unable to access node and yarn within inlineScripts

[Hotell]

invoking NodeJs tools form within inlineScripts doesn't work

• workflow definition: https://github.com/microsoft/fluentui/blob/master/.github/workflows/bundle-size-base.yml#L54

This is blocker for our migration to GHA efforts which is required within security directive.

Repro

workflow example:

- name: Upload report
        uses: azure/cli@v2
        with:
          azcliversion: latest
          inlineScript: |
            yarn monosize upload-report --branch=${{ github.ref }} --commit-sha ${{ github.sha }}

Error:

Starting script execution via docker image mcr.microsoft.com/azure-cli:latest
🚨 /home/runner/work/_temp/AZ_CLI_GITHUB_ACTION_17308423827.sh: line 1: yarn: command not found 🚨
Error: Error: az cli script failed.

Directly invoking nodejs binary

  inlineScript: |
            $GITHUB_WORKSPACE/node_modules/.bin/monosize upload-report --branch=${{ github.ref }} --commit-sha ${{ github.sha }}

Error:

Starting script execution via docker image mcr.microsoft.com/azure-cli:latest
🚨 /usr/bin/env: 'node': No such file or directory 🚨
Error: Error: az cli script failed.

[MoChilia]

Hi @Hotell, nodejs and yarn are not common dependencies for Azure CLI commands, so they are not included in the image of Azure/cli action by default, see https://github.com/Azure/azure-cli/blob/276868511174d2aea59ae0dcb78d5760aaea5e01/azure-linux.dockerfile#L11C80-L11C92. If you require them inside Azure/cli action, you can install them manually by

    - uses: azure/cli@v2
      with:
        azcliversion: latest
        inlineScript: |
           tdnf install nodejs npm -y
           npm install --global yarn

[Hotell]

thanks for quick answer @MoChilia !

now it's failing on git 🥹

🚨🚨 /bin/sh: line 1: git: command not found 🚨🚨
monosize upload-report
uploads local results to Azure Table Storage
Options:
  -q, --quiet              Suppress verbose build output
                                                      [boolean] [default: false]
      --help               Show help                                   [boolean]
      --branch             A branch to associate a report    [string] [required]
      --report-files-glob  A glob pattern to search for report files in JSON for
                           mat                                          [string]
      --commit-sha         Defines a commit sha for a report [string] [required]
🚨🚨 Error: Command failed: git rev-parse --show-toplevel 🚨🚨
🚨🚨 /bin/sh: line 1: git: command not found 🚨🚨
    at genericNodeError (node:internal/errors:984:15)
    at wrappedFn (node:internal/errors:[53](https://github.com/microsoft/fluentui/actions/runs/11698854829/job/32579843548#step:7:54)8:14)
    at checkExecSyncError (node:child_process:890:11)
    at execSync (node:child_process:962:15)
    at findGitRoot (file:///home/runner/work/fluentai/fluentui/node_modules/monosize/src/utils/collectLocalReport.mjs:74:20)
    at collectLocalReport (file:///home/runner/work/fluentui/fluentui/node_modules/monosize/src/utils/collectLocalReport.mjs:64:101)
    at Object.uploadReport [as handler] (file:///home/runner/work/fluentai/fluentui/node_modules/monosize/src/commands/uploadReport.mjs:15:31) {
  status: 127,
  signal: null,
  output: [
    null,
    <Buffer >,
    <Buffer 2f 62 69 6e 2f 73 68 3a 20 6c 69 6e 65 20 31 3a 20 67 69 74 3a 20 63 6f 6d 6d [61](https://github.com/microsoft/fluentai/actions/runs/11698854829/job/32579843548#step:7:62) 6e 64 20 6e 6f 74 20 66 6f 75 6e 64 0a>
  ],
  pid: 68,
  stdout: <Buffer >,
  stderr: <Buffer 2f [62](https://github.com/microsoft/fluentai/actions/runs/11698854829/job/32579843548#step:7:63) 69 6e 2f 73 68 3a 20 6c 69 6e 65 20 31 3a 20 67 69 74 3a 20 [63](https://github.com/microsoft/fluentai/actions/runs/11698854829/job/32579843548#step:7:64) 6f 6d 6d 61 6e 64 20 6e 6f 74 20 66 6f 75 6e 64 0a>
}
Error: Error: az cli script failed.

[MoChilia]

@Hotell, please run tdnf install git -y to install git. You can use tdnf to install other required packages. BTW, may I know why it is required to run non-AzCLI commands in Azure/cli action?

