Prefetching dependencies with Cachi2 #285
Conversation
|
This is disappointing, especially since the docs make it seem like the feature should be available already:
The general approach of using a PREFETCH arg seems to fine to me though, FWIW. |
Looks like this is fixed now! The main issue was that the @sfowl since you're on board with this approach, I’ll go ahead and expand it to include prefetching support for other dependencies |
|
|
||
| ## redocly (https://github.com/Redocly/redocly-cli) | ||
| RUN mkdir -p /tmp/redocly/node_modules && npm install --prefix /tmp/redocly @redocly/[email protected] | ||
| COPY package.json package-lock.json /tmp/redocly/ |
There was a problem hiding this comment.
Cachi2 relies on package.json and package-lock.json files to manage the prefetching of npm dependencies. So, instead of explicitly installing the redocly/cli package, it has been added to the package.json for automatic handling.
| RUN mkdir -p /tmp/redocly/node_modules && npm install --prefix /tmp/redocly @redocly/[email protected] | ||
| COPY package.json package-lock.json /tmp/redocly/ | ||
| RUN mkdir -p /tmp/redocly/node_modules && if [ "$PREFETCH" == "true" ]; then \ | ||
| npm install --offline --prefix /tmp/redocly; \ |
There was a problem hiding this comment.
The offline argument has been added to block any external access when installing npm dependencies, making sure everything comes from Cachi2. Essentially, Konflux will update the remote dependencies in the package-lock.json to point to the local file system using Cachi2’s inject-files feature
|
|
||
| # These versions should be consistent with the listed in the artifacts.lock.yaml file | ||
| ARG ZAP_VERSION=2.15.0 | ||
| ARG FF_VERSION=128.6.0esr |
There was a problem hiding this comment.
Firefox is now locked to a specific version. Previously, it was downloading the latest one, but in order to validate the checksum with Cachi2, we need to specify a fixed version. We could continue fetching the latest version when binaries aren’t pre-fetched, but I wanted to maintain consistency across both approaches.
package-lock.json
Outdated
There was a problem hiding this comment.
This file, along with the package.json, was generated by simply running npm install @redocly/[email protected]. This file includes a modification compared to the one generated directly, I've added the version key, as Cachi2 requires it. Without this key, it will fail to download dependencies:
2025-01-28 16:17:34,068 ERROR KeyError: 'version'
|
This PR is ready for review. Other dependencies will be handled in separate PRs. |
This is an initial PR to get feedback on prefetching dependencies using Cachi2. Since Rapidast uses Konflux as the build system, this relies on Cachi2 support in Konflux
The konflux buildah-oci-ta.yaml v0.2 task, used to build the Rapidast image, mounts the prefetched dependencies into
/cachi2. So, theContainerfilehas been updated to retrieve dependencies from/cachi2when prefetching is enabled.To keep the
Containerfileworking for non-Konflux builds, I’ve added a build-time variable calledPREFETCH. IfPREFETCH=true, the build will try to use/cachi2for dependencies. If not, it’ll just pull dependencies the same way it did before.If this approach makes sense, I’ll add prefetching support for other dependencies
EDIT:
Dependencies covered by this PR:
Dependencies not covered by this PR: