npm install yarn --global fails in docker container

[jakabk]

Bug description

I've tried to install the latest yarn globally using lts/carbon npm.
It's failed with some permission denied message.
As I see the version which has been tried to install is not released: 1.22.7.
I haven't got problems with 1.22.5 but npm install yarn --global brakes our CI/CD pipeline.
The installation was tried in a docker container as root.

Command

nvm use lts/carbon
npm install yarn --global

What is the current behavior?

root@5ebd9bbf467d:/# npm install yarn --global

> [email protected] preinstall /root/.nvm/versions/node/v8.17.0/lib/node_modules/yarn
> node ./preinstall.js

sh: 1: node: Permission denied
npm ERR! code ELIFECYCLE
npm ERR! syscall spawn
npm ERR! file sh
npm ERR! errno ENOENT
npm ERR! [email protected] preinstall: `node ./preinstall.js`
npm ERR! spawn ENOENT
npm ERR! 
npm ERR! Failed at the [email protected] preinstall script.
npm ERR! This is probably not a problem with npm. There is likely additional logging output above.

npm ERR! A complete log of this run can be found in:
npm ERR!     /root/.npm/_logs/2020-09-28T10_46_23_638Z-debug.log
root@5ebd9bbf467d:/# 

What is the expected behavior?

root@5ebd9bbf467d:/# npm install [email protected] --global
/root/.nvm/versions/node/v8.17.0/bin/yarn -> /root/.nvm/versions/node/v8.17.0/lib/node_modules/yarn/bin/yarn.js
/root/.nvm/versions/node/v8.17.0/bin/yarnpkg -> /root/.nvm/versions/node/v8.17.0/lib/node_modules/yarn/bin/yarn.js
+ [email protected]
added 1 package in 0.345s

Steps to Reproduce

1. install nvm
2. nvm install lts/carbon
3. nvm use lts/carbon

Environment

• Node Version: v8.17.0
• npm version: 6.13.4
• Yarn v1 Version: 1.22.7
• OS and version: Debian 10 in docker container

[dcmbrs]

Same issue since version 1.22.6 but I don't have error log

On npm there are versions 1.22.6 and 1.22.7 but on git I don't see these release
They are deleted from git repo ?

[arcanis]

We've added a preinstall script in the 1.22.6. Given that they need to ship outside of the standard release pipeline which is broken, they haven't generated formal GH releases (I added them to the changelog tho).

Can you provide more details? In particular, can you explain why your setup cannot execute the node binary? If I get a better understanding of what happens I can implement a fix.

sh: 1: node: Permission denied

[arcanis]

From what I can see (nvm-sh/nvm#1407), the problem is that you're installing nvm as root, and when npm runs the lifecycle scripts it downgrades the permissions, making it impossible to even run Node scripts, since the node binary can only be accessed by root.

I'll make the script tolerant to such failures, but you might want to look at this, as running npm as root is perhaps not recommended.

[arcanis]

I've just released the 1.22.8 which uses the following script; it should prevent permission errors (since the script aims to make a future migration easier it's not a critical problem if it can't run), at the cost of the script not running anymore on Windows. I'll update the changelog.

:; (node ./preinstall.js >& /dev/null || true)

[hvdklauw]

We just did a deploy and the new version (1.22.8) got pulled in.. it gave us the following error:

$ npm install -g yarn
> [email protected] preinstall /usr/lib/node_modules/yarn
> :; (node ./preinstall.js >& /dev/null || true)
sh: 1: Syntax error: Bad fd number
npm ERR! code ELIFECYCLE
npm ERR! errno 2
npm ERR! [email protected] preinstall: `:; (node ./preinstall.js >& /dev/null || true)`
npm ERR! Exit status 2
npm ERR! 
npm ERR! Failed at the [email protected] preinstall script.
npm ERR! This is probably not a problem with npm. There is likely additional logging output above.
npm ERR! A complete log of this run can be found in:
npm ERR!     /root/.npm/_logs/2020-09-28T13_08_05_779Z-debug.log

[hvdklauw]

That should be

:; (node ./preinstall.js 2>&1 /dev/null || true)

I think

[gjvoosten]

@arcanis Can this be fixed real soon (v1.22.9)? It is blocking our work…

[gjvoosten]

That should be

:; (node ./preinstall.js 2>&1 /dev/null || true)

I think

Probably more like:

:; (node ./preinstall.js > /dev/null 2>&1 || true)

if the intention is to discard both stdout and stderr.

