Azure-sdk-for-js: [identity] The 1.1.0-preview.3 installation fails in certain environments due to a native dependency
- Package Name:
@azure/identity
- Package Version:
1.1.0-preview.3
Describe the bug
When adding a dependency to version 1.1.0-preview.3 of the package, npm install might fail unless the environment has right dependencies installed to build keytar.
To Reproduce
Steps to reproduce the behavior:
- Create Dockerfile with following content:
FROM node:12-alpine
RUN npm install @azure/[email protected]
- Run
docker build . - Observe error with content like:
Step 2/2 : RUN npm install @azure/[email protected]
---> Running in eaa25a228d45
> [email protected] install /node_modules/keytar
> prebuild-install || node-gyp rebuild
prebuild-install WARN install No prebuilt binaries found (target=12.16.2 runtime=node arch=x64 libc=musl platform=linux)
...
gyp ERR! command "/usr/local/bin/node" "/usr/local/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js" "rebuild"
gyp ERR! cwd /node_modules/keytar
gyp ERR! node -v v12.16.2
gyp ERR! node-gyp -v v5.1.0
gyp ERR! not ok
...
Expected behavior
Expected to be able to successfully install without a toolchain for building native binaries.
Additional context
One option might be to have keytar as optional dependency so that it can be installed if the feature that needs it is required. It is required by the VSCodeCredentials feature.
cc: @bterlson @schaabs
vjrantal
All 6 comments
@vjrantal please pay attention to the doc about [email protected], which used in @azure/identity package.json.
Doc says that we need to add libsecret package in Linux https://www.npmjs.com/package/keytar/v/5.6.0#on-linux
Because in Windows that lib uses Credential manager and in Mac that package uses Keychain.
For Linux systems we should install libsecret library
@jonathandturner can we avoid using keytar package in @azure/identity package?
slowpokex
on 12 Jun 2020
It is true that it is documented how to build the package and those instructions works well.
The intent of this issue was that in a production deployment, the keytar dependency is often not needed because VSCodeCredentials is typically a development time feature. However, with the current package, a production build pipeline and runtime environment must include these additional dependencies which might be considered too much overhead for a feature that might not be needed at all.
vjrantal
on 30 Jun 2020
We're currently investigating a fix for this, which we hope to be in place for the next release of the library. I'll link to more information once the fix is ready.
jonathandturner
on 20 Jul 2020
We've added a fix that makes the keytar dependency optional, rather than required. With this, you should be able to build and install @azure/identity even if you aren't able use keytar. If keytar is not available, we just disable the credentials that require it (currently just the VSCode credential)
More info available here: https://github.com/Azure/azure-sdk-for-js/pull/10142
jonathandturner
on 20 Jul 2020
@jonathandturner this issue can be closed now that #10142 has been merged, correct?
joshfree
on 27 Jul 2020
Yes, going ahead and closing as this should be available in 1.1.0-preview.5.
jonathandturner
on 27 Jul 2020
Related issues
tomi
路
4Comments
pjblakey
路
3Comments
epomatti
路
4Comments
DerKobe
路
3Comments
nguerrera
路
3Comments
Most helpful comment
We've added a fix that makes the
keytardependency optional, rather than required. With this, you should be able to build and install @azure/identity even if you aren't able use keytar. If keytar is not available, we just disable the credentials that require it (currently just the VSCode credential)More info available here: https://github.com/Azure/azure-sdk-for-js/pull/10142