DEPRECATED - Please see https://github.com/clarin-eric/switchboard for latest version - Code Repository for the Language Resources Switchboard of CLARIN
Greatly decrease the likelihood of web crawlers (e.g. https://github.com/joaopsys/NowCrawling) to find and flag in the deployed javascript code, the credentials for the underlying storage service. It also makes the credentials less obvious to spot when somebody visually inspects the running source, while at the same time keeps the original source variables with intelligible and not misleading names for development purposes. This is accomplished trough uglify mangling.
The values for the creadentials are locally overriden downstream already inside the deployment server via the .env file. Pleae check the full Switchboard Docker compose project which bundles everything needed to run the switchboard in a single project. Just clone the repository and run ./control.sh start. You will have a full featured Switchboard up and running in a matter of seconds. Supply your own .env file to override the credentials.
Modify the default build strategy to build on Docker. This will allow for a more standard build across platforms, e.g. currently when building on OSX or on Linux, npm installs different dependency versions and thus generates a different package-lock.json on each platform, this file might break the build when trying to build the repository on a different platform. The new build strategy also includes Travis CI integration with automatic build checks on every commit and automatic artifact deployment on every release/tag.
Finally, it builds the project in the same fashion as required by the CLARIN docker CI workflow making sure via CI that the code committed on gitHub will later also build downstream on our gitLab pipelines.
I still have to document this new build strategy. But for now everyone can build things as usual, just do not commit the package-lock.json file (which should not be a problem if you build using npm install since it only generates the file but does not use it. Note that the CI builds using npm ci which actually uses the package-lock.json file).
If we want to build locally using the new strategy, a script was created to facilitate it: run build-with-docker.sh and your build output will be on /build directory.
If you want to run a development environment where you can develop and build inside docker using the same strategy, run from the root of this repository:
docker run -v $(pwd):/LRSwitchboard -i -t registry.gitlab.com/clarin-eric/docker-alpine-clrs-build_env:1.0.2
When building like this you can commit the generated package-lock.json since it was generated inside the same image that the CI uses to build the code.
If there are no objections, after this PR is merged I will transfer #60 to a different private repository and make this one public again, so that the whole docker CI workflow can work between github and gitlab. The passwords visible on it are always dummies and the labels are changed by the build before deployment.
This PR introduces changes under two scopes:
Greatly decrease the likelihood of web crawlers (e.g. https://github.com/joaopsys/NowCrawling) to find and flag in the deployed javascript code, the credentials for the underlying storage service. It also makes the credentials less obvious to spot when somebody visually inspects the running source, while at the same time keeps the original source variables with intelligible and not misleading names for development purposes. This is accomplished trough uglify mangling. The values for the creadentials are locally overriden downstream already inside the deployment server via the
.envfile. Pleae check the full Switchboard Docker compose project which bundles everything needed to run the switchboard in a single project. Just clone the repository and run./control.sh start. You will have a full featured Switchboard up and running in a matter of seconds. Supply your own.envfile to override the credentials.Modify the default build strategy to build on Docker. This will allow for a more standard build across platforms, e.g. currently when building on OSX or on Linux,
npminstalls different dependency versions and thus generates a differentpackage-lock.jsonon each platform, this file might break the build when trying to build the repository on a different platform. The new build strategy also includes Travis CI integration with automatic build checks on every commit and automatic artifact deployment on every release/tag. Finally, it builds the project in the same fashion as required by the CLARIN docker CI workflow making sure via CI that the code committed on gitHub will later also build downstream on our gitLab pipelines.I still have to document this new build strategy. But for now everyone can build things as usual, just do not commit the
package-lock.jsonfile (which should not be a problem if you build usingnpm installsince it only generates the file but does not use it. Note that the CI builds usingnpm ciwhich actually uses thepackage-lock.jsonfile). If we want to build locally using the new strategy, a script was created to facilitate it: runbuild-with-docker.shand your build output will be on/builddirectory.If you want to run a development environment where you can develop and build inside docker using the same strategy, run from the root of this repository:
docker run -v $(pwd):/LRSwitchboard -i -t registry.gitlab.com/clarin-eric/docker-alpine-clrs-build_env:1.0.2When building like this you can commit the generatedpackage-lock.jsonsince it was generated inside the same image that the CI uses to build the code.If there are no objections, after this PR is merged I will transfer #60 to a different private repository and make this one public again, so that the whole docker CI workflow can work between github and gitlab. The passwords visible on it are always dummies and the labels are changed by the build before deployment.