admin/aquasecurity-trivy
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy.git synced 2026-02-11 19:23:22 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
7ea9cb4f90af2cb2ce2b5ea71e436fa1f772ce49
aquasecurity-trivy/dev/docs/scanner/misconfiguration/custom/debug/index.html

3309 lines
115 KiB
HTML
Raw Blame History

<!doctype html>
<html lang="en" class="no-js">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width,initial-scale=1">
<meta name="description" content="A Simple and Comprehensive Vulnerability Scanner for Containers and other Artifacts, Suitable for CI">
<link rel="canonical" href="https://aquasecurity.github.io/trivy/dev/docs/scanner/misconfiguration/custom/debug/">
<link rel="icon" href="../../../../../assets/images/favicon.png">
<meta name="generator" content="mkdocs-1.3.0, mkdocs-material-8.3.9">
<title>Debugging Policies - Trivy</title>
<link rel="stylesheet" href="../../../../../assets/stylesheets/main.1d29e8d0.min.css">
<link rel="stylesheet" href="../../../../../assets/stylesheets/palette.cbb835fc.min.css">
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
<link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,700,700i%7CRoboto+Mono:400,400i,700,700i&display=fallback">
<style>:root{--md-text-font:"Roboto";--md-code-font:"Roboto Mono"}</style>
<script>__md_scope=new URL("../../../../..",location),__md_get=(e,_=localStorage,t=__md_scope)=>JSON.parse(_.getItem(t.pathname+"."+e)),__md_set=(e,_,t=localStorage,a=__md_scope)=>{try{t.setItem(a.pathname+"."+e,JSON.stringify(_))}catch(e){}}</script>
</head>
<body dir="ltr" data-md-color-scheme="" data-md-color-primary="none" data-md-color-accent="none">
<input class="md-toggle" data-md-toggle="drawer" type="checkbox" id="__drawer" autocomplete="off">
<input class="md-toggle" data-md-toggle="search" type="checkbox" id="__search" autocomplete="off">
<label class="md-overlay" for="__drawer"></label>
<div data-md-component="skip">
<a href="#debugging-policies" class="md-skip">
Skip to content
</a>
</div>
<div data-md-component="announce">
</div>
<div data-md-component="outdated" hidden>
<aside class="md-banner md-banner--warning">
</aside>
</div>
<header class="md-header md-header--lifted" data-md-component="header">
<nav class="md-header__inner md-grid" aria-label="Header">
<a href="../../../../.." title="Trivy" class="md-header__button md-logo" aria-label="Trivy" data-md-component="logo">
<img src="../../../../../imgs/logo-white.svg" alt="logo">
</a>
<label class="md-header__button md-icon" for="__drawer">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M3 6h18v2H3V6m0 5h18v2H3v-2m0 5h18v2H3v-2Z"/></svg>
</label>
<div class="md-header__title" data-md-component="header-title">
<div class="md-header__ellipsis">
<div class="md-header__topic">
<span class="md-ellipsis">
Trivy
</span>
</div>
<div class="md-header__topic" data-md-component="header-topic">
<span class="md-ellipsis">
Debugging Policies
</span>
</div>
</div>
</div>
<label class="md-header__button md-icon" for="__search">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0 1 16 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 0 1 9.5 16 6.5 6.5 0 0 1 3 9.5 6.5 6.5 0 0 1 9.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5Z"/></svg>
</label>
<div class="md-search" data-md-component="search" role="dialog">
<label class="md-search__overlay" for="__search"></label>
<div class="md-search__inner" role="search">
<form class="md-search__form" name="search">
<input type="text" class="md-search__input" name="query" aria-label="Search" placeholder="Search" autocapitalize="off" autocorrect="off" autocomplete="off" spellcheck="false" data-md-component="search-query" required>
<label class="md-search__icon md-icon" for="__search">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0 1 16 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 0 1 9.5 16 6.5 6.5 0 0 1 3 9.5 6.5 6.5 0 0 1 9.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5Z"/></svg>
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M20 11v2H8l5.5 5.5-1.42 1.42L4.16 12l7.92-7.92L13.5 5.5 8 11h12Z"/></svg>
</label>
<nav class="md-search__options" aria-label="Search">
<button type="reset" class="md-search__icon md-icon" aria-label="Clear" tabindex="-1">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M19 6.41 17.59 5 12 10.59 6.41 5 5 6.41 10.59 12 5 17.59 6.41 19 12 13.41 17.59 19 19 17.59 13.41 12 19 6.41Z"/></svg>
</button>
</nav>
</form>
<div class="md-search__output">
<div class="md-search__scrollwrap" data-md-scrollfix>
<div class="md-search-result" data-md-component="search-result">
<div class="md-search-result__meta">
Initializing search
</div>
<ol class="md-search-result__list"></ol>
</div>
</div>
</div>
</div>
</div>
<div class="md-header__source">
<a href="https://github.com/aquasecurity/trivy" title="Go to repository" class="md-source" data-md-component="source">
<div class="md-source__icon md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 448 512"><!--! Font Awesome Free 6.1.1 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2022 Fonticons, Inc.--><path d="M439.55 236.05 244 40.45a28.87 28.87 0 0 0-40.81 0l-40.66 40.63 51.52 51.52c27.06-9.14 52.68 16.77 43.39 43.68l49.66 49.66c34.23-11.8 61.18 31 35.47 56.69-26.49 26.49-70.21-2.87-56-37.34L240.22 199v121.85c25.3 12.54 22.26 41.85 9.08 55a34.34 34.34 0 0 1-48.55 0c-17.57-17.6-11.07-46.91 11.25-56v-123c-20.8-8.51-24.6-30.74-18.64-45L142.57 101 8.45 235.14a28.86 28.86 0 0 0 0 40.81l195.61 195.6a28.86 28.86 0 0 0 40.8 0l194.69-194.69a28.86 28.86 0 0 0 0-40.81z"/></svg>
</div>
<div class="md-source__repository">
GitHub
</div>
</a>
</div>
</nav>
<nav class="md-tabs" aria-label="Tabs" data-md-component="tabs">
<div class="md-tabs__inner md-grid">
<ul class="md-tabs__list">
<li class="md-tabs__item">
<a href="../../../../.." class="md-tabs__link">
Getting Started
</a>
</li>
<li class="md-tabs__item">
<a href="../../../../../tutorials/overview/" class="md-tabs__link">
Tutorials
</a>
</li>
<li class="md-tabs__item">
<a href="../../../../" class="md-tabs__link md-tabs__link--active">
Docs
</a>
</li>
<li class="md-tabs__item">
<a href="../../../../../ecosystem/" class="md-tabs__link">
Ecosystem
</a>
</li>
<li class="md-tabs__item">
<a href="../../../../../community/contribute/issue/" class="md-tabs__link">
Contributing
</a>
</li>
</ul>
</div>
</nav>
</header>
<div class="md-container" data-md-component="container">
<main class="md-main" data-md-component="main">
<div class="md-main__inner md-grid">
<div class="md-sidebar md-sidebar--primary" data-md-component="sidebar" data-md-type="navigation" >
<div class="md-sidebar__scrollwrap">
<div class="md-sidebar__inner">
<nav class="md-nav md-nav--primary md-nav--lifted" aria-label="Navigation" data-md-level="0">
<label class="md-nav__title" for="__drawer">
<a href="../../../../.." title="Trivy" class="md-nav__button md-logo" aria-label="Trivy" data-md-component="logo">
<img src="../../../../../imgs/logo-white.svg" alt="logo">
</a>
Trivy
</label>
<div class="md-nav__source">
<a href="https://github.com/aquasecurity/trivy" title="Go to repository" class="md-source" data-md-component="source">
<div class="md-source__icon md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 448 512"><!--! Font Awesome Free 6.1.1 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2022 Fonticons, Inc.--><path d="M439.55 236.05 244 40.45a28.87 28.87 0 0 0-40.81 0l-40.66 40.63 51.52 51.52c27.06-9.14 52.68 16.77 43.39 43.68l49.66 49.66c34.23-11.8 61.18 31 35.47 56.69-26.49 26.49-70.21-2.87-56-37.34L240.22 199v121.85c25.3 12.54 22.26 41.85 9.08 55a34.34 34.34 0 0 1-48.55 0c-17.57-17.6-11.07-46.91 11.25-56v-123c-20.8-8.51-24.6-30.74-18.64-45L142.57 101 8.45 235.14a28.86 28.86 0 0 0 0 40.81l195.61 195.6a28.86 28.86 0 0 0 40.8 0l194.69-194.69a28.86 28.86 0 0 0 0-40.81z"/></svg>
</div>
<div class="md-source__repository">
GitHub
</div>
</a>
</div>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_1" type="checkbox" id="__nav_1" >
<label class="md-nav__link" for="__nav_1">
Getting Started
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Getting Started" data-md-level="1">
<label class="md-nav__title" for="__nav_1">
<span class="md-nav__icon md-icon"></span>
Getting Started
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../../../.." class="md-nav__link">
Overview
</a>
</li>
<li class="md-nav__item">
<a href="../../../../../getting-started/installation/" class="md-nav__link">
Installation
</a>
</li>
<li class="md-nav__item">
<a href="../../../../../getting-started/faq/" class="md-nav__link">
FAQ
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_2" type="checkbox" id="__nav_2" >
<label class="md-nav__link" for="__nav_2">
Tutorials
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Tutorials" data-md-level="1">
