search

microsoft / azure-pipelines-tasks

Tasks for Azure Pipelines
https://aka.ms/tfbuild
MIT License
3.45k stars 2.6k forks source link

Npm fails to install packages from another collection's Artifacts (Error 500) #13050

Closed PeterStaev closed 4 years ago

PeterStaev commented 4 years ago

Required Information

Entering this information will route you directly to the right team and expedite traction.

Question, Bug, or Feature?
Type: Bug

Enter Task Name: NpmV1

list here (V# not needed): NpmV1 https://github.com/Microsoft/azure-pipelines-tasks/tree/master/Tasks

Environment

Issue Description

I'm trying to authenticate a scoped package across different collections. So I have the Artifacts in Collection1, and I'm trying to consume the Artifacts in Collection2. I've added a service connection. Tried using both User/Password or PAT, both yield the same results - the npm install fails with server error 500. I even tried to execute the npm authenticate task, before install, but still the same results.

The same task when executed in the collection where the Artifacts are located works fine.

From what I see the problem is that the task always add the special <registry url>/:_authToken=xxxxx config to the npmrc file, and then adds the credentials from the service connection. This special token should be added ONLY if there is no selected service connection targeting the same registr url. If there is a service connection, only the credentials from the service connection should be used.

Task logs

log_7_2159.zip

Workaround

Use the old V0 task.

Troubleshooting

Checkout how to troubleshoot failures and collect debug logs: https://docs.microsoft.com/en-us/vsts/build-release/actions/troubleshooting

Error logs

18304 verbose stack Error: 500 Internal Server Error - GET https://tfs.tangrasoft.com/tfs/Tangra/_packaging/***/npm/registry/@tangra/***-validators/-/***-validators-2.1.0.tgz
18304 verbose stack     at C:\Users\Administrator\AppData\Roaming\npm\node_modules\npm\node_modules\npm-registry-fetch\check-response.js:104:15
18304 verbose stack     at processTicksAndRejections (internal/process/task_queues.js:97:5)
18305 verbose statusCode 500
18306 verbose pkgid @tangra/***-validators@2.1.0
18307 verbose cwd C:\agents\1\w\60\s\CRT\ClientApp
18308 verbose Windows_NT 6.3.9600
18309 verbose argv "C:\\Program Files (x86)\\nodejs\\node.exe" "C:\\Users\\Administrator\\AppData\\Roaming\\npm\\node_modules\\npm\\bin\\npm-cli.js" "install"
18310 verbose node v12.17.0
18311 verbose npm  v6.14.5
18312 error code E500
18313 error 500 Internal Server Error - GET https://tfs.tangrasoft.com/tfs/Tangra/_packaging/***/npm/registry/@tangra/***-validators/-/***-validators-2.1.0.tgz
18314 verbose exit [ 1, true ]
apluche commented 4 years ago

Hi @PeterStaev ,

Edit: I've looked through the logs provided and there isn't information on the 500. The logs do state that there are more verbose logs available in a different file. Could you send those logs?

From the logs: 2020-06-02T11:55:47.4196877Z npm ERR! 500 Internal Server Error - GET https://tfs.tangrasoft.com/tfs/Tangra/_packaging/***/npm/registry/@tangra/***-validators/-/***-validators-2.1.0.tgz 2020-06-02T11:55:47.4197071Z npm verb exit [ 1, true ] 2020-06-02T11:55:47.4197204Z npm timing npm Completed in 100321ms 2020-06-02T11:55:47.4197336Z 2020-06-02T11:55:47.4197625Z npm ERR! A complete log of this run can be found in: 2020-06-02T11:55:47.4197888Z npm ERR! C:\Users\Administrator\AppData\Roaming\npm-cache_logs\2020-06-02T11_55_47_341Z-debug.log

While I'm investigating this, could you try using the npm authenticate task by itself? You mentioned trying to use the npm authenticate task before the NpmV1 task. The npm authenticate task can be used without the NpmV1 task. You can run the Npm Auth task and then use a simple command line to run the install. Could you try doing so? There is more documentation here: https://docs.microsoft.com/en-us/azure/devops/pipelines/tasks/package/npm-authenticate?view=azure-devops

Please let me know if the npm auth task is a workaround for you. If not, could you supply the debug logs for it? I'll add those to my investigation.

PeterStaev commented 4 years ago

Hey @apluche ,

Attached is the other log, but from what I see there isn't much info in there as well.

I just tested with the workaround you suggested and I can confirm that it works - so having the NpmAuthenticate task and then have a CommandLine task that has npm install in it. Still Basic authentication (using a domain user/pwd) doesnt work, so had to use a PAT, but I think this is normal since the Artifacts portion works with PATs only.

2020-06-02T11_55_47_341Z-debug.zip

apluche commented 4 years ago

@PeterStaev ,

I see what you mean about not a lot of info...

I'm glad the workaround worked for you since the artifacts team put out the NpmAuthenticate task as a successor for the Npm task. We will continue to support the "old" task but are making an effort to have customers onboard to the more reliable NpmAuthenticate task.

If you would like me to continue investigating the older task, could you set a pipeline variable "system.debug" to true and run the pipeline again? This will output more detailed logs (unless that is already what you have sent).

PeterStaev commented 4 years ago

@apluche ,

The log attached in the OP HAS the debug option enabled.

I'm fine with the current workaround you provided. Didn't know that the Npm task will be more or less depreciated in favor of NpmAuthenticate + custom CMD script. I have no problem updating my projects to use that method. It might be good that you somehow It might be good to update the tasks/docs so this depreciation is visible so that end users know how to migrate their projects.