pnpm fetch
Récupère les paquets d'un fichier de verrouillage dans le magasin virtuel, le manifeste des paquets est ignoré.
Scénario d'utilisation
Cette commande est spécifiquement conçue pour améliorer la construction d'une image Docker.
You may have read theofficial guide to writing a Dockerfile for a Node.jsapp, if you haven't read it yet, you may want to read it first.
À partir de ce guide, nous apprenons à écrire un Dockerfile optimisé pour les projets utilisantpnpm, qui ressemble à
FROM node:20
WORKDIR /path/to/somewhere
RUN corepack enable pnpm && corepack install -g pnpm@latest-10
# Files required by pnpm install
COPY .npmrc package.json pnpm-lock.yaml pnpm-workspace.yaml .pnpmfile.cjs ./
# If you patched any package, include patches before install too
COPY patches patches
RUN pnpm install --frozen-lockfile --prod
# Bundle app source
COPY . .
EXPOSE 8080
CMD [ "node", "server.js" ]
As long as there are no changes to.npmrc,package.json,pnpm-lock.yaml,pnpm-workspace.yaml,.pnpmfile.cjs, docker build cache is still valid up to the layer ofRUN pnpm install --frozen-lockfile --prod, which cost most of the timewhen building a docker image.
However, modification topackage.json may happen much more frequently thanwe expect, because it does not only contain dependencies, but may alsocontain the version number, scripts, and arbitrary configuration for any othertool.
Il est également difficile de maintenir un Dockerfile qui construit un projet monorepo, il peut ressembler
FROM node:20
WORKDIR /path/to/somewhere
RUN corepack enable pnpm && corepack install -g pnpm@latest-10
# Files required by pnpm install
COPY .npmrc package.json pnpm-lock.yaml pnpm-workspace.yaml .pnpmfile.cjs ./
# If you patched any package, include patches before install too
COPY patches patches
# for each sub-package, we have to add one extra step to copy its manifest
# to the right place, as docker have no way to filter out only package.json with
# single instruction
COPY packages/foo/package.json packages/foo/
COPY packages/bar/package.json packages/bar/
RUN pnpm install --frozen-lockfile --prod
# Bundle app source
COPY . .
EXPOSE 8080
CMD [ "node", "server.js" ]
Comme vous pouvez le constater, le Dockerfile doit être mis à jour lorsque vous ajoutez ou supprimez des sous-paquets.
pnpm fetch solves the above problem perfectly by providing the abilityto load packages into the virtual store using only information from a lockfile and a configuration file (pnpm-workspace.yaml).
FROM node:20
WORKDIR /path/to/somewhere
RUN corepack enable pnpm && corepack install -g pnpm@latest-10
# pnpm fetch does require only lockfile
COPY pnpm-lock.yaml pnpm-workspace.yaml ./
# If you patched any package, include patches before running pnpm fetch
COPY patches patches
RUN pnpm fetch --prod
ADD . ./
RUN pnpm install -r --offline --prod
EXPOSE 8080
CMD [ "node", "server.js" ]
It works for both simple and monorepo projects,--offline enforcespnpm not to communicate with the package registry as all needed packages arealready present in the virtual store.
As long as the lockfile is not changed, the build cache is valid up to thelayer, soRUN pnpm install -r --offline --prod, will save you muchtime.
Options
--dev, -D
Seuls les paquets de développement seront récupérés
--prod, -P
Les paquets de développement ne seront pas récupérés