.gz.pem' filtered by '(\.pub$|\.pem$|\.crt$|\.asc$|pivkey|pkcs11key)' (negative)
#0 6.441 'trivy_0.48.3_Linux-64bit.tar.gz.sig' filtered by '(\.sig$|\.text$|\.txt$|[Cc]hecksums|sha256|\.sha1$|\.md5$)' (negative)
#0 6.441 'trivy_0.48.3_Linux-ARM.deb' filtered by '(\.deb|\.rpm|\.pkg|\.apk|\.[Aa]ppImage|\.snap)' (negative)
#0 6.441 'trivy_0.48.3_Linux-ARM.deb.pem' filtered by '(\.deb|\.rpm|\.pkg|\.apk|\.[Aa]ppImage|\.snap)' (negative)
#0 6.441 'trivy_0.48.3_Linux-ARM.deb.sig' filtered by '(\.deb|\.rpm|\.pkg|\.apk|\.[Aa]ppImage|\.snap)' (negative)
#0 6.441 'trivy_0.48.3_Linux-ARM.rpm' filtered by '(\.deb|\.rpm|\.pkg|\.apk|\.[Aa]ppImage|\.snap)' (negative)
#0 6.441 'trivy_0.48.3_Linux-ARM.rpm.pem' filtered by '(\.deb|\.rpm|\.pkg|\.apk|\.[Aa]ppImage|\.snap)' (negative)
#0 6.441 'trivy_0.48.3_Linux-ARM.rpm.sig' filtered by '(\.deb|\.rpm|\.pkg|\.apk|\.[Aa]ppImage|\.snap)' (negative)
#0 6.441 'trivy_0.48.3_Linux-ARM.tar.gz.pem' filtered by '(\.pub$|\.pem$|\.crt$|\.asc$|pivkey|pkcs11key)' (negative)
#0 6.441 'trivy_0.48.3_Linux-ARM.tar.gz.sig' filtered by '(\.sig$|\.text$|\.txt$|[Cc]hecksums|sha256|\.sha1$|\.md5$)' (negative)
#0 6.441 'trivy_0.48.3_Linux-ARM64.deb' filtered by '([Aa]rm64|ARM64)' (negative)
#0 6.441 'trivy_0.48.3_Linux-ARM64.deb.pem' filtered by '([Aa]rm64|ARM64)' (negative)
#0 6.441 'trivy_0.48.3_Linux-ARM64.deb.sig' filtered by '([Aa]rm64|ARM64)' (negative)
#0 6.441 'trivy_0.48.3_Linux-ARM64.rpm' filtered by '([Aa]rm64|ARM64)' (negative)
#0 6.441 'trivy_0.48.3_Linux-ARM64.rpm.pem' filtered by '([Aa]rm64|ARM64)' (negative)
#0 6.442 'trivy_0.48.3_Linux-ARM64.rpm.sig' filtered by '([Aa]rm64|ARM64)' (negative)
#0 6.442 'trivy_0.48.3_Linux-ARM64.tar.gz' filtered by '([Aa]rm64|ARM64)' (negative)
#0 6.442 'trivy_0.48.3_Linux-ARM64.tar.gz.pem' filtered by '([Aa]rm64|ARM64)' (negative)
#0 6.442 'trivy_0.48.3_Linux-ARM64.tar.gz.sig' filtered by '([Aa]rm64|ARM64)' (negative)
#0 6.442 'trivy_0.48.3_Linux-PPC64LE.deb' filtered by '(\-ppc|ppc64|PPC64|_ppc)' (negative)
#0 6.442 'trivy_0.48.3_Linux-PPC64LE.deb.pem' filtered by '(\-ppc|ppc64|PPC64|_ppc)' (negative)
#0 6.442 'trivy_0.48.3_Linux-PPC64LE.deb.sig' filtered by '(\-ppc|ppc64|PPC64|_ppc)' (negative)
#0 6.442 'trivy_0.48.3_Linux-PPC64LE.rpm' filtered by '(\-ppc|ppc64|PPC64|_ppc)' (negative)
#0 6.442 'trivy_0.48.3_Linux-PPC64LE.rpm.pem' filtered by '(\-ppc|ppc64|PPC64|_ppc)' (negative)
#0 6.442 'trivy_0.48.3_Linux-PPC64LE.rpm.sig' filtered by '(\-ppc|ppc64|PPC64|_ppc)' (negative)
#0 6.442 'trivy_0.48.3_Linux-PPC64LE.tar.gz' filtered by '(\-ppc|ppc64|PPC64|_ppc)' (negative)
#0 6.442 'trivy_0.48.3_Linux-PPC64LE.tar.gz.pem' filtered by '(\-ppc|ppc64|PPC64|_ppc)' (negative)
#0 6.442 'trivy_0.48.3_Linux-PPC64LE.tar.gz.sig' filtered by '(\-ppc|ppc64|PPC64|_ppc)' (negative)
#0 6.442 'trivy_0.48.3_Linux-s390x.deb' filtered by '(s390x|s390)' (negative)
#0 6.442 'trivy_0.48.3_Linux-s390x.deb.pem' filtered by '(s390x|s390)' (negative)
#0 6.442 'trivy_0.48.3_Linux-s390x.deb.sig' filtered by '(s390x|s390)' (negative)
#0 6.442 'trivy_0.48.3_Linux-s390x.rpm' filtered by '(s390x|s390)' (negative)
