在使用Docker构建节点应用程序映像时如何摆脱package-lock.json警告?
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了在使用Docker构建节点应用程序映像时如何摆脱package-lock.json警告?相关的知识,希望对你有一定的参考价值。
我正在玩Docker来创建一个小节点应用程序映像,我想摆脱下面的警告:
npm notice created a lockfile as package-lock.json. You should commit this file.
npm WARN webserver@1.0.0 No description
npm WARN webserver@1.0.0 No repository field.
在构建我的图像时
PS C:UserseperretDesktopwebserver> docker build .
Sending build context to Docker daemon 4.096kB
Step 1/5 : FROM node:alpine
---> cd4fae427afc
Step 2/5 : COPY ./package.json ./
---> 990e1ee0398d
Step 3/5 : RUN npm install
---> Running in 8ffb61d273e4
npm notice created a lockfile as package-lock.json. You should commit this file.
npm WARN webserver@1.0.0 No description
npm WARN webserver@1.0.0 No repository field.
added 48 packages from 36 contributors and audited 121 packages in 1.675s
found 0 vulnerabilities
Removing intermediate container 8ffb61d273e4
---> fff34a1d0b4e
Step 4/5 : COPY ./ ./
---> ace2bc83a3f9
Step 5/5 : CMD [ "npm", "start" ]
---> Running in fa9d0a961867
Removing intermediate container fa9d0a961867
---> 34a593a4b338
Successfully built 34a593a4b338
SECURITY WARNING: You are building a Docker image from Windows against a non-Windows Docker host. All files and directories added to build context will have '-rwxr-xr-x' permissions. It is recommended to double check and reset permissions for sensitive files and directories.
我的Dockerfile
FROM node:alpine
COPY ./package.json ./
RUN npm install
COPY ./ ./
CMD [ "npm", "start" ]
//Load express module with `require` directive
var express = require('express')
var app = express()
//Define request response in root URL (/)
app.get('/', (req, res) => {
res.send('How are you doing');
});
//Launch listening server on port 8081
app.listen(8080, () => {
console.log('Listening on port 8080');
});
和package.json:
{
"name": "webserver",
"version": "1.0.0",
"description": "",
"repository": "",
"main": "index.js",
"scripts": {
"start": "node index.js"
},
"author": "",
"license": "ISC",
"dependencies": {
"express": "*"
}
}
我也认为有一个奇怪的是,还有一个警告缺乏description和repository字段,因为两者都出现在我的package.json上面。
答案
根据答案here
我可以在中间容器中全局禁用package-lock.json:
RUN npm config set package-lock false
FROM node:alpine
COPY ./package.json ./
RUN npm config set package-lock false
RUN npm install
COPY ./ ./
CMD [ "npm", "start" ]
现在输出:
PS C:UserseperretDesktopwebserver> docker build .
Sending build context to Docker daemon 4.096kB
Step 1/6 : FROM node:alpine
---> cd4fae427afc
Step 2/6 : COPY ./package.json ./
---> Using cache
---> 94e9c22361a2
Step 3/6 : RUN npm config set package-lock false
---> Using cache
---> 8d3df1028a80
Step 4/6 : RUN npm install
---> Using cache
---> 254d4ccce8ac
Step 5/6 : COPY ./ ./
---> Using cache
---> 48a1990903a6
Step 6/6 : CMD [ "npm", "start" ]
---> Using cache
---> 53cf819f42e7
Successfully built 53cf819f42e7
SECURITY WARNING: You are building a Docker image from Windows against a non-Windows Docker host. All files and directories added to build context will have '-rwxr-xr-x' permissions. It is recommended to double check and reset permissions for sensitive files and directories.
另一答案
你不应该把时间花在这样的事情上。在构建应用程序时添加package-lock.json文件是个好主意。如果您真的不想提供此文件,请忽略该警告消息。
以上是关于在使用Docker构建节点应用程序映像时如何摆脱package-lock.json警告?的主要内容,如果未能解决你的问题,请参考以下文章
如何在 Jenkins 的 HTTP_PROXY 后面使用 Dockerfile 构建 Docker 映像?
如何使用未提交的本地证书文件通过 GitHub 操作构建 Docker 映像
为 Python 项目构建 Docker 映像时如何避免重新安装包?