search

secrethub / secrethub-cli

A secrets management platform that every engineer can use with minimal code changes.
https://secrethub.io
Apache License 2.0
135 stars 23 forks source link

Npm package of @secrethub/cli is not an executable #373

Open stavalfi opened 3 years ago

stavalfi commented 3 years ago

Hi, I think that the deployment process of the @secrethub/cli npm-package may has a bug:

$ npx @secrethub/cli
npx: command not found: cli

Up until now, I used yarn1 and downloaded @secrethub/cli to the project. I couldn't run it like: yarn secrethub because of the bug above, so as a workaround, I specified the full path from the node_modules: yarn node_modules/.bin/secrethub. All good.

After moving to yarn2 as a package-manager, I don't have node_modules anymore, so I must do one of the following:

  1. yarn secrethub - throw an error. it maybe related to the error above with npx.
  2. yarn dlx @secrethub/cli - same error as npx.
  3. npx @secrethub/cli - as you saw above.

Workaround: is to install secrethub from other package-manager: apk/apt-get

More info:

This is the package.json of @secrethub/cli (which I couldn't find in your organization. I found it in the node_modules when using yarn1)

{
  "name": "@secrethub/cli",
  "scripts": {
    "preinstall": "node install.js"
  },
  "bin": {
    "secrethub": "./bin/secrethub"           <<<<<<<<<----
  },
  "author": "SecretHub <info@secrethub.io> (https://secrethub.io)",
  "homepage": "https://secrethub.io",
  "repository": "github:secrethub/secrethub-cli",
  "description": "A secrets management platform that every engineer can use with minimal code changes.",
  "keywords": [
    "secrets management",
    "devops",
    "devsecops",
    "end-to-end encryption"
  ],
  "dependencies": {
    "axios": "^0.19.2",
    "tar": "^6.0.2",
    "unzipper": "^0.10.11"
  },
  "devDependencies": {},
  "license": "Apache-2.0",
  "version": "0.41.2"
}

Something maybe wrong in ./bin/secrethub.

florisvdg commented 3 years ago

And does npm install -g @secrethub/cli work for you?

florisvdg commented 3 years ago

I tried running npx @secrethub/cli using Node v14 / NPX v6 and I'm getting the same error you got.

However, when upgrading to Node v15 / NPX v7 it seems to work fine. I can run npx @secrethub/cli --version for example and it downloads the CLI and prints the SecretHub version.

I don't know exactly what they changed between these versions to make it work, but it does the trick. Could you try that? I'll look to see if there's anything we can do to support NPX on earlier versions too.

stavalfi commented 3 years ago

Sorry for the delay.

npm install -g @secrethub/cli works for me in node 14.16.0 and npm 6.14.11.