skip to Main Content

I came across some strange behaviour when calling npm ci within an AWS CodePipeline.

The NPM docs recommend using npm ci ("clean install") instead of npm install in automated environments.
The AWS CDK docs follow this recommendation in their CDK pipelines example:

const pipeline = new pipelines.CodePipeline(this, 'Pipeline', {
  synth: new pipelines.ShellStep('Synth', {
    ...
    commands: [
      'npm ci',
      'npm run build',
      'npx cdk synth',
    ],
  }),
});

When I tried this, however, my pipelines failed at the npm ci command with a strange error message:

[Container] 2022/12/14 16:00:37 Running command npm ci
npm ERR! Cannot read property 'aws-cdk-lib' of undefined

The package aws-cdk-lib was the first entry in my package.json dependencies. So it seems like CodeBuild was not able to parse my dependencies when installing via npm ci. Strangely, everything worked fine when I replaced npm ci with npm install … but I wanted to find a way to make this work with npm ci.

2

Answers


  1. Chosen as BEST ANSWER

    The reason that npm ci does not work is that CodeBuild uses an old version of npm. When I checked, the newest release of npm was 9.2.0 but CodeBuild was using 6.14.17.

    Updating npm before running npm ci fixed the issue:

    const pipeline = new pipelines.CodePipeline(this, 'Pipeline', {
      synth: new pipelines.ShellStep('Synth', {
        ...
        // Update npm before running commands
        installCommands: ['npm i -g npm@latest'],
        commands: [
          'npm ci',
          'npm run build',
          'npx cdk synth',
        ],
      }),
    });
    

    A minimum working example of the issue and the fix can be found here.


  2. I had recently updated my node using nvm to v18 and this likely changed the lock version of the package-lock.json to one which is not compatible with the version of npm that is installed in CodeBuild.

    The solution would have been (had I not worked around it another way) use node v16 to update my package-lock.json before committing and releasing.

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search