Giters

goldbergyoni / nodebestpractices

:white_check_mark: The Node.js best practices list (February 2024)

Home Page:https://twitter.com/nodepractices/

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Is using cache for npm install in docker safe?

Motii1 opened this issue · comments

commented

I was wondering about the point 8.1 Use multi-stage builds for leaner and more secure Docker images and the example stated there:

FROM node:14.4.0 AS build

COPY . .
RUN npm ci && npm run build


FROM node:slim-14.4.0

USER node
EXPOSE 8080

COPY --from=build /home/node/app/dist /home/node/app/package.json /home/node/app/package-lock.json ./
RUN npm ci --production

CMD [ "node", "dist/app.js" ]

My idea here for speed up this build by using the cache:

FROM node:14.4.0 AS build

COPY . .
RUN npm ci --cache .npm --prefer-offline && npm run build


FROM node:slim-14.4.0

USER node
EXPOSE 8080

COPY --from=build /home/node/app/.npm ./.npm
COPY --from=build /home/node/app/dist /home/node/app/package.json /home/node/app/package-lock.json ./
RUN npm ci --production --cache .npm --prefer-offline

CMD [ "node", "dist/app.js" ]

But the only consideration that I have is Is it safe?