#0 6.442 'trivy_0.48.3_Linux-s390x.rpm.pem' filtered by '(s390x|s390)' (negative)
#0 6.442 'trivy_0.48.3_Linux-s390x.rpm.sig' filtered by '(s390x|s390)' (negative)
#0 6.442 'trivy_0.48.3_Linux-s390x.tar.gz' filtered by '(s390x|s390)' (negative)
#0 6.442 'trivy_0.48.3_Linux-s390x.tar.gz.pem' filtered by '(s390x|s390)' (negative)
#0 6.442 'trivy_0.48.3_Linux-s390x.tar.gz.sig' filtered by '(s390x|s390)' (negative)
#0 6.442 'trivy_0.48.3_macOS-64bit.tar.gz' filtered by '([Mm]ac[Oo][Ss]|[Mm]ac\-[Oo][Ss]|\-osx\-|_osx_|[Dd]arwin|\.dmg)' (negative)
#0 6.442 'trivy_0.48.3_macOS-64bit.tar.gz.pem' filtered by '(\.pub$|\.pem$|\.crt$|\.asc$|pivkey|pkcs11key)' (negative)
#0 6.442 'trivy_0.48.3_macOS-64bit.tar.gz.sig' filtered by '(\.sig$|\.text$|\.txt$|[Cc]hecksums|sha256|\.sha1$|\.md5$)' (negative)
#0 6.442 'trivy_0.48.3_macOS-ARM64.tar.gz' filtered by '([Aa]rm64|ARM64)' (negative)
#0 6.442 'trivy_0.48.3_macOS-ARM64.tar.gz.pem' filtered by '([Aa]rm64|ARM64)' (negative)
#0 6.442 'trivy_0.48.3_macOS-ARM64.tar.gz.sig' filtered by '([Aa]rm64|ARM64)' (negative)
#0 6.442 'trivy_0.48.3_windows-64bit.zip' filtered by '(windows|Windows|WINDOWS|win32|\-win\-|\.msi$|.msixbundle$|\.exe$)' (negative)
#0 6.442 'trivy_0.48.3_windows-64bit.zip.pem' filtered by '(\.pub$|\.pem$|\.crt$|\.asc$|pivkey|pkcs11key)' (negative)
#0 6.442 'trivy_0.48.3_windows-64bit.zip.sig' filtered by '(\.sig$|\.text$|\.txt$|[Cc]hecksums|sha256|\.sha1$|\.md5$)' (negative)
#0 6.444 'trivy_0.48.3_FreeBSD-64bit.tar.gz' filtered by '([Aa]md64|\-x64|x64|x86[_-]64)' 
#0 6.444 'trivy_0.48.3_Linux-64bit.tar.gz' filtered by '([Aa]md64|\-x64|x64|x86[_-]64)' 
#0 6.444 'trivy_0.48.3_Linux-ARM.tar.gz' filtered by '([Aa]md64|\-x64|x64|x86[_-]64)' 
#0 6.444 'trivy_0.48.3_FreeBSD-64bit.tar.gz' filtered by '([Ll]inux)' 
#0 6.444 'trivy_0.48.3_Linux-64bit.tar.gz' filtered by '(?i)(ubuntu)' 
#0 6.444 'trivy_0.48.3_Linux-ARM.tar.gz' filtered by '(?i)(ubuntu)' 
#0 6.444 'trivy_0.48.3_Linux-64bit.tar.gz' filtered by '.*static.*' 
#0 6.444 'trivy_0.48.3_Linux-ARM.tar.gz' filtered by '.*static.*' 
#0 6.444 'trivy_0.48.3_Linux-64bit.tar.gz' filtered by '(?i)(debian)' 
#0 6.444 'trivy_0.48.3_Linux-ARM.tar.gz' filtered by '(?i)(debian)' 
#0 6.462 Traceback (most recent call last):
#0 6.462   File "<string>", line 1, in <module>
#0 6.462   File "nanolayer.__main__", line 50, in main
#0 6.462   File "typer.main", line 328, in __call__
#0 6.462   File "typer.main", line 311, in __call__
#0 6.462   File "click.core", line 1157, in __call__
#0 6.462   File "typer.core", line 778, in main
#0 6.463   File "typer.core", line 216, in _main
#0 6.463   File "click.core", line 1688, in invoke
#0 6.463   File "click.core", line 1688, in invoke
#0 6.463   File "click.core", line 1434, in invoke
#0 6.463   File "click.core", line 783, in invoke
#0 6.463   File "typer.main", line 683, in wrapper
#0 6.463   File "nanolayer.cli.install", line 156, in install_gh_release_binary
#0 6.463   File "nanolayer.installers.gh_release.gh_release_installer", line 145, in install
#0 6.463   File "nanolayer.installers.gh_release.resolvers.asset_resolver", line 327, in resolve
