angular-docs-cn/.circleci
Paul Gschwendtner 71498a407a ci: remove integration test "uname -a" command (#30006)
We recently added the "uname -a" command to the CircleCI
integration test in order to identify Linux kernels that
broke Chrome sandboxing.

Since this issue seems to be claimed as fixed by the CircleCI
support and we didn't see any sandboxing issues the last month,
we are removing the debugging command we added.

PR Close #30006
2019-04-22 08:46:51 -07:00
..
README.md build: use bazel version from node modules (#26691) 2018-10-30 16:19:13 -04:00
bazel.rc build: fix bazel repositories not cached on circleci (#28515) 2019-02-05 13:06:24 -05:00
config.yml ci: remove integration test "uname -a" command (#30006) 2019-04-22 08:46:51 -07:00
env-helpers.inc.sh ci: fix setting env var with spaces in value (#28494) 2019-02-01 20:22:03 -05:00
env.sh ci: add yarn cache for material-unit tests job (#29378) 2019-03-19 17:14:53 -04:00
gcp_token build(bazel): Run build-packages-dist on RBE (#25237) 2018-08-20 16:34:45 -07:00
get-commit-range.js ci: correctly detect status 400 as failure in `get-commit-range` (#29839) 2019-04-11 08:20:25 -07:00
github_token ci: re-encrypt .circleci/github_token (#26698) 2018-10-23 13:31:48 -07:00
setup_cache.sh Revert "build: update to newer circleCI bazel remote cache proxy (#25054)" (#25076) 2018-07-24 16:05:58 -07:00
trigger-webhook.js ci(docs-infra): manually trigger the preview server webhook (#27458) 2018-12-04 13:59:54 -08:00

README.md

Encryption

Based on https://github.com/circleci/encrypted-files

In the CircleCI web UI, we have a secret variable called KEY https://circleci.com/gh/angular/angular/edit#env-vars which is only exposed to non-fork builds (see "Pass secrets to builds from forked pull requests" under https://circleci.com/gh/angular/angular/edit#advanced-settings)

We use this as a symmetric AES encryption key to encrypt tokens like a GitHub token that enables publishing snapshots.

To create the github_token file, we take this approach:

  • Find the angular-builds:token in http://valentine
  • Go inside the CircleCI default docker image so you use the same version of openssl as we will at runtime: docker run --rm -it circleci/node:10.12
  • echo "https://[token]:@github.com" > credentials
  • openssl aes-256-cbc -e -in credentials -out .circleci/github_token -k $KEY
  • If needed, base64-encode the result so you can copy-paste it out of docker: base64 github_token