Add firebase functions. Change screenshot to write to temp files.

Author: tinayuangao

.travis.yml

@@ -4,6 +4,12 @@ sudo: false
 node_js:
   - '6.9.4'
 
+addons:
+  jwt:
+    # SAUCE_ACCESS_KEY<=secret for FIREBASE_ACCESS_TOKEN to work around travis-ci/travis-ci#7223, unencrypted value in valentine as FIREBASE_ACCESS_TOKEN>
+    # we alias FIREBASE_ACCESS_TOKEN to $SAUCE_ACCESS_KEY in env.sh and set the SAUCE_ACCESS_KEY there
+    - secure: "PKts/IbxuJRWWOEeiGbl8Z9zds0M+hIdCH/g/E4WbQ9yzSvSbdwzfmRfFccQFjxjsrY7+SJMVjsURZy+xUyBpzqgWYHUItnSVqjZb8DlyAU2IXyg8TM9BVLkGGe6k5k4PIFVmfMMMzQwWMM0X0W9w3oYmfHL5egxwSHvf9HIqLolLNXg8sqamIdS5d5KoCXf1c+oRjN/IMBktzNBR6N4OFOZQXVoepXNiIvTWAcTtOPBvFWdKP2n7RVioHKdm4a85aCUpDJp+LYGaLqiQZoRzmzfVTnAhTAPdd4ao5w/+jojrfZIHV55bqYF9rLnQMTneKsiyVNVYJzOLuxmARa/EEKfZld+J3rX4/o4cogrU38YSZF+T7J9g/7CTsnIZ3F6W6m+8iJbIBh55nGOQi5PVe458Q/nGb3fgQd2Z4+6lK9k479H4Ssh/Y7hbVQbepqEVIXzZKqWX6/ZE4iWoR/Q2dm0hySFmmB/R2etixX5JxhnHvgobTYIQ+1liJVp/3YFW1ru64Yg6yz/V291Bhh9g31znmTROCJ/usAmZZaLUqW1TDKnLIMP+M74MF9XERqcWKywXRFwxP4E5uDnx/vAyN49gL+SDfrBUxUtXrTkKZAlglwo9SgA7cOYEPWrionvKcGm87gCBYHFUmXZNQVzh212fpuJYXb/vy0sPDj8La4="
+
 branches:
   only:
   - master
@@ -12,11 +18,11 @@ env:
   global:
   - LOGS_DIR=/tmp/angular-material2-build/logs
   - SAUCE_USERNAME=angular-ci
-  - SAUCE_ACCESS_KEY=9b988f434ff8-fbca-8aa4-4ae3-35442987
   - BROWSER_STACK_USERNAME=angularteam1
   - BROWSER_STACK_ACCESS_KEY=BWCd4SynLzdDcv8xtzsB
   - BROWSER_PROVIDER_READY_FILE=/tmp/angular-material2-build/readyfile
   - BROWSER_PROVIDER_ERROR_FILE=/tmp/angular-material2-build/errorfile
+
   matrix:
     # Order: a slower build first, so that we don't occupy an idle travis worker waiting for others to complete.
     - MODE=lint
@@ -32,6 +38,9 @@ matrix:
   - env: "MODE=saucelabs_optional"
   - env: "MODE=browserstack_optional"
 
+before_install:
+  - source ./scripts/ci/env.sh
+
 install:
   - npm install
 

functions/config.json

@@ -0,0 +1,9 @@
+{  
+  "firebase": {
+    "apiKey": "AIzaSyBekh5ZSi1vEhaE2qetH4RU91gHmUmpqgg",
+    "authDomain": "material2-screenshots.firebaseapp.com",
+    "databaseURL": "https://material2-screenshots.firebaseio.com",
+    "storageBucket": "material2-screenshots.appspot.com",
+    "messagingSenderId": "975527407245"
+  }
+}

