pnpm and yarn support

[kunyan]

Concept

Hi there,

Since pnpm and yarn is becoming more and more popular in nodejs development community.

npm is not the only package manager any more

I think the s2i-nodejs should allow people who is using a non-npm package manager

My ideas is detect the lockfile to check if it is using a different package manager.

• npm is using package-lock.json
• pnpm is using pnpm-lock.yaml
• yarn is using yarn-lock.json

npm will be the default package manager

If package-lock.json found.

Will replace npm install to npm ci ref: https://docs.npmjs.com/cli/v8/commands/npm-ci

• npm ci
• npm run build --if-present
• npm prune

if pnpm-lock.yaml found

install pnpm via npm

• npm install -g pnpm
• pnpm install
• pnpm run build --if-present
• pnpm prune --prod

if yarn-lock.json found

install yarn via npm

• npm install -g yarn
• yarn install
• yarn run build --if-present
• yarn prune

if no lockfile found

• npm install
• npm run build --if-present
• npm prune

Example

Here is a example of assemble file I'm using now

#!/bin/bash

# Prevent running assemble in builders different than official STI image.
# The official nodejs:8-onbuild already run npm install and use different
# application folder.
[ -d "/usr/src/app" ] && exit 0

set -e

# FIXME: Linking of global modules is disabled for now as it causes npm failures
#        under RHEL7
# Global modules good to have
# npmgl=$(grep "^\s*[^#\s]" ../etc/npm_global_module_list | sort -u)
# Available global modules; only match top-level npm packages
#global_modules=$(npm ls -g 2> /dev/null | perl -ne 'print "$1\n" if /^\S+\s(\S+)\@[\d\.-]+/' | sort -u)
# List all modules in common
#module_list=$(/usr/bin/comm -12 <(echo "${global_modules}") | tr '\n' ' ')
# Link the modules
#npm link $module_list

safeLogging () {
    if [[ $1 =~ http[s]?://.*@.*$ ]]; then
        echo $1 | sed 's/^.*@/redacted@/'
    else
        echo $1
    fi
}

shopt -s dotglob
if [ -d /tmp/artifacts ] && [ "$(ls /tmp/artifacts/ 2>/dev/null)" ]; then
    echo "---> Restoring previous build artifacts ..."
    mv -T --verbose /tmp/artifacts/node_modules "${HOME}/node_modules"
fi

echo "---> Installing application source ..."
mv /tmp/src/* ./

# Fix source directory permissions
fix-permissions ./

if [ ! -z $HTTP_PROXY ]; then
    echo "---> Setting npm http proxy to" $(safeLogging $HTTP_PROXY)
    npm config set proxy $HTTP_PROXY
fi

if [ ! -z $http_proxy ]; then
    echo "---> Setting npm http proxy to" $(safeLogging $http_proxy)
    npm config set proxy $http_proxy
fi

if [ ! -z $HTTPS_PROXY ]; then
    echo "---> Setting npm https proxy to" $(safeLogging $HTTPS_PROXY)
    npm config set https-proxy $HTTPS_PROXY
fi

if [ ! -z $https_proxy ]; then
    echo "---> Setting npm https proxy to" $(safeLogging $https_proxy)
    npm config set https-proxy $https_proxy
fi

# Change the npm registry mirror if provided
if [ -n "$NPM_MIRROR" ]; then
    npm config set registry $NPM_MIRROR
fi

# Set the DEV_MODE to false by default.
if [ -z "$DEV_MODE" ]; then
  export DEV_MODE=false
fi

# If NODE_ENV is not set by the user, then NODE_ENV is determined by whether
# the container is run in development mode.
if [ -z "$NODE_ENV" ]; then
  if [ "$DEV_MODE" == true ]; then
    export NODE_ENV=development
  else
    export NODE_ENV=production
  fi
fi

PACKAGE_MANAGER="npm"

NPM_LOCK=./package-lock.json
PNPM_LOCK=./pnpm-lock.yaml
YARN_LOCK=./yarn-lock.json

INSTALL_SCRIPT="$PACKAGE_MANAGER install"
PRUNE_SCRIPT="npm prune"

if [[ -f "$NPM_LOCK" ]]; then
    echo "---> npm lockfile found"
    echo "---> Use npm ci ..."
    INSTALL_SCRIPT="npm ci"

elif [[ -f "$PNPM_LOCK" ]]; then
    echo "---> pnpm lockfile found"
    echo "---> Installing pnpm ..."
    PACKAGE_MANAGER="pnpm"
    INSTALL_SCRIPT="pnpm install"
    PRUNE_SCRIPT="pnpm prune --prod"
    npm install -g pnpm
    pnpm config set store-dir ~/.pnpm-store
elif [[ -f "$YARN_LOCK" ]]; then
    echo "---> yarn lockfile found"
    echo "---> Installing yarn ..."
    npm install -g yarn
    PACKAGE_MANAGER="yarn"
    INSTALL_SCRIPT="yarn install"
    PRUNE_SCRIPT="yarn prune"

fi

if [ "$NODE_ENV" != "production" ]; then

    echo "---> Building your Node application from source"
    $INSTALL_SCRIPT

else

    echo "---> Installing all dependencies"
    NODE_ENV=development $INSTALL_SCRIPT

    #do not fail when there is no build script
    echo "---> Building in production mode"
    $PACKAGE_MANAGER run build --if-present

    echo "---> Pruning the development dependencies"
    NODE_ENV=development $PRUNE_SCRIPT

    if [ "$PACKAGE_MANAGER" == "npm" ]; then
        NPM_TMP=$(npm config get tmp)
        if ! mountpoint $NPM_TMP; then
            echo "---> Cleaning the $NPM_TMP/npm-*"
            rm -rf $NPM_TMP/npm-*
        fi
        # Clear the npm's cache and tmp directories only if they are not a docker volumes
        NPM_CACHE=$(npm config get cache)
        if ! mountpoint $NPM_CACHE; then
            echo "---> Cleaning the npm cache $NPM_CACHE"
            #As of npm@5 even the 'npm cache clean --force' does not fully remove the cache directory
            # instead of $NPM_CACHE* use $NPM_CACHE/*.
            # We do not want to delete .npmrc file.
            rm -rf "${NPM_CACHE:?}/"
        fi
    fi
fi


# Fix source directory permissions
fix-permissions ./

Known issues

• yarn and pnpm has their own specific command in different version. there might be have breaking change of cli command. like pnpm v6 and v7. the people should be able to install package manager with specific version

Related issues

• Adding yarn support into nodejs images #137