<label class="md-nav__title" for="__nav_2">
<span class="md-nav__icon md-icon"></span>
Tutorials
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../../../../tutorials/overview/" class="md-nav__link">
Overview
</a>
</li>
<li class="md-nav__item md-nav__item--section md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_2_2" type="checkbox" id="__nav_2_2" >
<label class="md-nav__link" for="__nav_2_2">
CI/CD
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="CI/CD" data-md-level="2">
<label class="md-nav__title" for="__nav_2_2">
<span class="md-nav__icon md-icon"></span>
CI/CD
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../../../../tutorials/integrations/" class="md-nav__link">
Overview
</a>
</li>
<li class="md-nav__item">
<a href="../../../../../tutorials/integrations/github-actions/" class="md-nav__link">
GitHub Actions
</a>
</li>
<li class="md-nav__item">
<a href="../../../../../tutorials/integrations/circleci/" class="md-nav__link">
CircleCI
</a>
</li>
<li class="md-nav__item">
<a href="../../../../../tutorials/integrations/travis-ci/" class="md-nav__link">
Travis CI
</a>
</li>
<li class="md-nav__item">
<a href="../../../../../tutorials/integrations/gitlab-ci/" class="md-nav__link">
GitLab CI
</a>
</li>
<li class="md-nav__item">
<a href="../../../../../tutorials/integrations/bitbucket/" class="md-nav__link">
Bitbucket Pipelines
</a>
</li>
<li class="md-nav__item">
<a href="../../../../../tutorials/integrations/aws-codepipeline/" class="md-nav__link">
AWS CodePipeline
</a>
</li>
<li class="md-nav__item">
<a href="../../../../../tutorials/integrations/aws-security-hub/" class="md-nav__link">
AWS Security Hub
</a>
</li>
<li class="md-nav__item">
<a href="../../../../../tutorials/integrations/azure-devops/" class="md-nav__link">
Azure
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--section md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_2_3" type="checkbox" id="__nav_2_3" >
<label class="md-nav__link" for="__nav_2_3">
Kubernetes
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Kubernetes" data-md-level="2">
<label class="md-nav__title" for="__nav_2_3">
<span class="md-nav__icon md-icon"></span>
Kubernetes
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../../../../tutorials/kubernetes/cluster-scanning/" class="md-nav__link">
Cluster Scanning
</a>
</li>
<li class="md-nav__item">
<a href="../../../../../tutorials/kubernetes/kyverno/" class="md-nav__link">
Kyverno
</a>
</li>
<li class="md-nav__item">
<a href="../../../../../tutorials/kubernetes/gitops/" class="md-nav__link">
GitOps
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--section md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_2_4" type="checkbox" id="__nav_2_4" >
<label class="md-nav__link" for="__nav_2_4">
Signing
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Signing" data-md-level="2">
<label class="md-nav__title" for="__nav_2_4">
<span class="md-nav__icon md-icon"></span>
Signing
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../../../../tutorials/signing/vuln-attestation/" class="md-nav__link">
Vulnerability Scan Record Attestation
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--section md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_2_5" type="checkbox" id="__nav_2_5" >
<label class="md-nav__link" for="__nav_2_5">
Shell
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Shell" data-md-level="2">
<label class="md-nav__title" for="__nav_2_5">
<span class="md-nav__icon md-icon"></span>
Shell
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../../../../tutorials/shell/shell-completion/" class="md-nav__link">
Completion
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--section md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_2_6" type="checkbox" id="__nav_2_6" >
<label class="md-nav__link" for="__nav_2_6">
Additional Resources
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Additional Resources" data-md-level="2">
<label class="md-nav__title" for="__nav_2_6">
<span class="md-nav__icon md-icon"></span>
Additional Resources
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../../../../tutorials/additional-resources/references/" class="md-nav__link">
Additional Resources
</a>
</li>
<li class="md-nav__item">
<a href="../../../../../tutorials/additional-resources/community/" class="md-nav__link">
Community References
</a>
</li>
<li class="md-nav__item">
<a href="../../../../../tutorials/additional-resources/cks/" class="md-nav__link">
CKS Reference
</a>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--active md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3" type="checkbox" id="__nav_3" checked>
<label class="md-nav__link" for="__nav_3">
Docs
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Docs" data-md-level="1">
<label class="md-nav__title" for="__nav_3">
<span class="md-nav__icon md-icon"></span>
Docs
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../../../" class="md-nav__link">
Overview
</a>
</li>
<li class="md-nav__item md-nav__item--section md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_2" type="checkbox" id="__nav_3_2" >
<label class="md-nav__link" for="__nav_3_2">
Target
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Target" data-md-level="2">
<label class="md-nav__title" for="__nav_3_2">
<span class="md-nav__icon md-icon"></span>
Target
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../../../target/container_image/" class="md-nav__link">
Container Image
</a>
</li>
<li class="md-nav__item">
<a href="../../../../target/filesystem/" class="md-nav__link">
Filesystem
</a>
</li>
<li class="md-nav__item">
<a href="../../../../target/rootfs/" class="md-nav__link">
Rootfs
</a>
</li>
<li class="md-nav__item">
<a href="../../../../target/git-repository/" class="md-nav__link">
Git Repository
</a>
</li>
<li class="md-nav__item">
<a href="../../../../target/vm/" class="md-nav__link">
Virtual Machine Image
</a>
</li>
<li class="md-nav__item">
<a href="../../../../target/kubernetes/" class="md-nav__link">
Kubernetes
</a>
</li>
<li class="md-nav__item">
<a href="../../../../target/aws/" class="md-nav__link">
AWS
</a>
</li>
<li class="md-nav__item">
<a href="../../../../target/sbom/" class="md-nav__link">
SBOM
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--active md-nav__item--section md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_3" type="checkbox" id="__nav_3_3" checked>
<label class="md-nav__link" for="__nav_3_3">
Scanner
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Scanner" data-md-level="2">
<label class="md-nav__title" for="__nav_3_3">
<span class="md-nav__icon md-icon"></span>
Scanner
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_3_1" type="checkbox" id="__nav_3_3_1" >
<label class="md-nav__link" for="__nav_3_3_1">
Vulnerability
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Vulnerability" data-md-level="3">
<label class="md-nav__title" for="__nav_3_3_1">
<span class="md-nav__icon md-icon"></span>
Vulnerability
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../../vulnerability/" class="md-nav__link">
Overview
</a>
</li>
<li class="md-nav__item">
<a href="../../../vulnerability/os/" class="md-nav__link">
OS Packages
</a>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_3_1_3" type="checkbox" id="__nav_3_3_1_3" >
<label class="md-nav__link" for="__nav_3_3_1_3">
Language-specific Packages
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Language-specific Packages" data-md-level="4">
<label class="md-nav__title" for="__nav_3_3_1_3">
<span class="md-nav__icon md-icon"></span>
Language-specific Packages
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../../vulnerability/language/" class="md-nav__link">
Overview
</a>
</li>
<li class="md-nav__item">
<a href="../../../vulnerability/language/golang/" class="md-nav__link">
Go
</a>
</li>
<li class="md-nav__item">
<a href="../../../vulnerability/language/java/" class="md-nav__link">
Java
</a>
</li>
<li class="md-nav__item">
<a href="../../../vulnerability/language/nodejs/" class="md-nav__link">
Node.js
</a>
</li>
<li class="md-nav__item">
<a href="../../../vulnerability/language/php/" class="md-nav__link">
PHP
</a>
</li>
<li class="md-nav__item">
<a href="../../../vulnerability/language/python/" class="md-nav__link">
Python
</a>
</li>
<li class="md-nav__item">
<a href="../../../vulnerability/language/rust/" class="md-nav__link">
Rust
</a>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--active md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_3_2" type="checkbox" id="__nav_3_3_2" checked>
<label class="md-nav__link" for="__nav_3_3_2">
Misconfiguration
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Misconfiguration" data-md-level="3">
