honeymoose/angular-cn
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
angular-cn/.circleci
History
Joey Perrott c5c57f6737 build: update to clang 1.4.0 and only run clang format on changed files (#36203) 
Update to clang@1.4.0 to gain support for optional changing and nullish
coalescing.  Because this would trigger a change on >1800 files in the
repository, also changes our format enforcement to only be run against
changed files.  This will allow us to incramentally roll out the value
add of the upgraded clang format.

PR Close #36203
2020-04-01 13:18:09 -07:00
..
bazel.common.rc
refactor: simplify bazel saucelabs targets using karma pre-test wrapper and shared saucelabs connection between tests (#34769)
2020-01-28 13:47:00 -08:00
bazel.linux.rc
ci: move setup of bazel configurations into the env init scripts (#34834)
2020-01-22 14:37:02 -05:00
bazel.windows.rc
ci: always set up RBE for bazel executions on CI (#34834)
2020-01-22 14:37:02 -05:00
config.yml
build: update to clang 1.4.0 and only run clang format on changed files (#36203)
2020-04-01 13:18:09 -07:00
env-helpers.inc.sh
ci(docs-infra): use the tests from the stable branch in aio_monitoring_stable CircleCI job (#30110)
2019-04-26 16:33:45 -07:00
env.sh
build: update to clang 1.4.0 and only run clang format on changed files (#36203)
2020-04-01 13:18:09 -07:00
gcp_token
ci: update gcp_token (#31405)
2019-07-03 08:54:02 -07:00
github_token
ci: re-encrypt .circleci/github_token (#26698)
2018-10-23 13:31:48 -07:00
README.md
build: use bazel version from node modules (#26691)
2018-10-30 16:19:13 -04:00
setup_cache.sh
Revert "build: update to newer circleCI bazel remote cache proxy (#25054)" (#25076)
2018-07-24 16:05:58 -07:00
trigger-webhook.js
ci(docs-infra): manually trigger the preview server webhook (#27458)
2018-12-04 13:59:54 -08:00
windows-env.ps1
build: depend on bazelisk rather than directly on Bazel (#36078)
2020-03-16 10:58:06 -07:00

README.md

Encryption

Based on https://github.com/circleci/encrypted-files

In the CircleCI web UI, we have a secret variable called KEY https://circleci.com/gh/angular/angular/edit#env-vars which is only exposed to non-fork builds (see "Pass secrets to builds from forked pull requests" under https://circleci.com/gh/angular/angular/edit#advanced-settings)

We use this as a symmetric AES encryption key to encrypt tokens like a GitHub token that enables publishing snapshots.

To create the github_token file, we take this approach:

  • Find the angular-builds:token in http://valentine
  • Go inside the CircleCI default docker image so you use the same version of openssl as we will at runtime: docker run --rm -it circleci/node:10.12
  • echo "https://[token]:@github.com" > credentials
  • openssl aes-256-cbc -e -in credentials -out .circleci/github_token -k $KEY
  • If needed, base64-encode the result so you can copy-paste it out of docker: base64 github_token