Eslint is not installing in the self hosted agent

[gbalamk]

Hi

I am trying to use the Microsoft security devops extension to perform security analysis of my code. However eslint is not installing in my self hosted agent whereas credscan and other tools are installing successfully. Can anyone take a look at it and do the needful.

Logs for the security task:

Starting: Run Microsoft Defender for DevOps

Task : Microsoft Security DevOps Description : Run the Microsoft Security DevOps CLI for static analysis. Version : 1.7.2 Author : Microsoft Corporation Help : Runs the Microsoft Security DevOps CLI for security analysis.

---

Installing Microsoft Security DevOps Cli version: Latest Microsoft.Security.Devops.Cli.linux-x64 version 0.164.1 already installed

/home/myagent4/_work/_msdo/versions/Microsoft.Security.Devops.Cli.linux-x64.0.164.1/tools/guardian init --force Init: Creating guardian repo at: /home/myagent4/_work/51/s A repository already exists at /home/myagent4/_work/51/s/.gdn. Deleting existing guardian repository at: /home/myagent4/_work/51/s/.gdn Removing Guardian repository at /home/myagent4/_work/51/s/.gdn Created a settings file at: /home/myagent4/_work/51/s/.gdn/.gdnsettings Added /home/myagent4/_work/51/s/.gdn/.gitignore file to ignore internal files. Please commit this file. Guardian repository created at: /home/myagent4/_work/51/s/.gdn Please commit everything in the .gdn folder to source control. You can now use "guardian run" to run tools. /home/myagent4/_work/_msdo/versions/Microsoft.Security.Devops.Cli.linux-x64.0.164.1/tools/guardian run -p microsoft --rich-exit-code --logger-pipeline --export-breaking-results-to-file /home/myagent4/_work/51/a/.gdn/msdo.sarif --telemetry-environment azdevops Run: Installing Microsoft.Security.CodeAnalysis.Policy.Names

  GET https://pkgs.dev.azure.com/secdevtools/fbe8430b-c7d4-4187-8c71-a0083ead3d4b/_packaging/a2fd5474-7706-4971-8654-fd0403cf8e6a/nuget/v3/registrations2-semver2/microsoft.security.codeanalysis.policy.names/index.json
  OK https://pkgs.dev.azure.com/secdevtools/fbe8430b-c7d4-4187-8c71-a0083ead3d4b/_packaging/a2fd5474-7706-4971-8654-fd0403cf8e6a/nuget/v3/registrations2-semver2/microsoft.security.codeanalysis.policy.names/index.json 81ms
Attempting to gather dependency information for package 'Microsoft.Security.CodeAnalysis.Policy.Names.1.0.2' with respect to project '/home/myagent4/_work/_msdo/packages/nuget', targeting 'Any,Version=v0.0'
Gathering dependency information took 30 ms
Attempting to resolve dependencies for package 'Microsoft.Security.CodeAnalysis.Policy.Names.1.0.2' with DependencyBehavior 'Lowest'
Resolving dependency information took 0 ms
Resolving actions to install package 'Microsoft.Security.CodeAnalysis.Policy.Names.1.0.2'
Resolved actions to install package 'Microsoft.Security.CodeAnalysis.Policy.Names.1.0.2'
Found package 'Microsoft.Security.CodeAnalysis.Policy.Names 1.0.2' in '/home/myagent4/_work/_msdo/packages/nuget'.
Package 'Microsoft.Security.CodeAnalysis.Policy.Names.1.0.2' already exists in folder '/home/myagent4/_work/_msdo/packages/nuget'
Successfully installed 'Microsoft.Security.CodeAnalysis.Policy.Names 1.0.2' to /home/myagent4/_work/_msdo/packages/nuget
Executing nuget actions took 33 ms