<label class="md-nav__title" for="__nav_3_3_2">
<span class="md-nav__icon md-icon"></span>
Misconfiguration
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../" class="md-nav__link">
Overview
</a>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_3_2_2" type="checkbox" id="__nav_3_3_2_2" >
<label class="md-nav__link" for="__nav_3_3_2_2">
Policy
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Policy" data-md-level="4">
<label class="md-nav__title" for="__nav_3_3_2_2">
<span class="md-nav__icon md-icon"></span>
Policy
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../policy/builtin/" class="md-nav__link">
Built-in Policies
</a>
</li>
<li class="md-nav__item">
<a href="../../policy/exceptions/" class="md-nav__link">
Exceptions
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--active md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_3_2_3" type="checkbox" id="__nav_3_3_2_3" checked>
<label class="md-nav__link" for="__nav_3_3_2_3">
Custom Policies
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Custom Policies" data-md-level="4">
<label class="md-nav__title" for="__nav_3_3_2_3">
<span class="md-nav__icon md-icon"></span>
Custom Policies
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../" class="md-nav__link">
Overview
</a>
</li>
<li class="md-nav__item">
<a href="../data/" class="md-nav__link">
Data
</a>
</li>
<li class="md-nav__item">
<a href="../combine/" class="md-nav__link">
Combine
</a>
</li>
<li class="md-nav__item">
<a href="../selectors/" class="md-nav__link">
Selectors
</a>
</li>
<li class="md-nav__item">
<a href="../schema/" class="md-nav__link">
Schemas
</a>
</li>
<li class="md-nav__item">
<a href="../testing/" class="md-nav__link">
Testing
</a>
</li>
<li class="md-nav__item md-nav__item--active">
<input class="md-nav__toggle md-toggle" data-md-toggle="toc" type="checkbox" id="__toc">
<a href="./" class="md-nav__link md-nav__link--active">
Debugging Policies
</a>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="../../../secret/" class="md-nav__link">
Secret
</a>
</li>
<li class="md-nav__item">
<a href="../../../license/" class="md-nav__link">
License
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--section md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_4" type="checkbox" id="__nav_3_4" >
<label class="md-nav__link" for="__nav_3_4">
Configuration
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Configuration" data-md-level="2">
<label class="md-nav__title" for="__nav_3_4">
<span class="md-nav__icon md-icon"></span>
Configuration
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../../../configuration/" class="md-nav__link">
Overview
</a>
</li>
<li class="md-nav__item">
<a href="../../../../configuration/filtering/" class="md-nav__link">
Filtering
</a>
</li>
<li class="md-nav__item">
<a href="../../../../configuration/skipping/" class="md-nav__link">
Skipping Files
</a>
</li>
<li class="md-nav__item">
<a href="../../../../configuration/reporting/" class="md-nav__link">
Reporting
</a>
</li>
<li class="md-nav__item">
<a href="../../../../configuration/cache/" class="md-nav__link">
Cache
</a>
</li>
<li class="md-nav__item">
<a href="../../../../configuration/db/" class="md-nav__link">
DB
</a>
</li>
<li class="md-nav__item">
<a href="../../../../configuration/others/" class="md-nav__link">
Others
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--section md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_5" type="checkbox" id="__nav_3_5" >
<label class="md-nav__link" for="__nav_3_5">
Supply Chain
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Supply Chain" data-md-level="2">
<label class="md-nav__title" for="__nav_3_5">
<span class="md-nav__icon md-icon"></span>
Supply Chain
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../../../supply-chain/sbom/" class="md-nav__link">
SBOM
</a>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_5_2" type="checkbox" id="__nav_3_5_2" >
<label class="md-nav__link" for="__nav_3_5_2">
Attestation
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Attestation" data-md-level="3">
<label class="md-nav__title" for="__nav_3_5_2">
<span class="md-nav__icon md-icon"></span>
Attestation
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../../../supply-chain/attestation/sbom/" class="md-nav__link">
SBOM
</a>
</li>
<li class="md-nav__item">
<a href="../../../../supply-chain/attestation/vuln/" class="md-nav__link">
Cosign Vulnerability Scan Record
</a>
</li>
<li class="md-nav__item">
<a href="../../../../supply-chain/attestation/rekor/" class="md-nav__link">
SBOM Attestation in Rekor
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="../../../../supply-chain/vex/" class="md-nav__link">
VEX
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--section md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_6" type="checkbox" id="__nav_3_6" >
<label class="md-nav__link" for="__nav_3_6">
Compliance
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Compliance" data-md-level="2">
<label class="md-nav__title" for="__nav_3_6">
<span class="md-nav__icon md-icon"></span>
Compliance
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../../../compliance/compliance/" class="md-nav__link">
Reports
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--section md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_7" type="checkbox" id="__nav_3_7" >
<label class="md-nav__link" for="__nav_3_7">
Advanced
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Advanced" data-md-level="2">
<label class="md-nav__title" for="__nav_3_7">
<span class="md-nav__icon md-icon"></span>
Advanced
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../../../advanced/modules/" class="md-nav__link">
Modules
</a>
</li>
<li class="md-nav__item">
<a href="../../../../advanced/plugins/" class="md-nav__link">
Plugins
</a>
</li>
<li class="md-nav__item">
<a href="../../../../advanced/air-gap/" class="md-nav__link">
Air-Gapped Environment
</a>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_7_4" type="checkbox" id="__nav_3_7_4" >
<label class="md-nav__link" for="__nav_3_7_4">
Container Image
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Container Image" data-md-level="3">
<label class="md-nav__title" for="__nav_3_7_4">
<span class="md-nav__icon md-icon"></span>
Container Image
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../../../advanced/container/embed-in-dockerfile/" class="md-nav__link">
Embed in Dockerfile
</a>
</li>
<li class="md-nav__item">
<a href="../../../../advanced/container/unpacked-filesystem/" class="md-nav__link">
Unpacked container image filesystem
</a>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_7_4_3" type="checkbox" id="__nav_3_7_4_3" >
<label class="md-nav__link" for="__nav_3_7_4_3">
Private Docker Registries
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Private Docker Registries" data-md-level="4">
<label class="md-nav__title" for="__nav_3_7_4_3">
<span class="md-nav__icon md-icon"></span>
Private Docker Registries
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../../../advanced/private-registries/" class="md-nav__link">
Overview
</a>
</li>
<li class="md-nav__item">
<a href="../../../../advanced/private-registries/docker-hub/" class="md-nav__link">
Docker Hub
</a>
</li>
<li class="md-nav__item">
<a href="../../../../advanced/private-registries/ecr/" class="md-nav__link">
AWS ECR (Elastic Container Registry)
</a>
</li>
<li class="md-nav__item">
<a href="../../../../advanced/private-registries/gcr/" class="md-nav__link">
GCR (Google Container Registry)
</a>
</li>
<li class="md-nav__item">
<a href="../../../../advanced/private-registries/acr/" class="md-nav__link">
ACR (Azure Container Registry)
</a>
</li>
<li class="md-nav__item">
<a href="../../../../advanced/private-registries/self/" class="md-nav__link">
Self-Hosted
</a>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--section md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_8" type="checkbox" id="__nav_3_8" >
<label class="md-nav__link" for="__nav_3_8">
References
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="References" data-md-level="2">
<label class="md-nav__title" for="__nav_3_8">
<span class="md-nav__icon md-icon"></span>
References
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_8_1" type="checkbox" id="__nav_3_8_1" >
<label class="md-nav__link" for="__nav_3_8_1">
Configuration
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Configuration" data-md-level="3">
<label class="md-nav__title" for="__nav_3_8_1">
<span class="md-nav__icon md-icon"></span>
Configuration
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_8_1_1" type="checkbox" id="__nav_3_8_1_1" >
<label class="md-nav__link" for="__nav_3_8_1_1">
CLI
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="CLI" data-md-level="4">