[Hotell]

right, with that another error pops up :(

more context: monosize cli uses git under the hood and needs access to repository file structure

i] Using following config /home/runner/work/fluentui/fluentui/monosize.config.mjs
fatal: detected dubious ownership in repository at '/home/runner/work/fluentui/fluentui'
To add an exception for this directory, call:
	git config --global --add safe.directory /home/runner/work/fluentui/fluentui
monosize upload-report

[Hotell]

BTW, may I know why it is required to run non-AzCLI commands in Azure/cli action?

good question !

we need established connection to azure which is done in previous step https://github.com/microsoft/fluentui/blob/master/.github/workflows/bundle-size-base.yml#L47-L52

I was migrating this mostly "verbatim" from ADO pipeline definition.

if the login would establish connection to azure while using simple run command in next step would keep the connection open, that would allow us to avoid using azure cli completely - do you think this is doable ?

ty!

[MoChilia]

When you sign in to Azure using azure/login, the login information is stored in the .azure folder on your runner within the job. You can run common commands simply in run and Azure CLI commands in azure/cli.

[Hotell]

ok so I tried to switch to use standard run but again it failed.

1. when I did not provide explicitly those azure secrets used within login for the run those env variables were not available and it failed

[i] Using following config /Users/runner/work/fluentai/fluentai/monosize.config.mjs
[i] Local report prepared in 0.93s
[e] Upload of the report to a remote host failed...
🚨🚨 Error: monosize-storage-azure: Missing required environment variable(s) for authType AzurePipelinesCredential: AZURE_TENANT_ID, AZURE_CLIENT_ID, AZURE_SERVICE_CONNECTION_ID not in your process.env. 🚨🚨
    at validateRequiredEnvVariables (file:///Users/runner/work/fluentui/fluentui/node_modules/monosize-storage-azure/src/createTableClient.mjs:41:[15](https://github.com/microsoft/fluentai/actions/runs/11702789034/job/32591695851#step:7:16))

those vars mentioned within the error stack trace are used within the monosize plugin implementation, obtained from process.env in NodeJs context

2. when I added those explicitly, it failed on following error

[i] Using following config /Users/runner/work/fluentai/fluentai/monosize.config.mjs
[i] Local report prepared in 0.81s
[e] Upload of the report to a remote host failed...

🚨🚨 CredentialUnavailableError: AzurePipelinesCredential: is unavailable. Ensure that you're running this task in an Azure Pipeline, so that following missing system variable(s) can be defined- "SYSTEM_OIDCREQUESTURI" 🚨🚨

    at new AzurePipelinesCredential (/Users/runner/work/fluentai/fluentai/node_modules/@azure/identity/dist/index.js:3686:19)
    at createTableClient (file:///Users/runner/work/fluentai/fluentai/node_modules/monosize-storage-azure/src/createTableClient.mjs:33:117)
    at Object.uploadReportToRemote (file:///Users/runner/work/fluentai/fluentai/node_modules/monosize-storage-azure/src/uploadReportToRemote.mjs:[16](https://github.com/microsoft/fluentai/actions/runs/11703753784/job/32594757039#step:7:17):24)
    at Object.uploadReport [as handler] (file:///Users/runner/work/fluentai/fluentai/node_modules/monosize/src/commands/uploadReport.mjs:24:30)

thoughts ? ty

[MoChilia]

@Hotell, it should use DefaultAzureCredential and fall back to AzureCliCredential. Not sure why AzurePipelinesCredential is being used here: https://github.com/microsoft/fluentai/blob/bac55af7a688b4416711efebd3641b546fb40b9c/monosize.config.mjs#L33. You can check this.

[Hotell]

it should use DefaultAzureCredential and fall back to AzureCliCredential

yeah I noticed that as well. the AzureCliCredential was implemented initially as the pipeline ran on ADO. I implemented DefaultAzureCredential within the monosize tool but still it's failing on following:

[e] Upload of the report to a remote host failed...
RestError: 0:Bad Request - Error in query syntax.

{
  "name": "RestError",
  "code": "InvalidInput",
  "statusCode": 400,
 "message": "0:Bad Request - Error in query syntax.\nRequestId:cba2ca1f-c002-002f-6671-30fde8000000\nTime:2024-11-06T17:26:37.0621286Z"
}

anyways at this stage I don't think it's related to azure/cli so I'm gonna close this issue.

@MoChilia appreciate all your help and guidance 💪. cheers

[MoChilia]

Closing this for now, since it is out of scope.