Skip to content

Add npmAuthenticate task to fix E401 errors on CI agents#7363

Closed
ilonatommy wants to merge 4 commits into
mainfrom
fix-npm-auth-e401
Closed

Add npmAuthenticate task to fix E401 errors on CI agents#7363
ilonatommy wants to merge 4 commits into
mainfrom
fix-npm-auth-e401

Conversation

@ilonatommy
Copy link
Copy Markdown
Member

@ilonatommy ilonatommy commented Mar 6, 2026
edited
Loading

Problem

Some NetCore-Public pool agents have stale npm auth tokens in C:\Users\cloudtest\.npmrc. When npm ci runs against the public dotnet-public-npm feed, npm sends these stale credentials instead of using anonymous access, resulting in E401 errors. This has been blocking PR #7361 (Dependabot security fix) for 2 days.

Fix

Add npmAuthenticate@0 pipeline task before the Build Azure DevOps plugin step in eng/pipelines/templates/BuildAndTest.yml. This provides a fresh valid token on every build, overriding any stale agent-level credentials.

Evidence

Two different agents failed across separate builds while others succeeded in the same build:

  • Agent 109: E401 / Agent 126: passed (same build 20260306.1)
  • Agent 68: E401 (build 20260305.12)

Fixes #7362

@ilonatommy ilonatommy requested a review from a team as a code owner March 6, 2026 13:06
Copilot AI review requested due to automatic review settings March 6, 2026 13:06
Copilot AI reviewed Mar 6, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR hardens CI for the Azure DevOps report publishing task by preventing npm from sending potentially stale agent-level credentials to a public Azure Artifacts npm feed, avoiding intermittent E401 failures.

Changes:

  • Add always-auth=false to the task’s project-level .npmrc so npm won’t send auth headers for read operations against the public registry.

@ilonatommy ilonatommy requested a review from a team as a code owner March 6, 2026 13:08
@ilonatommy ilonatommy changed the title Fix npm E401 auth failures on CI agents Add npmAuthenticate task to fix E401 errors on CI agents Mar 6, 2026
@ilonatommy
Add npmAuthenticate@0 task before Azure DevOps plugin build
151fc68 
Provides a fresh npm auth token on every build, preventing stale agent-level
credentials from causing E401 errors on public feeds.

Fixes #7362
@ilonatommy ilonatommy closed this Mar 6, 2026
@ilonatommy ilonatommy deleted the fix-npm-auth-e401 branch March 6, 2026 13:12
@ilonatommy ilonatommy mentioned this pull request Mar 6, 2026
Merged
@github-actions github-actions Bot locked and limited conversation to collaborators Apr 6, 2026
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

@ilonatommy ilonatommy

Labels

area-infrastructure

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

CI: npm E401 auth failures on NetCore-Public agents blocking Dependabot PRs

2 participants

@ilonatommy