<label class="md-nav__title" for="__nav_3_8_1_1">
<span class="md-nav__icon md-icon"></span>
CLI
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../../../references/configuration/cli/trivy/" class="md-nav__link">
Overview
</a>
</li>
<li class="md-nav__item">
<a href="../../../../references/configuration/cli/trivy_aws/" class="md-nav__link">
AWS
</a>
</li>
<li class="md-nav__item">
<a href="../../../../references/configuration/cli/trivy_config/" class="md-nav__link">
Config
</a>
</li>
<li class="md-nav__item">
<a href="../../../../references/configuration/cli/trivy_filesystem/" class="md-nav__link">
Filesystem
</a>
</li>
<li class="md-nav__item">
<a href="../../../../references/configuration/cli/trivy_image/" class="md-nav__link">
Image
</a>
</li>
<li class="md-nav__item">
<a href="../../../../references/configuration/cli/trivy_kubernetes/" class="md-nav__link">
Kubernetes
</a>
</li>
<li class="md-nav__item">
<a href="../../../../references/configuration/cli/trivy_module/" class="md-nav__link">
Module
</a>
</li>
<li class="md-nav__item">
<a href="../../../../references/configuration/cli/trivy_module_install/" class="md-nav__link">
Module Install
</a>
</li>
<li class="md-nav__item">
<a href="../../../../references/configuration/cli/trivy_module_uninstall/" class="md-nav__link">
Module Uninstall
</a>
</li>
<li class="md-nav__item">
<a href="../../../../references/configuration/cli/trivy_plugin/" class="md-nav__link">
Plugin
</a>
</li>
<li class="md-nav__item">
<a href="../../../../references/configuration/cli/trivy_plugin_info/" class="md-nav__link">
Plugin Info
</a>
</li>
<li class="md-nav__item">
<a href="../../../../references/configuration/cli/trivy_plugin_install/" class="md-nav__link">
Plugin Install
</a>
</li>
<li class="md-nav__item">
<a href="../../../../references/configuration/cli/trivy_plugin_list/" class="md-nav__link">
Plugin List
</a>
</li>
<li class="md-nav__item">
<a href="../../../../references/configuration/cli/trivy_plugin_run/" class="md-nav__link">
Plugin Run
</a>
</li>
<li class="md-nav__item">
<a href="../../../../references/configuration/cli/trivy_plugin_uninstall/" class="md-nav__link">
Plugin Uninstall
</a>
</li>
<li class="md-nav__item">
<a href="../../../../references/configuration/cli/trivy_plugin_update/" class="md-nav__link">
Plugin Update
</a>
</li>
<li class="md-nav__item">
<a href="../../../../references/configuration/cli/trivy_repository/" class="md-nav__link">
Repository
</a>
</li>
<li class="md-nav__item">
<a href="../../../../references/configuration/cli/trivy_rootfs/" class="md-nav__link">
Rootfs
</a>
</li>
<li class="md-nav__item">
<a href="../../../../references/configuration/cli/trivy_sbom/" class="md-nav__link">
SBOM
</a>
</li>
<li class="md-nav__item">
<a href="../../../../references/configuration/cli/trivy_server/" class="md-nav__link">
Server
</a>
</li>
<li class="md-nav__item">
<a href="../../../../references/configuration/cli/trivy_version/" class="md-nav__link">
Version
</a>
</li>
<li class="md-nav__item">
<a href="../../../../references/configuration/cli/trivy_vm/" class="md-nav__link">
VM
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="../../../../references/configuration/config-file/" class="md-nav__link">
Config file
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_8_2" type="checkbox" id="__nav_3_8_2" >
<label class="md-nav__link" for="__nav_3_8_2">
Modes
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Modes" data-md-level="3">
<label class="md-nav__title" for="__nav_3_8_2">
<span class="md-nav__icon md-icon"></span>
Modes
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../../../references/modes/standalone/" class="md-nav__link">
Standalone
</a>
</li>
<li class="md-nav__item">
<a href="../../../../references/modes/client-server/" class="md-nav__link">
Client/Server
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="../../../../references/troubleshooting/" class="md-nav__link">
Troubleshooting
</a>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_4" type="checkbox" id="__nav_4" >
<label class="md-nav__link" for="__nav_4">
Ecosystem
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Ecosystem" data-md-level="1">
<label class="md-nav__title" for="__nav_4">
<span class="md-nav__icon md-icon"></span>
Ecosystem
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../../../../ecosystem/" class="md-nav__link">
Overview
</a>
</li>
<li class="md-nav__item">
<a href="../../../../../ecosystem/cicd/" class="md-nav__link">
CI/CD
</a>
</li>
<li class="md-nav__item">
<a href="../../../../../ecosystem/ide/" class="md-nav__link">
IDE and Dev tools
</a>
</li>
<li class="md-nav__item">
<a href="../../../../../ecosystem/prod/" class="md-nav__link">
Production and Clouds
</a>
</li>
<li class="md-nav__item">
<a href="../../../../../ecosystem/security/" class="md-nav__link">
Security Management
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_5" type="checkbox" id="__nav_5" >
<label class="md-nav__link" for="__nav_5">
Contributing
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Contributing" data-md-level="1">
<label class="md-nav__title" for="__nav_5">
<span class="md-nav__icon md-icon"></span>
Contributing
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item md-nav__item--section md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_5_1" type="checkbox" id="__nav_5_1" >
<label class="md-nav__link" for="__nav_5_1">
How to contribute
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="How to contribute" data-md-level="2">
<label class="md-nav__title" for="__nav_5_1">
<span class="md-nav__icon md-icon"></span>
How to contribute
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../../../../community/contribute/issue/" class="md-nav__link">
Issues
</a>
</li>
<li class="md-nav__item">
<a href="../../../../../community/contribute/discussion/" class="md-nav__link">
Discussions
</a>
</li>
<li class="md-nav__item">
<a href="../../../../../community/contribute/pr/" class="md-nav__link">
Pull Requests
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--section md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_5_2" type="checkbox" id="__nav_5_2" >
<label class="md-nav__link" for="__nav_5_2">
Maintainer
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Maintainer" data-md-level="2">
<label class="md-nav__title" for="__nav_5_2">
<span class="md-nav__icon md-icon"></span>
Maintainer
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../../../../community/maintainer/help-wanted/" class="md-nav__link">
Help Wanted
</a>
</li>
<li class="md-nav__item">
<a href="../../../../../community/maintainer/triage/" class="md-nav__link">
Triage
</a>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</div>
</div>
</div>
<div class="md-sidebar md-sidebar--secondary" data-md-component="sidebar" data-md-type="toc" >
<div class="md-sidebar__scrollwrap">
<div class="md-sidebar__inner">
<nav class="md-nav md-nav--secondary" aria-label="Table of contents">
</nav>
</div>
</div>
</div>
<div class="md-content" data-md-component="content">
<article class="md-content__inner md-typeset">
<h1 id="debugging-policies">Debugging policies</h1>
<p>When working on more complex queries (or when learning Rego), it's useful to see exactly how the policy is applied.
For this purpose you can use the <code>--trace</code> flag.
This will output a large trace from Open Policy Agent like the following:</p>
<div class="admonition tip">
<p class="admonition-title">Tip</p>
<p>Only failed policies show traces. If you want to debug a passed policy, you need to make it fail on purpose.</p>
</div>
<div class="highlight"><pre><span></span><code>$ trivy conf --trace configs/
<span class="m">2022</span>-05-16T13:47:58.853+0100 INFO Detected config files: <span class="m">1</span>
Dockerfile <span class="o">(</span>dockerfile<span class="o">)</span>
<span class="o">=======================</span>
Tests: <span class="m">23</span> <span class="o">(</span>SUCCESSES: <span class="m">21</span>, FAILURES: <span class="m">2</span>, EXCEPTIONS: <span class="m">0</span><span class="o">)</span>
Failures: <span class="m">2</span> <span class="o">(</span>UNKNOWN: <span class="m">0</span>, LOW: <span class="m">0</span>, MEDIUM: <span class="m">1</span>, HIGH: <span class="m">1</span>, CRITICAL: <span class="m">0</span><span class="o">)</span>
MEDIUM: Specify a tag <span class="k">in</span> the <span class="s1">&#39;FROM&#39;</span> statement <span class="k">for</span> image <span class="s1">&#39;alpine&#39;</span>
═══════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════
When using a <span class="s1">&#39;FROM&#39;</span> statement you should use a specific tag to avoid uncontrolled behavior when the image is updated.
