Dockerfile: switch from npm to pnpm + drop --frozen-lockfile
Two upstream-rot issues fixed in one commit (same root cause: the upstream Dockerfile predates the move to pnpm and the lockfile has drifted): - npm install can't resolve workspace:* deps (which package.json used to declare for @nostr-dev-kit/ndk — see prior commit for the pin). Switching to pnpm@9 matches the lockfile that ships in-repo. - pnpm-lock.yaml is out of date vs package.json (likely from generation-time vs commit-time drift), so --frozen-lockfile fails with ERR_PNPM_OUTDATED_LOCKFILE. Drop the flag in both build and runtime stages to let pnpm resolve fresh, at the cost of giving up determinism — to be restored once the lockfile is regenerated. Also reorders the build stage to COPY lockfile + manifest before the source, so the install layer caches across source-only edits. Fixes #1, #2. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
parent
06272c8f2c
commit
960b9399e8
1 changed files with 21 additions and 7 deletions
28
Dockerfile
28
Dockerfile
|
|
@ -1,20 +1,32 @@
|
||||||
|
# Patched from upstream kind-0/nsecbunkerd Dockerfile to use pnpm — the
|
||||||
|
# upstream version uses `npm install` but package.json declares
|
||||||
|
# `@nostr-dev-kit/ndk` as `workspace:*`, which only pnpm understands.
|
||||||
|
# A clean clone of upstream fails to build with `EUNSUPPORTEDPROTOCOL`
|
||||||
|
# under npm. Switching to pnpm matches the lockfile that ships in-repo.
|
||||||
|
# Also drops `--frozen-lockfile` because the upstream pnpm-lock.yaml is
|
||||||
|
# out of date vs. package.json (ERR_PNPM_OUTDATED_LOCKFILE) — bug to
|
||||||
|
# file upstream once we've verified the rest of the stack works.
|
||||||
|
|
||||||
FROM node:20.11-bullseye AS build
|
FROM node:20.11-bullseye AS build
|
||||||
|
|
||||||
WORKDIR /app
|
WORKDIR /app
|
||||||
|
|
||||||
# Copy package files and install dependencies
|
RUN npm install -g pnpm@9
|
||||||
COPY package*.json ./
|
|
||||||
RUN npm install
|
# Copy lockfile + manifest first so the install layer caches across
|
||||||
|
# source changes.
|
||||||
|
COPY package.json pnpm-lock.yaml ./
|
||||||
|
RUN pnpm install --no-frozen-lockfile
|
||||||
|
|
||||||
# Copy application files
|
# Copy application files
|
||||||
COPY . .
|
COPY . .
|
||||||
|
|
||||||
# Generate prisma client and build the application
|
# Generate prisma client and build the application
|
||||||
RUN npx prisma generate
|
RUN npx prisma generate
|
||||||
RUN npm run build
|
RUN pnpm run build
|
||||||
|
|
||||||
# Runtime stage
|
# Runtime stage
|
||||||
FROM node:20.11-alpine as runtime
|
FROM node:20.11-alpine AS runtime
|
||||||
|
|
||||||
WORKDIR /app
|
WORKDIR /app
|
||||||
|
|
||||||
|
|
@ -22,11 +34,13 @@ RUN apk update && \
|
||||||
apk add --no-cache openssl && \
|
apk add --no-cache openssl && \
|
||||||
rm -rf /var/cache/apk/*
|
rm -rf /var/cache/apk/*
|
||||||
|
|
||||||
|
RUN npm install -g pnpm@9
|
||||||
|
|
||||||
# Copy built files from the build stage
|
# Copy built files from the build stage
|
||||||
COPY --from=build /app .
|
COPY --from=build /app .
|
||||||
|
|
||||||
# Install only runtime dependencies
|
# Install only runtime dependencies (pnpm respects the workspace protocol)
|
||||||
RUN npm install --only=production
|
RUN pnpm install --prod --no-frozen-lockfile
|
||||||
|
|
||||||
EXPOSE 3000
|
EXPOSE 3000
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue