honeymoose/angular-cn
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
angular-cn/.circleci
History
George Kalpakas 582ef2e7b4 ci(docs-infra): split the aio_monitoring CircleCI job into two jobs (#30110) 
Previously, the `aio_monitoring` job was testing both the stable
(https://angular.io/) and the @next (https://next.angular.io/) versions.

This commit splits the tests into two separate jobs (still run as part
of the same workflow). This speeds up the tests (since the two jobs can
now run in parallel) and makes it easier to isolate failures (e.g.
identify which branch is failing, disable one of the two, etc.).
(Credits to @petebacondarwin 😉)

PR Close #30110
2019-04-26 16:33:45 -07:00
..
bazel.rc
build: fix bazel repositories not cached on circleci (#28515)
2019-02-05 13:06:24 -05:00
config.yml
ci(docs-infra): split the aio_monitoring CircleCI job into two jobs (#30110)
2019-04-26 16:33:45 -07:00
env-helpers.inc.sh
ci: fix setting env var with spaces in value (#28494)
2019-02-01 20:22:03 -05:00
env.sh
ci: add yarn cache for material-unit tests job (#29378)
2019-03-19 17:14:53 -04:00
gcp_token
build(bazel): Run build-packages-dist on RBE (#25237)
2018-08-20 16:34:45 -07:00
get-commit-range.js
ci: correctly detect status 400 as failure in get-commit-range (#29839)
2019-04-11 08:20:25 -07:00
github_token
ci: re-encrypt .circleci/github_token (#26698)
2018-10-23 13:31:48 -07:00
README.md
build: use bazel version from node modules (#26691)
2018-10-30 16:19:13 -04:00
setup_cache.sh
Revert "build: update to newer circleCI bazel remote cache proxy (#25054)" (#25076)
2018-07-24 16:05:58 -07:00
trigger-webhook.js
ci(docs-infra): manually trigger the preview server webhook (#27458)
2018-12-04 13:59:54 -08:00

README.md

Encryption

Based on https://github.com/circleci/encrypted-files

In the CircleCI web UI, we have a secret variable called KEY https://circleci.com/gh/angular/angular/edit#env-vars which is only exposed to non-fork builds (see "Pass secrets to builds from forked pull requests" under https://circleci.com/gh/angular/angular/edit#advanced-settings)

We use this as a symmetric AES encryption key to encrypt tokens like a GitHub token that enables publishing snapshots.

To create the github_token file, we take this approach:

  • Find the angular-builds:token in http://valentine
  • Go inside the CircleCI default docker image so you use the same version of openssl as we will at runtime: docker run --rm -it circleci/node:10.12
  • echo "https://[token]:@github.com" > credentials
  • openssl aes-256-cbc -e -in credentials -out .circleci/github_token -k $KEY
  • If needed, base64-encode the result so you can copy-paste it out of docker: base64 github_token