functions/index.js

@@ -0,0 +1,128 @@
+'use strict';
+
+const functions = require('firebase-functions');
+const gcs = require('@google-cloud/storage')();
+const admin = require('firebase-admin');
+const jwt = require('jsonwebtoken');
+const fs = require('fs');
+
+admin.initializeApp(functions.config().firebase);
+
+const dataTypes = ['filenames', 'commit', 'result', 'sha', 'travis'];
+const repoSlug = functions.config().repo.slug;
+const secret = functions.config().secret.key;
+const bucket = gcs.bucket(functions.config().firebase.storageBucket);
+
+/** Copy valid data from /temp/screenshot/reports/$prNumber/$secureToken/ to /screenshot/reports/$prNumber */
+exports.copyData = functions.database.ref('/temp/screenshot/reports/{prNumber}/{token1}/{token2}/{token3}/{dataType}')
+    .onWrite(event => {
+  const dataType = event.params.dataType;
+  if (dataTypes.indexOf(dataType) == -1) {
+    return;
+  }
+  return handleDataChange(event, dataType);
+});
+
+/** Copy valid data from /temp/screenshot/reports/$prNumber/$secureToken/ to /screenshot/reports/$prNumber */
+exports.copyDataResult = functions.database.ref('/temp/screenshot/reports/{prNumber}/{token1}/{token2}/{token3}/results/{filename}')
+    .onWrite(event => {
+  return handleDataChange(event, `results/${event.params.filename}`);
+});
+
+/** Copy valid data from database /temp/screenshot/images/$prNumber/$secureToken/ to storage /screenshots/$prNumber */
+exports.copyImage = functions.database.ref('/temp/screenshot/images/{prNumber}/{token1}/{token2}/{token3}/{dataType}/{filename}')
+    .onWrite(event => {
+    // Only edit data when it is first created. Exit when the data is deleted.
+    if (event.data.previous.exists() || !event.data.exists()) {
+      return;
+    }
+
+    const dataType = event.params.dataType;
+    const prNumber = event.params.prNumber;
+    const secureToken = `${event.params.token1}.${event.params.token2}.${event.params.token3}`;
+    const saveFilename = `${event.params.filename}.screenshot.png`;
+
+    if (dataType != 'diff' && dataType != 'test') {
+      return;
+    }
+
+    return validateSecureToken(secureToken, prNumber).then((payload) => {
+        const tempPath = `/tmp/${dataType}-${saveFilename}`
+        const filePath = `screenshots/${prNumber}/${dataType}/${saveFilename}`;
+        const binaryData = new Buffer(event.data.val(), 'base64').toString('binary');
+        fs.writeFile(tempPath, binaryData, 'binary');
+        return bucket.upload(tempPath, {
+            destination: filePath
+          }).then(() => {
+            return event.data.ref.parent.set(null);
+        });
+    }).catch((error) => {
+      console.error(`Invalid secure token ${secureToken} ${error}`);
+      return event.data.ref.parent.set(null);
+    });
+});
+
+/**
+ * Copy valid goldens from storage /goldens/ to database /screenshot/goldens/
+ * so we can read the goldens without credentials
+ */
+exports.copyGoldens = functions.storage.bucket(functions.config().firebase.storageBucket).object().onChange(event => {
+    const filePath = event.data.name;
+
+    // Get the file name.
+    const fileNames = filePath.split('/');
+    if (fileNames.length != 2 && fileNames[0] != 'goldens') {
+      return;
+    }
+    const filenameKey = fileNames[1].replace('.screenshot.png', '');
+
+    if (event.data.resourceState === 'not_exists') {
+      return admin.database().ref(`screenshot/goldens/${filenameKey}`).set(null);
+    }
+
+    // Download file from bucket.
+    const bucket = gcs.bucket(event.data.bucket);
+    const tempFilePath = `/tmp/${fileNames[1]}`;
+    return bucket.file(filePath).download({
+        destination: tempFilePath
+      }).then(() => {
+        const data = fs.readFileSync(tempFilePath);
+        return admin.database().ref(`screenshot/goldens/${filenameKey}`).set(data);
+    });
+});
+
+function handleDataChange(event, path) {
+  // Only edit data when it is first created. Exit when the data is deleted.
+  if (event.data.previous.exists() || !event.data.exists()) {
+    return;
+  }
+
+  const prNumber = event.params.prNumber;
+  const secureToken = `${event.params.token1}.${event.params.token2}.${event.params.token3}`;
+  const original = event.data.val();
+
+  return validateSecureToken(secureToken, prNumber).then((payload) => {
+      return admin.database().ref().child('screenshot/reports').child(prNumber).child(path).set(original).then(() => {
+        return event.data.ref.parent.set(null);
+      });
+  }).catch((error) => {
+      console.error(`Invalid secure token ${secureToken} ${error}`);
+    return event.data.ref.parent.set(null);
+  });
+}
+
+function validateSecureToken(token, prNumber) {
+  return new Promise((resolve, reject) => {
+      jwt.verify(token, secret, {issuer: 'Travis CI, GmbH'}, (err, payload) => {
+        if (err) {
+          reject(err.message || err);
+        } else if (payload.slug !== repoSlug) {
+          reject(`jwt slug invalid. expected: ${repoSlug}`);
+        } else if (payload['pull-request'].toString() !== prNumber) {
+          reject(`jwt pull-request invalid. expected: ${prNumber} actual: ${payload['pull-request']}`);
+        } else {
+          resolve(payload);
+        }
+      });
+  });
+}

functions/package.json

@@ -0,0 +1,10 @@
+{
+  "name": "angular-material2-functions",
+  "description": "Angular Material2 screenshot test functions",
+  "dependencies": {
+    "@google-cloud/storage": "^0.8.0",
+    "firebase-admin": "^4.1.3",
+    "firebase-functions": "^0.5.2",
+    "jsonwebtoken": "^7.3.0"
+  }
+}

package.json

@@ -58,6 +58,7 @@
     "dgeni-packages": "^0.16.5",
     "firebase-admin": "^4.1.2",
     "firebase-tools": "^2.2.1",
+    "firebase": "^3.7.2",
     "fs-extra": "^2.0.0",
     "glob": "^7.1.1",
     "google-cloud": "^0.48.0",

scripts/ci/env.sh

@@ -0,0 +1,12 @@
+#!/usr/bin/env bash
+
+
+if [[ ${TRAVIS:-} ]]; then
+  # If FIREBASE_ACCESS_TOKEN not set yet, export the FIREBASE_ACCESS_TOKEN using the JWT token that Travis generated and exported for SAUCE_ACCESS_KEY.
+  # This is a workaround for travis-ci/travis-ci#7223
+  # WARNING: FIREBASE_ACCESS_TOKEN should NOT be printed
+  export FIREBASE_ACCESS_TOKEN=${FIREBASE_ACCESS_TOKEN:-$SAUCE_ACCESS_KEY}
+
+  # - we overwrite the value set by Travis JWT addon here to work around travis-ci/travis-ci#7223 for FIREBASE_ACCESS_TOKEN
+  export SAUCE_ACCESS_KEY=9b988f434ff8-fbca-8aa4-4ae3-35442987
+fi

tools/gulp/tasks/e2e.ts

@@ -61,6 +61,7 @@ task('e2e', (done: (err?: string) => void) => {
     'serve:e2eapp',
     ':test:protractor',
     ':serve:e2eapp:stop',
+    'screenshots',
     (err: any) => done(err)
   );
 });