honeymoose/angular-cn
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
angular-cn/.circleci
History
Joey Perrott ef665889a1 ci: always set up RBE for bazel executions on CI (#34834) 
Since we always execute our bazel commands using RBE on CI
we should not have separete tasks of configuring bazel
and setting up RBE for bazel.  Enabling RBE for bazel should
be part of our bazel configuration process on CI.

PR Close #34834
2020-01-22 14:37:02 -05:00
..
bazel.common.rc
ci: run acceptance tests on saucelabs with ivy (#34277)
2019-12-16 07:43:41 -08:00
bazel.linux.rc
ci: always set up RBE for bazel executions on CI (#34834)
2020-01-22 14:37:02 -05:00
bazel.windows.rc
ci: always set up RBE for bazel executions on CI (#34834)
2020-01-22 14:37:02 -05:00
config.yml
ci: always set up RBE for bazel executions on CI (#34834)
2020-01-22 14:37:02 -05:00
env-helpers.inc.sh
ci(docs-infra): use the tests from the stable branch in aio_monitoring_stable CircleCI job (#30110)
2019-04-26 16:33:45 -07:00
env.sh
ci: update material-unit-tests job commit to latest (#34863)
2020-01-21 13:13:51 -05:00
gcp_token
ci: update gcp_token (#31405)
2019-07-03 08:54:02 -07:00
get-commit-range.js
ci: work around CIRCLE_COMPARE_URL not being available wih CircleCI Pipelines (#32537)
2019-09-09 12:21:44 -04:00
get-vendored-yarn-path.js
ci: avoid hard-coding path to local yarn executable (#34384)
2019-12-16 07:39:58 -08:00
github_token
ci: re-encrypt .circleci/github_token (#26698)
2018-10-23 13:31:48 -07:00
README.md
build: use bazel version from node modules (#26691)
2018-10-30 16:19:13 -04:00
setup_cache.sh
Revert "build: update to newer circleCI bazel remote cache proxy (#25054)" (#25076)
2018-07-24 16:05:58 -07:00
setup-rbe.sh
test(ivy): update Material to recent commit from master branch (#31569)
2019-07-25 13:08:33 -07:00
trigger-webhook.js
ci(docs-infra): manually trigger the preview server webhook (#27458)
2018-12-04 13:59:54 -08:00
windows-env.ps1
ci: use CircleCI commands (#32745)
2019-10-02 09:34:11 -07:00
windows-yarn-setup.ps1
ci: use local, vendored yarn in Windows CI jobs (#34384)
2019-12-16 07:39:58 -08:00
windows-yarn.ps1.template
ci: use local, vendored yarn in Windows CI jobs (#34384)
2019-12-16 07:39:58 -08:00

README.md

Encryption

Based on https://github.com/circleci/encrypted-files

In the CircleCI web UI, we have a secret variable called KEY https://circleci.com/gh/angular/angular/edit#env-vars which is only exposed to non-fork builds (see "Pass secrets to builds from forked pull requests" under https://circleci.com/gh/angular/angular/edit#advanced-settings)

We use this as a symmetric AES encryption key to encrypt tokens like a GitHub token that enables publishing snapshots.

To create the github_token file, we take this approach:

  • Find the angular-builds:token in http://valentine
  • Go inside the CircleCI default docker image so you use the same version of openssl as we will at runtime: docker run --rm -it circleci/node:10.12
  • echo "https://[token]:@github.com" > credentials
  • openssl aes-256-cbc -e -in credentials -out .circleci/github_token -k $KEY
  • If needed, base64-encode the result so you can copy-paste it out of docker: base64 github_token