[dcmbrs]

Same for me but I don't have this trace

root@bee39e307c36:/tmp# npm install -g yarn --verbose
npm info it worked if it ends with ok
npm verb cli [ '/usr/bin/node',
npm verb cli   '/usr/bin/npm',
npm verb cli   'install',
npm verb cli   '-g',
npm verb cli   'yarn',
npm verb cli   '--verbose' ]
npm info using [email protected]
npm info using [email protected]
npm verb npm-session 4403626286b4d9ec
npm http fetch GET 200 https://registry.npmjs.org/yarn 208ms
npm http fetch GET 200 https://registry.npmjs.org/yarn/-/yarn-1.22.8.tgz 199ms
npm timing stage:loadCurrentTree Completed in 452ms
npm timing stage:loadIdealTree:cloneCurrentTree Completed in 0ms
npm timing stage:loadIdealTree:loadShrinkwrap Completed in 1ms
npm timing stage:loadIdealTree:loadAllDepsIntoIdealTree Completed in 6ms
npm timing stage:loadIdealTree Completed in 10ms
npm timing stage:generateActionsToTake Completed in 5ms
npm verb correctMkdir /root/.npm/_locks correctMkdir not in flight; initializing
npm verb lock using /root/.npm/_locks/staging-3a08f0df5026584d.lock for /usr/local/lib/node_modules/.staging
npm timing action:extract Completed in 106ms
npm timing action:finalize Completed in 3ms
npm timing action:refresh-package-json Completed in 15ms
npm info lifecycle [email protected]~preinstall: [email protected]

> [email protected] preinstall /usr/local/lib/node_modules/yarn
> :; (node ./preinstall.js >& /dev/null || true)


root@bee39e307c36:/tmp# echo $?
1
root@bee39e307c36:/tmp# npm --version
6.14.4

I'm on Docker with ubuntu focal version

And maybe if command npm install -g yarn will not work on root since version > 1.22.5, version must be 2.x.x ?

[arcanis]

I've released 1.22.10 that should fix the fd error. Can you confirm it works on your side?

@arcanis Can this be fixed real soon (v1.22.9)? It is blocking our work…

For future reference, you can (should) pin your version rather than use whatever the latest is on npm (by using [email protected], etc) - it's a good practice anyway regardless of the conditions, as you never know which bug could slip by us. You can also use the yarn-path setting to ensure that upgrades go through the appropriate review processes (including CI).

[gjvoosten]

1.22.10 works like a charm, @arcanis ; thanks for the speedy response!

[dcmbrs]

Don't work for me, but I'm going to use 1.22.5 version

[arcanis]

That sounds good - if you have an idea why is the execution failing, feel free to open another issue (to avoid us spamming other people from this thread). Without logs however, I won't be able to help much.

Fwiw we don't plan to add any more features to Yarn 1, as all of our resources have shifted to Yarn 2. The past few commits have been aimed toward making the transition a bit easier, in particular thanks to the Corepack initiative which we hope will make it easier to use Yarn (both 1 & 2) by removing the need to manually install them.

In the meantime, sorry for the disruption. I hope things will work fine now 🙂

[bjentsch]

There's an issue with this on Linux; the preinstall step errors out when executed:

