honeymoose
/
angular-cn
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
angular-cn/.circleci
History
Paul Gschwendtner 5615928df9 build: no longer run tslint from within gulp task (#35800) 
Switches our tslint setup to the standard `tslint.json` linter excludes.
The set of files that need to be linted is specified through a Yarn script.

For IDEs, open files are linted with the closest tslint configuration, if the
tslint IDE extension is set up, and the source file is not excluded.

We cannot use the language service plugin for tslint as we have multiple nested
tsconfig files, and we don't want to add the plugin to each tsconfig. We
could reduce that bloat by just extending from a top-level tsconfig that
defines the language service plugin, but unfortunately the tslint plugin does
not allow the use of tslint configs which are not part of the tsconfig project.

This is problematic since the tslint configuration is at the project root, and we
don't want to copy tslint configurations next to each tsconfig file.

Additionally, linting of `d.ts` files has been re-enabled. This has been
disabled in the past and a TODO has been left. This commit fixes the
lint issues and re-enables linting.

PR Close #35800
 		2020-03-03 09:20:49 -08:00
..
README.md build: use bazel version from node modules (#26691) 2018-10-30 16:19:13 -04:00
bazel.common.rc refactor: simplify bazel saucelabs targets using karma pre-test wrapper and shared saucelabs connection between tests (#34769) 2020-01-28 13:47:00 -08:00
bazel.linux.rc ci: move setup of bazel configurations into the env init scripts (#34834) 2020-01-22 14:37:02 -05:00
bazel.windows.rc ci: always set up RBE for bazel executions on CI (#34834) 2020-01-22 14:37:02 -05:00
config.yml build: no longer run tslint from within gulp task (#35800) 2020-03-03 09:20:49 -08:00
env-helpers.inc.sh ci(docs-infra): use the tests from the stable branch in `aio_monitoring_stable` CircleCI job (#30110) 2019-04-26 16:33:45 -07:00
env.sh ci: get rid of the `CI_CHROMEDRIVER_VERSION_ARG` env var (#35381) 2020-02-18 12:42:48 -08:00
gcp_token ci: update gcp_token (#31405) 2019-07-03 08:54:02 -07:00
github_token ci: re-encrypt .circleci/github_token (#26698) 2018-10-23 13:31:48 -07:00
setup_cache.sh Revert "build: update to newer circleCI bazel remote cache proxy (#25054)" (#25076) 2018-07-24 16:05:58 -07:00
trigger-webhook.js ci(docs-infra): manually trigger the preview server webhook (#27458) 2018-12-04 13:59:54 -08:00
windows-env.ps1 build: migrate to node@12.14.1 (#34955) 2020-01-27 09:31:22 -08:00

README.md

Encryption

Based on https://github.com/circleci/encrypted-files

In the CircleCI web UI, we have a secret variable called KEY https://circleci.com/gh/angular/angular/edit#env-vars which is only exposed to non-fork builds (see "Pass secrets to builds from forked pull requests" under https://circleci.com/gh/angular/angular/edit#advanced-settings)

We use this as a symmetric AES encryption key to encrypt tokens like a GitHub token that enables publishing snapshots.

To create the github_token file, we take this approach:

  • Find the angular-builds:token in http://valentine
  • Go inside the CircleCI default docker image so you use the same version of openssl as we will at runtime: docker run --rm -it circleci/node:10.12
  • echo "https://[token]:@github.com" > credentials
  • openssl aes-256-cbc -e -in credentials -out .circleci/github_token -k $KEY
  • If needed, base64-encode the result so you can copy-paste it out of docker: base64 github_token