---

Installing Microsoft.Security.CodeAnalysis.Policy.Microsoft

  GET https://pkgs.dev.azure.com/secdevtools/fbe8430b-c7d4-4187-8c71-a0083ead3d4b/_packaging/a2fd5474-7706-4971-8654-fd0403cf8e6a/nuget/v3/registrations2-semver2/microsoft.security.codeanalysis.policy.microsoft/index.json
  OK https://pkgs.dev.azure.com/secdevtools/fbe8430b-c7d4-4187-8c71-a0083ead3d4b/_packaging/a2fd5474-7706-4971-8654-fd0403cf8e6a/nuget/v3/registrations2-semver2/microsoft.security.codeanalysis.policy.microsoft/index.json 127ms
Attempting to gather dependency information for package 'Microsoft.Security.CodeAnalysis.Policy.Microsoft.1.2.7' with respect to project '/home/myagent4/_work/_msdo/packages/nuget', targeting 'Any,Version=v0.0'
Gathering dependency information took 2 ms
Attempting to resolve dependencies for package 'Microsoft.Security.CodeAnalysis.Policy.Microsoft.1.2.7' with DependencyBehavior 'Lowest'
Resolving dependency information took 0 ms
Resolving actions to install package 'Microsoft.Security.CodeAnalysis.Policy.Microsoft.1.2.7'
Resolved actions to install package 'Microsoft.Security.CodeAnalysis.Policy.Microsoft.1.2.7'
Found package 'Microsoft.Security.CodeAnalysis.Policy.Microsoft 1.2.7' in '/home/myagent4/_work/_msdo/packages/nuget'.
Package 'Microsoft.Security.CodeAnalysis.Policy.Microsoft.1.2.7' already exists in folder '/home/myagent4/_work/_msdo/packages/nuget'
Successfully installed 'Microsoft.Security.CodeAnalysis.Policy.Microsoft 1.2.7' to /home/myagent4/_work/_msdo/packages/nuget
Executing nuget actions took 0.7 ms

---

The target directory is not provided. Defaults to the working directory: /home/myagent4/_work/51/s. The platform is not provided. Defaults to the current OS: Linux. Starting tools applicability analysis... Tools Applicability Infomation: Applicable Tools: Tool Name: terrascan Tool Version: 1.18.0.1 Tool Config File Path: /home/myagent4/_work/51/s/.gdn/c/terrascan-linux.gdntool

Tool Name: credscan Tool Version: 2.5.1.13 Tool Config File Path: /home/myagent4/_work/51/s/.gdn/c/credscan-linux.gdntool

Tool Name: eslint Tool Version: 7.32.0.2 Tool Config File Path: /home/myagent4/_work/51/s/.gdn/c/eslint-linux.gdntool

Tool Name: templateanalyzer Tool Version: 0.5.1 Tool Config File Path: /home/myagent4/_work/51/s/.gdn/c/templateanalyzer-linux.gdntool

Completed tools applicability analysis. Install: Installing Microsoft.Guardian.TerrascanRedist_linux_amd64

