angular-cn/.circleci
Paul Gschwendtner b7c17ff207 ci: run legacy saucelabs for every build (#29255)
Recently we moved the Saucelabs job into a cronjob in order to avoid
heavy flakiness that we experienced due to a Saucelabs connect bug
that has been supposedly fixed by the Saucelabs team (no new version
is released yet though).

Our initial assumption was that we very rarely hit specific browser failures
and can therefore move the Saucelabs tests into a cronjob, but after some
days of having the cronjob, we realized that we actually hit browser-specific
failures quite often and that we should run the tests for every PR (like before)

PR Close #29255
2019-03-12 12:31:49 -07:00
..
README.md build: use bazel version from node modules (#26691) 2018-10-30 16:19:13 -04:00
bazel.rc build: fix bazel repositories not cached on circleci (#28515) 2019-02-05 13:06:24 -05:00
config.yml ci: run legacy saucelabs for every build (#29255) 2019-03-12 12:31:49 -07:00
env-helpers.inc.sh ci: fix setting env var with spaces in value (#28494) 2019-02-01 20:22:03 -05:00
env.sh ci: print sauce-connect log output on timeout (#29084) 2019-03-04 10:10:28 -08:00
gcp_token build(bazel): Run build-packages-dist on RBE (#25237) 2018-08-20 16:34:45 -07:00
get-commit-range.js docs: document why not using `compare-url` orb (#28010) 2019-01-10 10:50:30 -08:00
github_token ci: re-encrypt .circleci/github_token (#26698) 2018-10-23 13:31:48 -07:00
setup_cache.sh Revert "build: update to newer circleCI bazel remote cache proxy (#25054)" (#25076) 2018-07-24 16:05:58 -07:00
trigger-webhook.js ci(docs-infra): manually trigger the preview server webhook (#27458) 2018-12-04 13:59:54 -08:00

README.md

Encryption

Based on https://github.com/circleci/encrypted-files

In the CircleCI web UI, we have a secret variable called KEY https://circleci.com/gh/angular/angular/edit#env-vars which is only exposed to non-fork builds (see "Pass secrets to builds from forked pull requests" under https://circleci.com/gh/angular/angular/edit#advanced-settings)

We use this as a symmetric AES encryption key to encrypt tokens like a GitHub token that enables publishing snapshots.

To create the github_token file, we take this approach:

  • Find the angular-builds:token in http://valentine
  • Go inside the CircleCI default docker image so you use the same version of openssl as we will at runtime: docker run --rm -it circleci/node:10.12
  • echo "https://[token]:@github.com" > credentials
  • openssl aes-256-cbc -e -in credentials -out .circleci/github_token -k $KEY
  • If needed, base64-encode the result so you can copy-paste it out of docker: base64 github_token