See https://avd.aquasec.com/misconfig/ds001
───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
Dockerfile:1
───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
<span class="m">1</span> <span class="o">[</span> FROM alpine:latest
───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
HIGH: Last USER <span class="nb">command</span> <span class="k">in</span> Dockerfile should not be <span class="s1">&#39;root&#39;</span>
═══════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════
Running containers with <span class="s1">&#39;root&#39;</span> user can lead to a container escape situation. It is a best practice to run containers as non-root users, which can be <span class="k">done</span> by adding a <span class="s1">&#39;USER&#39;</span> statement to the Dockerfile.
See https://avd.aquasec.com/misconfig/ds002
───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
Dockerfile:3
───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
<span class="m">3</span> <span class="o">[</span> USER root
───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
ID: DS001
File: Dockerfile
Namespace: builtin.dockerfile.DS001
Query: data.builtin.dockerfile.DS001.deny
Message: Specify a tag <span class="k">in</span> the <span class="s1">&#39;FROM&#39;</span> statement <span class="k">for</span> image <span class="s1">&#39;alpine&#39;</span>
TRACE Enter data.builtin.dockerfile.DS001.deny <span class="o">=</span> _
TRACE <span class="p">|</span> Eval data.builtin.dockerfile.DS001.deny <span class="o">=</span> _
TRACE <span class="p">|</span> Index data.builtin.dockerfile.DS001.deny <span class="o">(</span>matched <span class="m">1</span> rule<span class="o">)</span>
TRACE <span class="p">|</span> Enter data.builtin.dockerfile.DS001.deny
TRACE <span class="p">|</span> <span class="p">|</span> Eval <span class="nv">output</span> <span class="o">=</span> data.builtin.dockerfile.DS001.fail_latest<span class="o">[</span>_<span class="o">]</span>
TRACE <span class="p">|</span> <span class="p">|</span> Index data.builtin.dockerfile.DS001.fail_latest <span class="o">(</span>matched <span class="m">1</span> rule<span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> Enter data.builtin.dockerfile.DS001.fail_latest
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval <span class="nv">output</span> <span class="o">=</span> data.builtin.dockerfile.DS001.image_tags<span class="o">[</span>_<span class="o">]</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Index data.builtin.dockerfile.DS001.image_tags <span class="o">(</span>matched <span class="m">2</span> rules<span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Enter data.builtin.dockerfile.DS001.image_tags
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval <span class="nv">from</span> <span class="o">=</span> data.lib.docker.from<span class="o">[</span>_<span class="o">]</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Index data.lib.docker.from <span class="o">(</span>matched <span class="m">1</span> rule<span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Enter data.lib.docker.from
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval <span class="nv">instruction</span> <span class="o">=</span> input.stages<span class="o">[</span>_<span class="o">][</span>_<span class="o">]</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval instruction.Cmd <span class="o">=</span> <span class="s2">&quot;from&quot;</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Exit data.lib.docker.from
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo data.lib.docker.from
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo instruction.Cmd <span class="o">=</span> <span class="s2">&quot;from&quot;</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo <span class="nv">instruction</span> <span class="o">=</span> input.stages<span class="o">[</span>_<span class="o">][</span>_<span class="o">]</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval instruction.Cmd <span class="o">=</span> <span class="s2">&quot;from&quot;</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Fail instruction.Cmd <span class="o">=</span> <span class="s2">&quot;from&quot;</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo <span class="nv">instruction</span> <span class="o">=</span> input.stages<span class="o">[</span>_<span class="o">][</span>_<span class="o">]</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval instruction.Cmd <span class="o">=</span> <span class="s2">&quot;from&quot;</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Fail instruction.Cmd <span class="o">=</span> <span class="s2">&quot;from&quot;</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo <span class="nv">instruction</span> <span class="o">=</span> input.stages<span class="o">[</span>_<span class="o">][</span>_<span class="o">]</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval <span class="nv">name</span> <span class="o">=</span> from.Value<span class="o">[</span><span class="m">0</span><span class="o">]</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval not startswith<span class="o">(</span>name, <span class="s2">&quot;</span>$<span class="s2">&quot;</span><span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Enter startswith<span class="o">(</span>name, <span class="s2">&quot;</span>$<span class="s2">&quot;</span><span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval startswith<span class="o">(</span>name, <span class="s2">&quot;</span>$<span class="s2">&quot;</span><span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Fail startswith<span class="o">(</span>name, <span class="s2">&quot;</span>$<span class="s2">&quot;</span><span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval data.builtin.dockerfile.DS001.parse_tag<span class="o">(</span>name, __local505__<span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Index data.builtin.dockerfile.DS001.parse_tag <span class="o">(</span>matched <span class="m">2</span> rules<span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Enter data.builtin.dockerfile.DS001.parse_tag
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval split<span class="o">(</span>name, <span class="s2">&quot;:&quot;</span>, __local504__<span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval <span class="o">[</span>img, tag<span class="o">]</span> <span class="o">=</span> __local504__
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Exit data.builtin.dockerfile.DS001.parse_tag
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval <span class="o">[</span>img, tag<span class="o">]</span> <span class="o">=</span> __local505__
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval <span class="nv">output</span> <span class="o">=</span> <span class="o">{</span><span class="s2">&quot;cmd&quot;</span>: from, <span class="s2">&quot;img&quot;</span>: img, <span class="s2">&quot;tag&quot;</span>: tag<span class="o">}</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Exit data.builtin.dockerfile.DS001.image_tags
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo data.builtin.dockerfile.DS001.image_tags
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo <span class="nv">output</span> <span class="o">=</span> <span class="o">{</span><span class="s2">&quot;cmd&quot;</span>: from, <span class="s2">&quot;img&quot;</span>: img, <span class="s2">&quot;tag&quot;</span>: tag<span class="o">}</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo <span class="o">[</span>img, tag<span class="o">]</span> <span class="o">=</span> __local505__
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo data.builtin.dockerfile.DS001.parse_tag<span class="o">(</span>name, __local505__<span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo data.builtin.dockerfile.DS001.parse_tag
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo <span class="o">[</span>img, tag<span class="o">]</span> <span class="o">=</span> __local504__
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo split<span class="o">(</span>name, <span class="s2">&quot;:&quot;</span>, __local504__<span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Enter data.builtin.dockerfile.DS001.parse_tag
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval <span class="nv">tag</span> <span class="o">=</span> <span class="s2">&quot;latest&quot;</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval not contains<span class="o">(</span>img, <span class="s2">&quot;:&quot;</span><span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Enter contains<span class="o">(</span>img, <span class="s2">&quot;:&quot;</span><span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval contains<span class="o">(</span>img, <span class="s2">&quot;:&quot;</span><span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Exit contains<span class="o">(</span>img, <span class="s2">&quot;:&quot;</span><span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo contains<span class="o">(</span>img, <span class="s2">&quot;:&quot;</span><span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo contains<span class="o">(</span>img, <span class="s2">&quot;:&quot;</span><span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Fail not contains<span class="o">(</span>img, <span class="s2">&quot;:&quot;</span><span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo <span class="nv">tag</span> <span class="o">=</span> <span class="s2">&quot;latest&quot;</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo <span class="nv">name</span> <span class="o">=</span> from.Value<span class="o">[</span><span class="m">0</span><span class="o">]</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo <span class="nv">from</span> <span class="o">=</span> data.lib.docker.from<span class="o">[</span>_<span class="o">]</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Enter data.builtin.dockerfile.DS001.image_tags
