본문으로 건너뛰기
버전: 10.x

pnpm fetch

lockfile에서 가상 저장소로 패키지를 가져오면 패키지 매니페스트 파일이 무시됩니다.

사용 시나리오

이 명령은 도커 이미지 빌드를 향상하기 위해 특별히 설계되었습니다.

You may have read the official guide to writing a Dockerfile for a Node.js app, if you haven't read it yet, you may want to read it first.

이 가이드에서 pnpm을 사용하여 프로젝트에 최적화된 Dockerfile을 작성하는 방법을 배웁니다.

FROM node:20

WORKDIR /path/to/somewhere

RUN corepack enable pnpm && corepack install -g pnpm@latest-9

# Files required by pnpm install
COPY .npmrc package.json pnpm-lock.yaml .pnpmfile.cjs ./

# If you patched any package, include patches before install too
COPY patches patches

RUN pnpm install --frozen-lockfile --prod

# Bundle app source
COPY . .

EXPOSE 8080
CMD [ "node", "server.js" ]

As long as there are no changes to .npmrc, package.json, pnpm-lock.yaml, .pnpmfile.cjs, docker build cache is still valid up to the layer of RUN pnpm install --frozen-lockfile --prod, which cost most of the time when building a docker image.

However, modification to package.json may happen much more frequently than we expect, because it does not only contain dependencies, but may also contain the version number, scripts, and arbitrary configuration for any other tool.

monorepo 프로젝트를 빌드하는 Dockerfile을 유지 관리하는 것도 어렵습니다. 다음과 같이 보일 수 있습니다.

FROM node:20

WORKDIR /path/to/somewhere

RUN corepack enable pnpm && corepack install -g pnpm@latest-9

# Files required by pnpm install
COPY .npmrc package.json pnpm-lock.yaml .pnpmfile.cjs ./

# If you patched any package, include patches before install too
COPY patches patches

# for each sub-package, we have to add one extra step to copy its manifest
# to the right place, as docker have no way to filter out only package.json with
# single instruction
COPY packages/foo/package.json packages/foo/
COPY packages/bar/package.json packages/bar/

RUN pnpm install --frozen-lockfile --prod

# Bundle app source
COPY . .

EXPOSE 8080
CMD [ "node", "server.js" ]

보시다시피 하위 패키지를 추가하거나 제거할 때 Dockerfile을 업데이트해야 합니다.

pnpm fetch solves the above problem perfectly by providing the ability to load packages into the virtual store using only information from a lockfile.

FROM node:20

WORKDIR /path/to/somewhere

RUN corepack enable pnpm && corepack install -g pnpm@latest-9

# pnpm fetch does require only lockfile
COPY pnpm-lock.yaml ./

# If you patched any package, include patches before running pnpm fetch
COPY patches patches

RUN pnpm fetch --prod


ADD . ./
RUN pnpm install -r --offline --prod


EXPOSE 8080
CMD [ "node", "server.js" ]

It works for both simple and monorepo projects, --offline enforces pnpm not to communicate with the package registry as all needed packages are already present in the virtual store.

As long as the lockfile is not changed, the build cache is valid up to the layer, so RUN pnpm install -r --offline --prod, will save you much time.

옵션

--dev, -D

개발 패키지만 가져옵니다.

--prod, -P

개발 패키지를 가져오지 않습니다.