(lambda-nodejs): NodeJsFunction does not correctly install function dependencies since 1.110.0
See original GitHub issueThis pull request which has been merged into 1.110.0 seems to create issues with our CDK project which cannot bundle our Lambda functions part of our project anymore.
While running npm ci
instead of npm install
seems like a good idea since it will not update package-lock.json
, in reality it is preventing us to build our Lambda functions that are part of a CDK project.
Reproduction Steps
Create a sample CDK project and a NodeJsFunction
that is part of the project. The function should be in its own directory with its own package.json
and package-lock.json
. Give the Lambda function a dependency (e.g lodash.template
).
Instanciate NodeJsFunction
in the CDK project to use with ESBuild.
const description = JSON.parse(fs.readFileSync(path.resolve(__dirname, 'lambdas', 'transformer', 'package.json')).toString());
const transformer = new node.NodejsFunction(this, 'Transformer', {
entry: `${__dirname}/lambdas/transformer/index.js`,
runtime: lambda.Runtime.NODEJS_14_X,
handler: 'handler',
logRetention: logs.RetentionDays.ONE_MONTH,
bundling: {
nodeModules: Object.keys(description.dependencies),
externalModules: ['aws-sdk']
}
});
The above example will install the dependencies
specified in the package.json
of the Lambda function and since 1.110.0 will run npm ci
instead of npm install
.
What did you expect to happen?
The installation of the dependencies to be correctly installed and the function to be bundled.
What actually happened?
The installation failed with error cipm can only install packages when your package.json and package-lock.json or npm-shrinkwrap.json are in sync. Please update your lock file with
npm install before continuing.
.
This happens even if the package.json
and the package-lock.json
of the Lambda function are in sync.
The reason why this happens is because the package.json
the AWS CDK creates for the function before running npm
in the cdk.out/
directory is not the same as the original package.json
of the Lambda function. The generated package.json
in the bundle folder looks like the below.
{"dependencies": {"lodash.template": "^4.5.0"}}
Because npm ci
will stop if it finds that the package.json
and package-lock.json
are not the same, which is clearly the case because the CDK generates a package.json
instead of using the original one, we get the error message.
Environment
- CDK CLI Version : 1.110.0
- Framework Version:
- Node.js Version: 14.17.0
- OS : MacOS
- Language (Version): TypeScript (4.3.5)
This is 🐛 Bug Report
Issue Analytics
- State:
- Created 2 years ago
- Comments:5 (2 by maintainers)
Top GitHub Comments
@HQarroum sorry for the breaking change.
How about specifying
depsLockFilePath
? I think it should solve your issue. Without it it’s the root lock file that is being copied and that’s whynpm
complains about the files not being in sync.⚠️COMMENT VISIBILITY WARNING⚠️
Comments on closed issues are hard for our team to see. If you need more assistance, please either tag a team member or open a new issue that references this one. If you wish to keep having a conversation with other community members under this issue feel free to do so.