chore(ci): Nx for github validations #6095
Conversation
Nodonisko
requested review from
szymonlesisz,
karliatto,
marekrjpolak,
mroz22,
matejkriz,
tomasklim,
bouchja1,
juriczech,
dahaca,
andrcj and
sime
as code owners
Socket Security ReportDependency issues detected. If you merge this pull request, you will not be alerted to the instances of these issues again. 📜 New install scripts detectedA dependency change in this PR is introducing new install scripts to your install step.
🫣 Native codeContains native code which could be a vector to obscure malicious code, and generally decrease the likelihood of reproducible or reliable installs.
Socket.dev scan summary
Powered by socket.dev |
Nodonisko
force-pushed
the
chore/nx
branch
4 times, most recently
from
7650e1c to
4a83230
Compare
Nodonisko
changed the title
| @@ -9,6 +9,7 @@ jobs: | |||
| - uses: actions/checkout@v3 | |||
| with: | |||
| submodules: "true" | |||
| fetch-depth: 0 | |||
There was a problem hiding this comment.
It's recommended in Nx Githib actions guide, without this affected command will throw error because develop branch is not fetched
nx.json
Outdated
| "lint:styles", | ||
| "build:lib" | ||
| ], | ||
| "accessToken": "MzdkNzIwNjUtMWUyZC00YTU2LThlY2YtYjQzYzU0ZThjNTg0fHJlYWQtd3JpdGU=", |
There was a problem hiding this comment.
Maybe there is a way not to share access token publicly? This way we need to be very sure, that we don't rely on it for release builds.
There was a problem hiding this comment.
I think it doesn't matter for this kind of token, it's storing just hashes of packages, not actual build outputs. I would suggest definitely do more investigating before using it any kind of production stuff, but for validation it's good enough.
There was a problem hiding this comment.
I will generate read only token that will be here and generate new write token that will be set using env variables.
There was a problem hiding this comment.
Old token was invalidated, new one is read-only and second new one with RW rights will be distributed using env variable.
* chore(ci): Nx for github validations * chore: tune config * chore: eslint scripts faster and unified settings * chore: check formatting using nx * chore: read-only NX token
Nx can performs packages scrips only on smallest possible affected package tree. For example if you will only do changes to
@trezor/suiteit will check that package and packages that depends on it likesuite-desktop. Other packages will be ignored (for example connect packages which doesn't depends on @trezor/suite).That could speed things a lot and it's will be even better when we will split code into more smaller packages. More smaller packages => faster everything. More info about how Nx works here => https://nx.dev/getting-started/intro
It also has distributed caching that can speed things even more => https://nx.app
This implementation is very limited and we are using only very small subset of Nx features and there is huge space for improvements. Some of the improvements are here #6103
Closes #4936