��� YN0000: ��� yarn@npm:1.22.10 STDERR SyntaxError: Expected "$", "$(", "$((", "${", "'", "\"", "\\", or [ \t] but "&" found (line 1, column 40).
��� YN0000: ��� yarn@npm:1.22.10 STDERR     at fe (/var/lib/jenkins/workspace/frontend/.yarn/releases/yarn-2.2.2.js:55:361665)
��� YN0000: ��� yarn@npm:1.22.10 STDERR     at parse (/var/lib/jenkins/workspace/frontend/.yarn/releases/yarn-2.2.2.js:55:376698)
��� YN0000: ��� yarn@npm:1.22.10 STDERR     at i (/var/lib/jenkins/workspace/frontend/.yarn/releases/yarn-2.2.2.js:2:456775)
��� YN0000: ��� yarn@npm:1.22.10 STDERR     at T (/var/lib/jenkins/workspace/frontend/.yarn/releases/yarn-2.2.2.js:2:488855)
��� YN0000: ��� yarn@npm:1.22.10 STDERR     at i.configuration.reduceHook.script (/var/lib/jenkins/workspace/frontend/.yarn/releases/yarn-2.2.2.js:2:367760)
��� YN0000: ��� yarn@npm:1.22.10 STDERR     at /var/lib/jenkins/workspace/frontend/.yarn/releases/yarn-2.2.2.js:2:367882
��� YN0000: ��� yarn@npm:1.22.10 STDERR     at async a.mktempPromise (/var/lib/jenkins/workspace/frontend/.yarn/releases/yarn-2.2.2.js:2:447806)
��� YN0000: ��� yarn@npm:1.22.10 STDERR     at async Module.k (/var/lib/jenkins/workspace/frontend/.yarn/releases/yarn-2.2.2.js:2:367500)
��� YN0000: ��� yarn@npm:1.22.10 STDERR     at async /var/lib/jenkins/workspace/frontend/.yarn/releases/yarn-2.2.2.js:2:324596
��� YN0009: ��� yarn@npm:1.22.10 couldn't be built successfully (exit code 1, logs can be found here: /tmp/xfs-fe2baaa4/build.log)
��� YN0009: ��� yarn@npm:1.22.10 couldn't be built successfully (exit code 1, logs can be found here: /tmp/xfs-fe2baaa4/build.log)

We've reverted our yarn version to 1.22.7 where this issue doesn't exist yet.

[gengjiawen]

Don't work for me, but I'm going to use 1.22.5 version

Looks like 1.22.10 works on Node.js 14, not 10 from what I test.

[gengjiawen]

Don't work for me, but I'm going to use 1.22.5 version

Looks like 1.22.10 works on Node.js 14, not 10 from what I test.

Interesting, you may need to update npm. 6.14.4 not works, 6.14.8 works.

[arcanis]

@benjie This parsing issue is unique to Yarn 2. Can you open a thread on our repository?

[benjie]

@arcanis I'm not sure why I was @-d on this? Perhaps you meant to reply to a different issue?

[arcanis]

Sorry, I meant @bjentsch 😶

[bjentsch]

This parsing issue is unique to Yarn 2. Can you open a thread on our repository?

Will do @arcanis 👍

[samal-rasmussen]

I've just released the 1.22.8 which uses the following script; it should prevent permission errors (since the script aims to make a future migration easier it's not a critical problem if it can't run), at the cost of the script not running anymore on Windows. I'll update the changelog.

:; (node ./preinstall.js >& /dev/null || true)

I'm having trouble parsing this. Does this mean Windows should still work if you don't install as admin? Or are you saying you're dropping support for Windows?

[arcanis]

The postinstall script simply won't have any effect. The rest of Yarn (ie, everything you care about) will work.

[edalongeville]

This is still happening to me.

Steps to reproduce:

docker run -ti --entrypoint /bin/bash ubuntu

Inside the container:

apt-get update
apt-get install npm
npm install -g yarn

This will work:

npm install -g [email protected]

[ScottPierce]

I'm seeing this fail for docker ubuntu containers:

FROM ubuntu:20.04

USER root

RUN apt update \
    && apt upgrade -y

RUN apt install -y --no-install-recommends \
    curl \
    && apt-get clean \
    && rm -rf /var/lib/apt/lists/*

RUN apt update \
    && apt upgrade -y

RUN apt install -y --no-install-recommends \
    nodejs \
    npm \
    openjdk-8-jdk \
    && apt clean \
    && rm -rf /var/lib/apt/lists/*

RUN npm install -g yarn \
    && yarn global add [email protected] \
    && yarn cache clean \
    && firebase setup:emulators:firestore

[aaden001]

This problem still persists.

I have done

RUN npm install -g npm
RUN npm install -g [email protected]

still no luck

[aaden001]

This problem still persists.

I have done

RUN npm install -g npm RUN npm install -g [email protected]

still no luck

nvm yarn was already installed in the based image