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval <span class="nv">from</span> <span class="o">=</span> data.lib.docker.from<span class="o">[</span>i<span class="o">]</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Index data.lib.docker.from <span class="o">(</span>matched <span class="m">1</span> rule<span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval <span class="nv">name</span> <span class="o">=</span> from.Value<span class="o">[</span><span class="m">0</span><span class="o">]</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval <span class="nv">cmd_obj</span> <span class="o">=</span> input.stages<span class="o">[</span>j<span class="o">][</span>k<span class="o">]</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval <span class="nv">possibilities</span> <span class="o">=</span> <span class="o">{</span><span class="s2">&quot;arg&quot;</span>, <span class="s2">&quot;env&quot;</span><span class="o">}</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval cmd_obj.Cmd <span class="o">=</span> possibilities<span class="o">[</span>l<span class="o">]</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Fail cmd_obj.Cmd <span class="o">=</span> possibilities<span class="o">[</span>l<span class="o">]</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo <span class="nv">possibilities</span> <span class="o">=</span> <span class="o">{</span><span class="s2">&quot;arg&quot;</span>, <span class="s2">&quot;env&quot;</span><span class="o">}</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo <span class="nv">cmd_obj</span> <span class="o">=</span> input.stages<span class="o">[</span>j<span class="o">][</span>k<span class="o">]</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval <span class="nv">possibilities</span> <span class="o">=</span> <span class="o">{</span><span class="s2">&quot;arg&quot;</span>, <span class="s2">&quot;env&quot;</span><span class="o">}</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval cmd_obj.Cmd <span class="o">=</span> possibilities<span class="o">[</span>l<span class="o">]</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Fail cmd_obj.Cmd <span class="o">=</span> possibilities<span class="o">[</span>l<span class="o">]</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo <span class="nv">possibilities</span> <span class="o">=</span> <span class="o">{</span><span class="s2">&quot;arg&quot;</span>, <span class="s2">&quot;env&quot;</span><span class="o">}</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo <span class="nv">cmd_obj</span> <span class="o">=</span> input.stages<span class="o">[</span>j<span class="o">][</span>k<span class="o">]</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval <span class="nv">possibilities</span> <span class="o">=</span> <span class="o">{</span><span class="s2">&quot;arg&quot;</span>, <span class="s2">&quot;env&quot;</span><span class="o">}</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval cmd_obj.Cmd <span class="o">=</span> possibilities<span class="o">[</span>l<span class="o">]</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Fail cmd_obj.Cmd <span class="o">=</span> possibilities<span class="o">[</span>l<span class="o">]</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo <span class="nv">possibilities</span> <span class="o">=</span> <span class="o">{</span><span class="s2">&quot;arg&quot;</span>, <span class="s2">&quot;env&quot;</span><span class="o">}</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo <span class="nv">cmd_obj</span> <span class="o">=</span> input.stages<span class="o">[</span>j<span class="o">][</span>k<span class="o">]</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo <span class="nv">name</span> <span class="o">=</span> from.Value<span class="o">[</span><span class="m">0</span><span class="o">]</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo <span class="nv">from</span> <span class="o">=</span> data.lib.docker.from<span class="o">[</span>i<span class="o">]</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval <span class="nv">__local752__</span> <span class="o">=</span> output.img
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval neq<span class="o">(</span>__local752__, <span class="s2">&quot;scratch&quot;</span><span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval <span class="nv">__local753__</span> <span class="o">=</span> output.img
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval not data.builtin.dockerfile.DS001.is_alias<span class="o">(</span>__local753__<span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Enter data.builtin.dockerfile.DS001.is_alias<span class="o">(</span>__local753__<span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval data.builtin.dockerfile.DS001.is_alias<span class="o">(</span>__local753__<span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Index data.builtin.dockerfile.DS001.is_alias <span class="o">(</span>matched <span class="m">1</span> rule, early <span class="nb">exit</span><span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Enter data.builtin.dockerfile.DS001.is_alias
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval <span class="nv">img</span> <span class="o">=</span> data.builtin.dockerfile.DS001.get_aliases<span class="o">[</span>_<span class="o">]</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Index data.builtin.dockerfile.DS001.get_aliases <span class="o">(</span>matched <span class="m">1</span> rule<span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Enter data.builtin.dockerfile.DS001.get_aliases
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval <span class="nv">from_cmd</span> <span class="o">=</span> data.lib.docker.from<span class="o">[</span>_<span class="o">]</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Index data.lib.docker.from <span class="o">(</span>matched <span class="m">1</span> rule<span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval <span class="nv">__local749__</span> <span class="o">=</span> from_cmd.Value
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval data.builtin.dockerfile.DS001.get_alias<span class="o">(</span>__local749__, __local503__<span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Index data.builtin.dockerfile.DS001.get_alias <span class="o">(</span>matched <span class="m">1</span> rule<span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Enter data.builtin.dockerfile.DS001.get_alias
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval <span class="nv">__local748__</span> <span class="o">=</span> values<span class="o">[</span>i<span class="o">]</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval lower<span class="o">(</span>__local748__, __local501__<span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval <span class="s2">&quot;as&quot;</span> <span class="o">=</span> __local501__
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Fail <span class="s2">&quot;as&quot;</span> <span class="o">=</span> __local501__
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo lower<span class="o">(</span>__local748__, __local501__<span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo <span class="nv">__local748__</span> <span class="o">=</span> values<span class="o">[</span>i<span class="o">]</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Fail data.builtin.dockerfile.DS001.get_alias<span class="o">(</span>__local749__, __local503__<span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo <span class="nv">__local749__</span> <span class="o">=</span> from_cmd.Value
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo <span class="nv">from_cmd</span> <span class="o">=</span> data.lib.docker.from<span class="o">[</span>_<span class="o">]</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Fail <span class="nv">img</span> <span class="o">=</span> data.builtin.dockerfile.DS001.get_aliases<span class="o">[</span>_<span class="o">]</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Fail data.builtin.dockerfile.DS001.is_alias<span class="o">(</span>__local753__<span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval output.tag <span class="o">=</span> <span class="s2">&quot;latest&quot;</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Exit data.builtin.dockerfile.DS001.fail_latest
TRACE <span class="p">|</span> <span class="p">|</span> Redo data.builtin.dockerfile.DS001.fail_latest
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo output.tag <span class="o">=</span> <span class="s2">&quot;latest&quot;</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo <span class="nv">__local753__</span> <span class="o">=</span> output.img
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo neq<span class="o">(</span>__local752__, <span class="s2">&quot;scratch&quot;</span><span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo <span class="nv">__local752__</span> <span class="o">=</span> output.img
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo <span class="nv">output</span> <span class="o">=</span> data.builtin.dockerfile.DS001.image_tags<span class="o">[</span>_<span class="o">]</span>
TRACE <span class="p">|</span> <span class="p">|</span> Eval <span class="nv">__local754__</span> <span class="o">=</span> output.img
TRACE <span class="p">|</span> <span class="p">|</span> Eval sprintf<span class="o">(</span><span class="s2">&quot;Specify a tag in the &#39;FROM&#39; statement for image &#39;%s&#39;&quot;</span>, <span class="o">[</span>__local754__<span class="o">]</span>, __local509__<span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> Eval <span class="nv">msg</span> <span class="o">=</span> __local509__
TRACE <span class="p">|</span> <span class="p">|</span> Eval <span class="nv">__local755__</span> <span class="o">=</span> output.cmd
TRACE <span class="p">|</span> <span class="p">|</span> Eval data.lib.docker.result<span class="o">(</span>msg, __local755__, __local510__<span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> Index data.lib.docker.result <span class="o">(</span>matched <span class="m">1</span> rule<span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> Enter data.lib.docker.result
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval object.get<span class="o">(</span>cmd, <span class="s2">&quot;EndLine&quot;</span>, <span class="m">0</span>, __local470__<span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval object.get<span class="o">(</span>cmd, <span class="s2">&quot;Path&quot;</span>, <span class="s2">&quot;&quot;</span>, __local471__<span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval object.get<span class="o">(</span>cmd, <span class="s2">&quot;StartLine&quot;</span>, <span class="m">0</span>, __local472__<span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval <span class="nv">result</span> <span class="o">=</span> <span class="o">{</span><span class="s2">&quot;endline&quot;</span>: __local470__, <span class="s2">&quot;filepath&quot;</span>: __local471__, <span class="s2">&quot;msg&quot;</span>: msg, <span class="s2">&quot;startline&quot;</span>: __local472__<span class="o">}</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Exit data.lib.docker.result
