The bakery monorepo uses GitHub Actions for continuous integration and deployment, with Nx Cloud for distributed caching and task execution.
The CI pipeline runs on every push and pull request to ensure code quality and functionality.
.github/workflows/ci.yml- Main CI pipeline.github/workflows/pr.yml- Pull request checks.github/workflows/deploy.yml- Deployment pipeline
- Uses
dorny/paths-filterto detect which projects are affected - Optimizes CI time by only running relevant jobs
- Formatting: Ensures consistent code style with Prettier
- Linting: Runs ESLint on affected projects
- Type Checking: Validates TypeScript types
- Console Log Detection: Prevents console statements in production code
- Runs in parallel across 3 shards for faster execution
- Coverage reports uploaded to Codecov
- Uses Nx affected commands to test only changed code
- Runs Playwright tests for affected applications
- Tests run against production builds
- Artifacts saved for debugging failures
- Builds all affected projects in production mode
- Validates bundle sizes
- Uploads artifacts for deployment
- Runs
npm auditfor dependency vulnerabilities - Trivy scan for container security
- Results uploaded to GitHub Security tab
- Conventional Commits: PR titles must follow conventional commit format
- Auto-labeling: Labels added based on changed files
- Preview Deployments: Automatic Vercel preview for UI changes
- Bundle Size Analysis: Comments with size changes
- Test Coverage: Comments with coverage reports
The PR bot automatically comments with:
- Preview deployment links
- Test results summary
- Bundle size changes
- Coverage reports
| Application | Platform | Environment Variables |
|---|---|---|
| Shop | Vercel | NEXT_PUBLIC_API_URL, NEXT_PUBLIC_STRIPE_KEY |
| Management | Vercel | NEXT_PUBLIC_API_URL |
| Landing | GitHub Pages | None |
| API | Google Cloud Run | DATABASE_URL, JWT_SECRET |
- Automatic Deployments: Push to
maintriggers production deployment - Manual Deployments: Use workflow dispatch for staging/production
- Rollback: Each platform maintains deployment history
- Smoke tests run against deployed URLs
- Slack notifications sent with deployment status
- Monitoring alerts configured for production
# Run all unit tests
npm run test:unit
# Run tests for specific app
npm run test:unit:shop
npm run test:unit:management
npm run test:unit:landing
# Run tests for libraries
npm run test:unit:libs
# Watch mode
npm run test:unit:watch
# With coverage
npm run test:unit:coverage
# CI mode (optimized for CI)
npm run test:unit:ci# Run all E2E tests
npm run test:e2e
# Run E2E for specific app
npm run test:e2e:shop
npm run test:e2e:management
npm run test:e2e:landing
# CI mode (headless)
npm run test:e2e:ci
# Debug mode (headed browser)
npm run test:e2e:headed
npm run test:e2e:debug# Run integration tests
npm run test:integration# Run all validations (lint, type-check, tests)
npm run validate
# CI validation (includes E2E)
npm run validate:ci
# Validate only affected projects
npm run affected:validate- Create Nx Cloud account at https://nx.app
- Connect workspace:
npx nx connect-to-nx-cloud - Add
NX_CLOUD_ACCESS_TOKENto GitHub secrets
- Distributed Caching: Share build artifacts across CI runs
- Distributed Task Execution: Run tasks on multiple agents
- Performance Analytics: Track build times and bottlenecks
- Cost Reduction: Reduce CI minutes by 30-70%
See .github/nx-cloud.yml for:
- Cacheable operations
- Agent configuration
- Performance optimizations
NX_CLOUD_ACCESS_TOKEN- Nx Cloud access tokenCODECOV_TOKEN- Codecov integrationSLACK_WEBHOOK- Slack notifications
VERCEL_TOKEN- Vercel API tokenVERCEL_ORG_ID- Vercel organization IDVERCEL_SHOP_PROJECT_ID- Shop project IDVERCEL_MANAGEMENT_PROJECT_ID- Management project IDVERCEL_PREVIEW_PROJECT_ID- Preview project ID
GCP_SA_KEY- Service account JSON keyGCP_PROJECT_ID- Google Cloud project IDGCP_REGION- Deployment regionGCP_SERVICE_ACCOUNT- Service account email
DATABASE_URL- Production database connectionJWT_SECRET- JWT signing secretSTRIPE_PUBLIC_KEY- Stripe publishable key
# API URLs
NEXT_PUBLIC_API_URL=https://api.bakery.com
# Feature flags
NEXT_PUBLIC_ENABLE_ANALYTICS=true
NEXT_PUBLIC_ENABLE_PWA=true# Server-only
DATABASE_URL=postgresql://...
JWT_SECRET=...
REDIS_URL=redis://...
# Monitoring
SENTRY_DSN=...
LOG_LEVEL=info- Nx Cloud dashboard for build analytics
- GitHub Actions insights for workflow performance
- Slack notifications for failures
- Vercel Analytics for frontend performance
- Google Cloud Monitoring for API metrics
- Error tracking with Sentry
-
Cache Misses
- Check Nx Cloud connection
- Verify
NX_CLOUD_ACCESS_TOKEN - Clear cache:
nx reset
-
E2E Test Failures
- Download artifacts from GitHub
- Check Playwright traces
- Verify test URLs match deployment
-
Deployment Failures
- Check GitHub secrets configuration
- Verify environment variables
- Review deployment logs
# Clear all caches
npm run clean
# Reset Nx cache only
npm run clean:cache
# Check Nx configuration
npm run deps:check
# Analyze bundle sizes
npm run report:bundle- Use Affected Commands: Let Nx determine what to test/build
- Parallel Execution: Configure appropriate parallelism
- Cache Everything: Leverage Nx Cloud caching
- Monitor Performance: Track CI times and optimize
- Fail Fast: Run quick checks before expensive operations
When adding new projects:
- Update
.github/labeler.ymlwith new paths - Add project to build matrix in CI
- Configure deployment target if needed
- Update documentation