Skip to content

CI (internal) vs external lock files #394

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
bestander opened this issue Sep 21, 2016 · 9 comments
Closed

CI (internal) vs external lock files #394

bestander opened this issue Sep 21, 2016 · 9 comments
Assignees
@bestander
Labels
cat-feature

Comments

@bestander
Copy link
Member

At FB we check in mirror folder with all .tar.gz files and yarn.lock that refers to them so that we could build node_modules offline (especially in CI).

We will want to commit yarn.lock with references to npm repo for the OSS users.

How can we make both mirror and external work together so that we could sync this file between internal and OSS code?
@bestander bestander mentioned this issue Sep 21, 2016
Closed
@bestander bestander self-assigned this Nov 27, 2016
@poeschko
Copy link

Maybe I'm missing something, but why does the lock file have to change at all when using a mirror? Can it not keep referencing the original source of a package (e.g. https://registry.yarnpkg.com) + checksum? If a mirror is set up in .yarnrc, the "primary key" into that mirror would still be package name + version + checksum; but the mirror would only be an (optional) cache, in addition to the original source.

@bestander
Copy link
Member Author

@poeschko, yeah, makes sense, related discussion for a more generic approach #393.
But I like that your way makes it configuration-less

@sjd78
Copy link

sjd78 commented Feb 7, 2017

Has there been any action on this issue recently? My team is hitting almost exactly the same issue trying to balance external pointing yarn.lock file in source control with internal pointing yarn.lock for CI.

@bestander
Copy link
Member Author

bestander commented Feb 7, 2017 via email

@gregsheremeta
Copy link

Just to reiterate, currently the lock file does need to change when reading from a mirror. The URLs need to be changed to just name + checksums. If they reference URLs,

$ yarn install --offline
yarn install v0.19.1
[1/4] Resolving packages...
[2/4] Fetching packages...
error Can't make a request in offline mode

But @poeschko 's idea is spot-on. Why should it have to?

I don't see why yarn shouldn't automatically stay offline and read the mirror when told to via --offline, but I'd also be ok with another option that did the same thing.

We currently work around this by postprocessing the lock file, which is a gross hack. But it works.

cp yarn.lock yarn.lock.bak
sed -i -e "s#resolved \"https.*/-/\(.*\)\"#resolved \\1#" yarn.lock

@bestander
Copy link
Member Author

Go ahead, send an RFC

@gregsheremeta
Copy link

@bestander Still want to split the work with us? :)

@bestander
Copy link
Member Author

Looks too easy to split :)
On a serious note, I am here to provide help here or on discord https://discordapp.com/invite/yarnpkg or by email [email protected]

@arcanis arcanis mentioned this issue Mar 28, 2017
Merged
@bestander
Copy link
Member Author

Ok, now fixed

@bschatz12 bschatz12 mentioned this issue Sep 10, 2019
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@bestander bestander

Labels
cat-feature
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@poeschko @bestander @gregsheremeta @sjd78