  Attempting to gather dependency information for package 'Microsoft.Guardian.TerrascanRedist_linux_amd64.1.18.0.1' with respect to project '/home/myagent4/_work/_msdo/packages/nuget', targeting 'Any,Version=v0.0'
  Gathering dependency information took 299 ms
  Attempting to resolve dependencies for package 'Microsoft.Guardian.TerrascanRedist_linux_amd64.1.18.0.1' with DependencyBehavior 'Lowest'
  Resolving dependency information took 0 ms
  Resolving actions to install package 'Microsoft.Guardian.TerrascanRedist_linux_amd64.1.18.0.1'
  Resolved actions to install package 'Microsoft.Guardian.TerrascanRedist_linux_amd64.1.18.0.1'
  Found package 'Microsoft.Guardian.TerrascanRedist_linux_amd64 1.18.0.1' in '/home/myagent4/_work/_msdo/packages/nuget'.
  Package 'Microsoft.Guardian.TerrascanRedist_linux_amd64.1.18.0.1' already exists in folder '/home/myagent4/_work/_msdo/packages/nuget'
  Successfully installed 'Microsoft.Guardian.TerrascanRedist_linux_amd64 1.18.0.1' to /home/myagent4/_work/_msdo/packages/nuget
  Executing nuget actions took 0.8 ms
------------------------------------------------------------------------------
Installing Microsoft.Security.CredScan
------------------------------------------------------------------------------
  Attempting to gather dependency information for package 'Microsoft.Security.CredScan.2.5.1.13' with respect to project '/home/myagent4/_work/_msdo/packages/nuget', targeting 'Any,Version=v0.0'
  Gathering dependency information took 142 ms
  Attempting to resolve dependencies for package 'Microsoft.Security.CredScan.2.5.1.13' with DependencyBehavior 'Lowest'
  Resolving dependency information took 0 ms
  Resolving actions to install package 'Microsoft.Security.CredScan.2.5.1.13'
  Resolved actions to install package 'Microsoft.Security.CredScan.2.5.1.13'
  Found package 'Microsoft.Security.CredScan 2.5.1.13' in '/home/myagent4/_work/_msdo/packages/nuget'.
  Package 'Microsoft.Security.CredScan.2.5.1.13' already exists in folder '/home/myagent4/_work/_msdo/packages/nuget'
  Successfully installed 'Microsoft.Security.CredScan 2.5.1.13' to /home/myagent4/_work/_msdo/packages/nuget
  Executing nuget actions took 6 ms
------------------------------------------------------------------------------

Installing eslint

npm install --loglevel error eslint@7.32.0 typescript@4.3.2 @microsoft/eslint-plugin-sdl@0.1.7 eslint-plugin-react@7.24.0 eslint-plugin-security@1.4.0 @typescript-eslint/typescript-estree@4.27.0 @typescript-eslint/parser@4.27.0 @typescript-eslint/eslint-plugin@4.27.0 @microsoft/eslint-formatter-sarif@2.1.5 eslint-plugin-node@11.1.0 --prefix /home/myagent4/_work/_msdo/packages/node_modules/eslint --global
------------------------------------------------------------------------------

[warning]Failed to install from source npm with exception System.ComponentModel.Win32Exception (2): An error occurred trying to start process 'npm' with working directory '/home/myagent4/_work/_msdo/packages/node_modules'. No such file or directory

at System.Diagnostics.Process.ForkAndExecProcess(ProcessStartInfo startInfo, String resolvedFilename, String[] argv, String[] envp, String cwd, Boolean setCredentials, UInt32 userId, UInt32 groupId, UInt32[] groups, Int32& stdinFd, Int32& stdoutFd, Int32& stderrFd, Boolean usesTerminal, Boolean throwOnNoExec) at System.Diagnostics.Process.StartCore(ProcessStartInfo startInfo) at System.Diagnostics.Process.Start() at System.Diagnostics.ProcessWrapper.Start() at System.Diagnostics.ExecutableRunner.Run(String arguments, String workingDirectory, Boolean waitForExit) at System.Diagnostics.ExecutableRunner.Run(String arguments, String workingDirectory) at Microsoft.Guardian.Installers.NpmClient.Install(IList`1 packageList, String prefix, String workingDirectory, Boolean global, Boolean quiet, Boolean engineStrict) at Microsoft.Guardian.Installers.NpmClient.Install(PackageConfig packageConfig, String outputDirectory)

[error]PackageInstallerException: Failed to install Npm package: eslint v7.32.0

[error]MSDO CLI exited with an error exit code: 1

Finishing: Run Microsoft Defender for DevOps

[chrisnielsen-MS]

Hi, can you confirm your agent has nodejs/npm installed? The other tool packages are nuget packages, but ESLint is an npm package which needs to use npm on the agent to download/install the tool.

[chrisnielsen-MS]

Closing this due to lack of response, feel free to re-open or create a new issue if this is still causing problems.