본문으로 건너뛰기
버전: 7.x

pnpm fetch

lockfile에서 가상 저장소로 패키지를 가져오면 패키지 매니페스트 파일이 무시됩니다.

사용 시나리오

This command is specifically designed to improve building a docker image.

You may have read the official guide to writing a Dockerfile for a Node.js app, if you haven't read it yet, you may want to read it first.

From that guide, we learn to write an optimized Dockerfile for projects using pnpm, which looks like

FROM node:14

RUN curl -f https://get.pnpm.io/v6.16.js | node - add --global pnpm

# pnpm install에 필요한 파일
COPY .npmrc package.json pnpm-lock.yaml .pnpmfile.cjs ./

RUN pnpm install --frozen-lockfile --prod

# 번들 앱 소스
COPY . .

EXPOSE 8080
CMD [ "node", "server.js" ]

As long as there are no changes to .npmrc, package.json, pnpm-lock.yaml, .pnpmfile.cjs, docker build cache is still valid up to the layer of RUN pnpm install --frozen-lockfile --prod, which cost most of the time when building a docker image.

However, modification to package.json may happen much more frequently than we expect, because it does not only contain dependencies, but may also contain the version number, scripts, and arbitrary configuration for any other tool.

It's also hard to maintain a Dockerfile that builds a monorepo project, it may look like

FROM node:14

RUN curl -f https://get.pnpm.io/v6.16.js | node - add --global pnpm

# 설치를 위해 필요한 파일
COPY .npmrc package.json pnpm-lock.yaml .pnpmfile.cjs ./

# for each sub-package, we have to add one extra step to copy its manifest
# to the right place, as docker have no way to filter out only package.json with
# single instruction
# 하나의 명령어만으로 도커는 package.json을 걸러낼 수 없기 때문에 각 서브 패키지에 대해 매니페스트를 올바른 위치로 복사하기 위한 여분의 명령어를 추가해야 합니다.
COPY packages/foo/package.json packages/foo/
COPY packages/bar/package.json packages/bar/

RUN pnpm install --frozen-lockfile --prod

# 앱 소스 번들
COPY . .

EXPOSE 8080
CMD [ "node", "server.js" ]

보시다시피 하위 패키지를 추가하거나 제거할 때 Dockerfile을 업데이트해야 합니다.

pnpm fetch solves the above problem perfectly by providing the ability to load packages into the virtual store using only information from a lockfile.

FROM node:14

RUN curl -f https://get.pnpm.io/v6.16.js | node-add --global pnpm

# pnpm fetch는 lockfile만 필요합니다.
COPY pnpm-lock.yaml ./

RUN pnpm fetch --prod


ADD. ./
RUN pnpm install -r --offline --prod


EXPOSE 8080
CMD [ "node", "server.js" ]

It works for both simple and monorepo projects, --offline enforces pnpm not to communicate with the package registry as all needed packages are already present in the virtual store.

As long as the lockfile is not changed, the build cache is valid up to the layer, so RUN pnpm install -r --offline --prod, will save you much time.

옵션

--dev

개발 패키지만 가져옵니다.

--prod

개발 패키지를 가져오지 않습니다.