#0 6.463 nanolayer.installers.gh_release.resolvers.asset_resolver.AssetResolver.AssetResolverError: Too many matches found: ['trivy_0.48.3_Linux-64bit.tar.gz', 'trivy_0.48.3_Linux-ARM.tar.gz']
#0 6.602 Traceback (most recent call last):
#0 6.603   File "<string>", line 1, in <module>
#0 6.603   File "nanolayer.__main__", line 50, in main
#0 6.603   File "typer.main", line 328, in __call__
#0 6.603   File "typer.main", line 311, in __call__
#0 6.603   File "click.core", line 1157, in __call__
#0 6.603   File "typer.core", line 778, in main
#0 6.603   File "typer.core", line 216, in _main
#0 6.603   File "click.core", line 1688, in invoke
#0 6.603   File "click.core", line 1688, in invoke
#0 6.603   File "click.core", line 1434, in invoke
#0 6.603   File "click.core", line 783, in invoke
#0 6.603   File "typer.main", line 683, in wrapper
#0 6.603   File "nanolayer.cli.install", line 66, in install_devcontainer_feature
#0 6.603   File "nanolayer.installers.devcontainer_feature.oci_feature_installer", line 134, in install
#0 6.603   File "nanolayer.utils.invoker", line 59, in invoke
#0 6.603 nanolayer.utils.invoker.Invoker.InvokerException: The command 'cd /tmp/tmpncwm7xyh && chmod +x -R . && _REMOTE_USER="vscode" _REMOTE_USER_HOME="/home/vscode" REPO="aquasecurity/trivy" BINARYNAMES="trivy" VERSION="v0.48.3" ASSETREGEX="" RELEASETAGREGEX="" BINLOCATION="/usr/local/bin" LIBNAME="" LIBLOCATION="/usr/local/lib" ADDITIONALFLAGS="" NANOLAYER_VERBOSE="" NANOLAYER_FORCE_CLI_INSTALLATION="" NANOLAYER_PROPAGATE_CLI_LOCATION="1" NANOLAYER_CLI_LOCATION="/tmp/nanolayer-9CYIFGXELc/nanolayer" bash  -i  +H ./install.sh' failed. error: Return Code: 1. see logs for details.
#0 6.668 ERROR: Feature "Trivy (via Github Releases)" (ghcr.io/devcontainers-contrib/features/trivy) failed to install! Look at the documentation at http://github.com/devcontainers-contrib/features/tree/main/src/trivy for help troubleshooting this error.
------
Dockerfile.extended:33
--------------------
  32 |     
  33 | >>> RUN --mount=type=bind,from=dev_containers_feature_content_source,source=trivy_1,target=/tmp/build-features-src/trivy_1 \
  34 | >>>     cp -ar /tmp/build-features-src/trivy_1 /tmp/dev-container-features \
  35 | >>>  && chmod -R 0755 /tmp/dev-container-features/trivy_1 \
  36 | >>>  && cd /tmp/dev-container-features/trivy_1 \
  37 | >>>  && chmod +x ./devcontainer-features-install.sh \
  38 | >>>  && ./devcontainer-features-install.sh \
  39 | >>>  && rm -rf /tmp/dev-container-features/trivy_1
  40 |     
--------------------
error: failed to solve: process "/bin/sh -c cp -ar /tmp/build-features-src/trivy_1 /tmp/dev-container-features  && chmod -R 0755 /tmp/dev-container-features/trivy_1  && cd /tmp/dev-container-features/trivy_1  && chmod +x ./devcontainer-features-install.sh  && ./devcontainer-features-install.sh  && rm -rf /tmp/dev-container-features/trivy_1" did not complete successfully: exit code: 1
@BMeach BMeach added the bug Something isn't working label Jan 30, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@BMeach