honeymoose/angular-cn
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
angular-cn/.circleci
History
Paul Gschwendtner 6d3a25d897 ci: run acceptance tests on saucelabs with ivy (#34277) 
Currently we only run Saucelabs on PRs using the legacy View Engine
build. Switching that build to Ivy is not trivial and there are various
options:

  1. Updating the R3 switches to use POST_R3 by default. At first glance,
  this doesn't look easy because the current ngtsc switch logic seems to
  be unidirectional (only PRE_R3 to POST_R3).

  2. Updating the legacy setup to run with Ivy. This sounds like the easiest
  solution at first.. but it turns out to be way more complicated. Packages
  would need to be built with ngtsc using legacy tools (i.e. first building
  the compiler-cli; and then building packages) and View Engine only tests
  would need to be determined and filtered out. Basically it will result in
  re-auditing all test targets. This is contradictory to the fact that we have
  this information in Bazel already.

  3. Creating a new job that runs tests on Saucelabs with Bazel. We specify
  fine-grained test targets that should run. This would be a good start
  (e.g. acceptance tests) and also would mean that we do not continue maintaining
  the legacy setup..

This commit implements the third option as it allows us to move forward
with the general Bazel migration. We don't want to spend too much time
on our legacy setup since it will be removed anyway in the future.

PR Close #34277
2019-12-16 07:43:41 -08:00
..
bazel.common.rc
ci: run acceptance tests on saucelabs with ivy (#34277)
2019-12-16 07:43:41 -08:00
bazel.linux.rc
ci: use circleci windows preview (#31266)
2019-08-19 13:32:14 -07:00
bazel.windows.rc
ci: set up window CI to use remote http caching (#33970)
2019-11-21 16:43:42 -05:00
config.yml
ci: run acceptance tests on saucelabs with ivy (#34277)
2019-12-16 07:43:41 -08:00
env-helpers.inc.sh
ci(docs-infra): use the tests from the stable branch in aio_monitoring_stable CircleCI job (#30110)
2019-04-26 16:33:45 -07:00
env.sh
ci: avoid hard-coding path to local yarn executable (#34384)
2019-12-16 07:39:58 -08:00
gcp_token
ci: update gcp_token (#31405)
2019-07-03 08:54:02 -07:00
get-commit-range.js
ci: work around CIRCLE_COMPARE_URL not being available wih CircleCI Pipelines (#32537)
2019-09-09 12:21:44 -04:00
get-vendored-yarn-path.js
ci: avoid hard-coding path to local yarn executable (#34384)
2019-12-16 07:39:58 -08:00
github_token
ci: re-encrypt .circleci/github_token (#26698)
2018-10-23 13:31:48 -07:00
README.md
build: use bazel version from node modules (#26691)
2018-10-30 16:19:13 -04:00
setup_cache.sh
Revert "build: update to newer circleCI bazel remote cache proxy (#25054)" (#25076)
2018-07-24 16:05:58 -07:00
setup-rbe.sh
test(ivy): update Material to recent commit from master branch (#31569)
2019-07-25 13:08:33 -07:00
trigger-webhook.js
ci(docs-infra): manually trigger the preview server webhook (#27458)
2018-12-04 13:59:54 -08:00
windows-env.ps1
ci: use CircleCI commands (#32745)
2019-10-02 09:34:11 -07:00
windows-yarn-setup.ps1
ci: use local, vendored yarn in Windows CI jobs (#34384)
2019-12-16 07:39:58 -08:00
windows-yarn.ps1.template
ci: use local, vendored yarn in Windows CI jobs (#34384)
2019-12-16 07:39:58 -08:00

README.md

Encryption

Based on https://github.com/circleci/encrypted-files

In the CircleCI web UI, we have a secret variable called KEY https://circleci.com/gh/angular/angular/edit#env-vars which is only exposed to non-fork builds (see "Pass secrets to builds from forked pull requests" under https://circleci.com/gh/angular/angular/edit#advanced-settings)

We use this as a symmetric AES encryption key to encrypt tokens like a GitHub token that enables publishing snapshots.

To create the github_token file, we take this approach:

  • Find the angular-builds:token in http://valentine
  • Go inside the CircleCI default docker image so you use the same version of openssl as we will at runtime: docker run --rm -it circleci/node:10.12
  • echo "https://[token]:@github.com" > credentials
  • openssl aes-256-cbc -e -in credentials -out .circleci/github_token -k $KEY
  • If needed, base64-encode the result so you can copy-paste it out of docker: base64 github_token