[英]Should I copy `package-lock.json` to the container image in Dockerfile?
Here is my Dockerfile
:这是我的
Dockerfile
:
FROM node:12-slim
ENV NODE_ENV=production
WORKDIR /
# COPY . . # COPY ENTIRE FOLDER ?
COPY ./package.json ./package.json
COPY ./dist ./dist
RUN npm install --only=production
EXPOSE 8080
ENTRYPOINT npm start
Here is my .dockerignore
file:这是我的
.dockerignore
文件:
node_modules
You see that I'm just copying package.json
and not package-lock.json
.你看我只是在复制
package.json
而不是package-lock.json
。 I guessed that, since I'll be running RUN npm install
to build the image, I thought that it should create its own package-lock.json
.我猜到了,因为我将运行
RUN npm install
来构建映像,我认为它应该创建自己的package-lock.json
。
But I got this warning during the build:但是我在构建过程中收到了这个警告:
> Step #0: > protobufjs@6.10.2 postinstall /node_modules/protobufjs
> Step #0: > node scripts/postinstall
> Step #0:
> Step #0: npm notice created a lockfile as package-lock.json. You should commit this file.
> Step #0: npm WARN knative-serving-helloworld@1.0.0 No repository field.
> Step #0:
> Step #0: added 304 packages from 217 contributors and audited 312 packages in 15.27s
So, should I add this to my Dockerfile
?那么,我应该将此添加到我的
Dockerfile
吗?
COPY ./package-lock.json ./package-lock.json
You should absolutely copy the package-lock.json
file in. It has a slightly different role from the package.json
file: package.json
can declare "I'm pretty sure my application works with version 17 of the react
package", where package-lock.json
says "I have built and tested with exactly version 17.0.1 of that package". You should absolutely copy the
package-lock.json
file in. It has a slightly different role from the package.json
file: package.json
can declare "I'm pretty sure my application works with version 17 of the react
package", where package-lock.json
说“我已经使用该软件包的 17.0.1 版本进行构建和测试”。
Once you have both files, there is a separate npm ci
command that's optimized for this case.一旦你拥有这两个文件,就会有一个单独的
npm ci
命令针对这种情况进行了优化。
COPY package.json package-lock.json .
# Run `npm ci` _before_ copying the application in
RUN NODE_ENV=production npm ci
# If any file in `dist` changes, this will stop Docker layer caching
COPY ./dist ./dist
It depends if you want to have exactly the same env everywhere.这取决于您是否想在任何地方都拥有完全相同的环境。 If yes, package-lock.json is needed.
如果是,则需要 package-lock.json。 There is a nice post about it here: https://stackoverflow.com/a/64014814/4925213
这里有一个很好的帖子: https://stackoverflow.com/a/64014814/4925213
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.