TRACE <span class="p">|</span> <span class="p">|</span> Eval <span class="nv">res</span> <span class="o">=</span> __local510__
TRACE <span class="p">|</span> <span class="p">|</span> Exit data.builtin.dockerfile.DS001.deny
TRACE <span class="p">|</span> Redo data.builtin.dockerfile.DS001.deny
TRACE <span class="p">|</span> <span class="p">|</span> Redo <span class="nv">res</span> <span class="o">=</span> __local510__
TRACE <span class="p">|</span> <span class="p">|</span> Redo data.lib.docker.result<span class="o">(</span>msg, __local755__, __local510__<span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> Redo data.lib.docker.result
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo <span class="nv">result</span> <span class="o">=</span> <span class="o">{</span><span class="s2">&quot;endline&quot;</span>: __local470__, <span class="s2">&quot;filepath&quot;</span>: __local471__, <span class="s2">&quot;msg&quot;</span>: msg, <span class="s2">&quot;startline&quot;</span>: __local472__<span class="o">}</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo object.get<span class="o">(</span>cmd, <span class="s2">&quot;StartLine&quot;</span>, <span class="m">0</span>, __local472__<span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo object.get<span class="o">(</span>cmd, <span class="s2">&quot;Path&quot;</span>, <span class="s2">&quot;&quot;</span>, __local471__<span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo object.get<span class="o">(</span>cmd, <span class="s2">&quot;EndLine&quot;</span>, <span class="m">0</span>, __local470__<span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> Redo <span class="nv">__local755__</span> <span class="o">=</span> output.cmd
TRACE <span class="p">|</span> <span class="p">|</span> Redo <span class="nv">msg</span> <span class="o">=</span> __local509__
TRACE <span class="p">|</span> <span class="p">|</span> Redo sprintf<span class="o">(</span><span class="s2">&quot;Specify a tag in the &#39;FROM&#39; statement for image &#39;%s&#39;&quot;</span>, <span class="o">[</span>__local754__<span class="o">]</span>, __local509__<span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> Redo <span class="nv">__local754__</span> <span class="o">=</span> output.img
TRACE <span class="p">|</span> <span class="p">|</span> Redo <span class="nv">output</span> <span class="o">=</span> data.builtin.dockerfile.DS001.fail_latest<span class="o">[</span>_<span class="o">]</span>
TRACE <span class="p">|</span> Exit data.builtin.dockerfile.DS001.deny <span class="o">=</span> _
TRACE Redo data.builtin.dockerfile.DS001.deny <span class="o">=</span> _
TRACE <span class="p">|</span> Redo data.builtin.dockerfile.DS001.deny <span class="o">=</span> _
TRACE
ID: DS002
File: Dockerfile
Namespace: builtin.dockerfile.DS002
Query: data.builtin.dockerfile.DS002.deny
Message: Last USER <span class="nb">command</span> <span class="k">in</span> Dockerfile should not be <span class="s1">&#39;root&#39;</span>
TRACE Enter data.builtin.dockerfile.DS002.deny <span class="o">=</span> _
TRACE <span class="p">|</span> Eval data.builtin.dockerfile.DS002.deny <span class="o">=</span> _
TRACE <span class="p">|</span> Index data.builtin.dockerfile.DS002.deny <span class="o">(</span>matched <span class="m">2</span> rules<span class="o">)</span>
TRACE <span class="p">|</span> Enter data.builtin.dockerfile.DS002.deny
TRACE <span class="p">|</span> <span class="p">|</span> Eval data.builtin.dockerfile.DS002.fail_user_count
TRACE <span class="p">|</span> <span class="p">|</span> Index data.builtin.dockerfile.DS002.fail_user_count <span class="o">(</span>matched <span class="m">1</span> rule, early <span class="nb">exit</span><span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> Enter data.builtin.dockerfile.DS002.fail_user_count
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval <span class="nv">__local771__</span> <span class="o">=</span> data.builtin.dockerfile.DS002.get_user
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Index data.builtin.dockerfile.DS002.get_user <span class="o">(</span>matched <span class="m">1</span> rule<span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Enter data.builtin.dockerfile.DS002.get_user
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval <span class="nv">user</span> <span class="o">=</span> data.lib.docker.user<span class="o">[</span>_<span class="o">]</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Index data.lib.docker.user <span class="o">(</span>matched <span class="m">1</span> rule<span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Enter data.lib.docker.user
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval <span class="nv">instruction</span> <span class="o">=</span> input.stages<span class="o">[</span>_<span class="o">][</span>_<span class="o">]</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval instruction.Cmd <span class="o">=</span> <span class="s2">&quot;user&quot;</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Fail instruction.Cmd <span class="o">=</span> <span class="s2">&quot;user&quot;</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo <span class="nv">instruction</span> <span class="o">=</span> input.stages<span class="o">[</span>_<span class="o">][</span>_<span class="o">]</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval instruction.Cmd <span class="o">=</span> <span class="s2">&quot;user&quot;</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Exit data.lib.docker.user
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo data.lib.docker.user
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo instruction.Cmd <span class="o">=</span> <span class="s2">&quot;user&quot;</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo <span class="nv">instruction</span> <span class="o">=</span> input.stages<span class="o">[</span>_<span class="o">][</span>_<span class="o">]</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval instruction.Cmd <span class="o">=</span> <span class="s2">&quot;user&quot;</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Fail instruction.Cmd <span class="o">=</span> <span class="s2">&quot;user&quot;</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo <span class="nv">instruction</span> <span class="o">=</span> input.stages<span class="o">[</span>_<span class="o">][</span>_<span class="o">]</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval <span class="nv">username</span> <span class="o">=</span> user.Value<span class="o">[</span>_<span class="o">]</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Exit data.builtin.dockerfile.DS002.get_user
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo data.builtin.dockerfile.DS002.get_user
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo <span class="nv">username</span> <span class="o">=</span> user.Value<span class="o">[</span>_<span class="o">]</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo <span class="nv">user</span> <span class="o">=</span> data.lib.docker.user<span class="o">[</span>_<span class="o">]</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval count<span class="o">(</span>__local771__, __local536__<span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval lt<span class="o">(</span>__local536__, <span class="m">1</span><span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Fail lt<span class="o">(</span>__local536__, <span class="m">1</span><span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo count<span class="o">(</span>__local771__, __local536__<span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo <span class="nv">__local771__</span> <span class="o">=</span> data.builtin.dockerfile.DS002.get_user
TRACE <span class="p">|</span> <span class="p">|</span> Fail data.builtin.dockerfile.DS002.fail_user_count
TRACE <span class="p">|</span> Enter data.builtin.dockerfile.DS002.deny
TRACE <span class="p">|</span> <span class="p">|</span> Eval <span class="nv">cmd</span> <span class="o">=</span> data.builtin.dockerfile.DS002.fail_last_user_root<span class="o">[</span>_<span class="o">]</span>
TRACE <span class="p">|</span> <span class="p">|</span> Index data.builtin.dockerfile.DS002.fail_last_user_root <span class="o">(</span>matched <span class="m">1</span> rule<span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> Enter data.builtin.dockerfile.DS002.fail_last_user_root
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval <span class="nv">stage_users</span> <span class="o">=</span> data.lib.docker.stage_user<span class="o">[</span>_<span class="o">]</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Index data.lib.docker.stage_user <span class="o">(</span>matched <span class="m">1</span> rule<span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Enter data.lib.docker.stage_user
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval <span class="nv">stage</span> <span class="o">=</span> input.stages<span class="o">[</span>stage_name<span class="o">]</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval <span class="nv">users</span> <span class="o">=</span> <span class="o">[</span>cmd <span class="p">|</span> <span class="nv">cmd</span> <span class="o">=</span> stage<span class="o">[</span>_<span class="o">]</span><span class="p">;</span> cmd.Cmd <span class="o">=</span> <span class="s2">&quot;user&quot;</span><span class="o">]</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Enter <span class="nv">cmd</span> <span class="o">=</span> stage<span class="o">[</span>_<span class="o">]</span><span class="p">;</span> cmd.Cmd <span class="o">=</span> <span class="s2">&quot;user&quot;</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval <span class="nv">cmd</span> <span class="o">=</span> stage<span class="o">[</span>_<span class="o">]</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval cmd.Cmd <span class="o">=</span> <span class="s2">&quot;user&quot;</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Fail cmd.Cmd <span class="o">=</span> <span class="s2">&quot;user&quot;</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo <span class="nv">cmd</span> <span class="o">=</span> stage<span class="o">[</span>_<span class="o">]</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval cmd.Cmd <span class="o">=</span> <span class="s2">&quot;user&quot;</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Exit <span class="nv">cmd</span> <span class="o">=</span> stage<span class="o">[</span>_<span class="o">]</span><span class="p">;</span> cmd.Cmd <span class="o">=</span> <span class="s2">&quot;user&quot;</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo <span class="nv">cmd</span> <span class="o">=</span> stage<span class="o">[</span>_<span class="o">]</span><span class="p">;</span> cmd.Cmd <span class="o">=</span> <span class="s2">&quot;user&quot;</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo cmd.Cmd <span class="o">=</span> <span class="s2">&quot;user&quot;</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo <span class="nv">cmd</span> <span class="o">=</span> stage<span class="o">[</span>_<span class="o">]</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval cmd.Cmd <span class="o">=</span> <span class="s2">&quot;user&quot;</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Fail cmd.Cmd <span class="o">=</span> <span class="s2">&quot;user&quot;</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo <span class="nv">cmd</span> <span class="o">=</span> stage<span class="o">[</span>_<span class="o">]</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Exit data.lib.docker.stage_user
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo data.lib.docker.stage_user
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo <span class="nv">users</span> <span class="o">=</span> <span class="o">[</span>cmd <span class="p">|</span> <span class="nv">cmd</span> <span class="o">=</span> stage<span class="o">[</span>_<span class="o">]</span><span class="p">;</span> cmd.Cmd <span class="o">=</span> <span class="s2">&quot;user&quot;</span><span class="o">]</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo <span class="nv">stage</span> <span class="o">=</span> input.stages<span class="o">[</span>stage_name<span class="o">]</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval count<span class="o">(</span>stage_users, __local537__<span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval <span class="nv">len</span> <span class="o">=</span> __local537__
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval minus<span class="o">(</span>len, <span class="m">1</span>, __local538__<span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval <span class="nv">last</span> <span class="o">=</span> stage_users<span class="o">[</span>__local538__<span class="o">]</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval <span class="nv">user</span> <span class="o">=</span> last.Value<span class="o">[</span><span class="m">0</span><span class="o">]</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval <span class="nv">user</span> <span class="o">=</span> <span class="s2">&quot;root&quot;</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Exit data.builtin.dockerfile.DS002.fail_last_user_root
TRACE <span class="p">|</span> <span class="p">|</span> Redo data.builtin.dockerfile.DS002.fail_last_user_root
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo <span class="nv">user</span> <span class="o">=</span> <span class="s2">&quot;root&quot;</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo <span class="nv">user</span> <span class="o">=</span> last.Value<span class="o">[</span><span class="m">0</span><span class="o">]</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo <span class="nv">last</span> <span class="o">=</span> stage_users<span class="o">[</span>__local538__<span class="o">]</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo minus<span class="o">(</span>len, <span class="m">1</span>, __local538__<span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo <span class="nv">len</span> <span class="o">=</span> __local537__
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo count<span class="o">(</span>stage_users, __local537__<span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo <span class="nv">stage_users</span> <span class="o">=</span> data.lib.docker.stage_user<span class="o">[</span>_<span class="o">]</span>
TRACE <span class="p">|</span> <span class="p">|</span> Eval <span class="nv">msg</span> <span class="o">=</span> <span class="s2">&quot;Last USER command in Dockerfile should not be &#39;root&#39;&quot;</span>
TRACE <span class="p">|</span> <span class="p">|</span> Eval data.lib.docker.result<span class="o">(</span>msg, cmd, __local540__<span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> Index data.lib.docker.result <span class="o">(</span>matched <span class="m">1</span> rule<span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> Enter data.lib.docker.result
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval object.get<span class="o">(</span>cmd, <span class="s2">&quot;EndLine&quot;</span>, <span class="m">0</span>, __local470__<span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval object.get<span class="o">(</span>cmd, <span class="s2">&quot;Path&quot;</span>, <span class="s2">&quot;&quot;</span>, __local471__<span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval object.get<span class="o">(</span>cmd, <span class="s2">&quot;StartLine&quot;</span>, <span class="m">0</span>, __local472__<span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Eval <span class="nv">result</span> <span class="o">=</span> <span class="o">{</span><span class="s2">&quot;endline&quot;</span>: __local470__, <span class="s2">&quot;filepath&quot;</span>: __local471__, <span class="s2">&quot;msg&quot;</span>: msg, <span class="s2">&quot;startline&quot;</span>: __local472__<span class="o">}</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Exit data.lib.docker.result
TRACE <span class="p">|</span> <span class="p">|</span> Eval <span class="nv">res</span> <span class="o">=</span> __local540__
TRACE <span class="p">|</span> <span class="p">|</span> Exit data.builtin.dockerfile.DS002.deny
TRACE <span class="p">|</span> Redo data.builtin.dockerfile.DS002.deny
TRACE <span class="p">|</span> <span class="p">|</span> Redo <span class="nv">res</span> <span class="o">=</span> __local540__
TRACE <span class="p">|</span> <span class="p">|</span> Redo data.lib.docker.result<span class="o">(</span>msg, cmd, __local540__<span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> Redo data.lib.docker.result
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo <span class="nv">result</span> <span class="o">=</span> <span class="o">{</span><span class="s2">&quot;endline&quot;</span>: __local470__, <span class="s2">&quot;filepath&quot;</span>: __local471__, <span class="s2">&quot;msg&quot;</span>: msg, <span class="s2">&quot;startline&quot;</span>: __local472__<span class="o">}</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo object.get<span class="o">(</span>cmd, <span class="s2">&quot;StartLine&quot;</span>, <span class="m">0</span>, __local472__<span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo object.get<span class="o">(</span>cmd, <span class="s2">&quot;Path&quot;</span>, <span class="s2">&quot;&quot;</span>, __local471__<span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> <span class="p">|</span> Redo object.get<span class="o">(</span>cmd, <span class="s2">&quot;EndLine&quot;</span>, <span class="m">0</span>, __local470__<span class="o">)</span>
TRACE <span class="p">|</span> <span class="p">|</span> Redo <span class="nv">msg</span> <span class="o">=</span> <span class="s2">&quot;Last USER command in Dockerfile should not be &#39;root&#39;&quot;</span>
TRACE <span class="p">|</span> <span class="p">|</span> Redo <span class="nv">cmd</span> <span class="o">=</span> data.builtin.dockerfile.DS002.fail_last_user_root<span class="o">[</span>_<span class="o">]</span>
TRACE <span class="p">|</span> Exit data.builtin.dockerfile.DS002.deny <span class="o">=</span> _
TRACE Redo data.builtin.dockerfile.DS002.deny <span class="o">=</span> _
TRACE <span class="p">|</span> Redo data.builtin.dockerfile.DS002.deny <span class="o">=</span> _
TRACE
</code></pre></div>
</article>
<script>var tabs=__md_get("__tabs");if(Array.isArray(tabs))e:for(var set of document.querySelectorAll(".tabbed-set")){var tab,labels=set.querySelector(".tabbed-labels");for(tab of tabs)for(var label of labels.getElementsByTagName("label"))if(label.innerText.trim()===tab){var input=document.getElementById(label.htmlFor);input.checked=!0;continue e}}</script>
</div>
</div>
</main>
<footer class="md-footer">
<nav class="md-footer__inner md-grid" aria-label="Footer" >
<a href="../testing/" class="md-footer__link md-footer__link--prev" aria-label="Previous: Testing" rel="prev">
<div class="md-footer__button md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M20 11v2H8l5.5 5.5-1.42 1.42L4.16 12l7.92-7.92L13.5 5.5 8 11h12Z"/></svg>
</div>
<div class="md-footer__title">
<div class="md-ellipsis">
<span class="md-footer__direction">
Previous
</span>
Testing
</div>
</div>
</a>
<a href="../../../secret/" class="md-footer__link md-footer__link--next" aria-label="Next: Secret" rel="next">
<div class="md-footer__title">
<div class="md-ellipsis">
<span class="md-footer__direction">
Next
</span>
Secret
</div>
</div>
<div class="md-footer__button md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M4 11v2h12l-5.5 5.5 1.42 1.42L19.84 12l-7.92-7.92L10.5 5.5 16 11H4Z"/></svg>
</div>
</a>
</nav>
<div class="md-footer-meta md-typeset">
<div class="md-footer-meta__inner md-grid">
<div class="md-copyright">
</div>
</div>
</div>
</footer>
</div>
<div class="md-dialog" data-md-component="dialog">
<div class="md-dialog__inner md-typeset"></div>
</div>
<script id="__config" type="application/json">{"base": "../../../../..", "features": ["navigation.tabs", "navigation.tabs.sticky", "navigation.sections", "content.tabs.link"], "search": "../../../../../assets/javascripts/workers/search.b97dbffb.min.js", "translations": {"clipboard.copied": "Copied to clipboard", "clipboard.copy": "Copy to clipboard", "search.config.lang": "en", "search.config.pipeline": "trimmer, stopWordFilter", "search.config.separator": "[\\s\\-]+", "search.placeholder": "Search", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.placeholder": "Type to start searching", "search.result.term.missing": "Missing", "select.version.title": "Select version"}, "version": {"method": "mike", "provider": "mike"}}</script>
<script src="../../../../../assets/javascripts/bundle.6c7ad80a.min.js"></script>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink