Fds 1590 container scan #714
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: shiny-deploy | |
on: | |
pull_request: | |
branches: | |
- main | |
jobs: | |
shiny-deploy: | |
runs-on: ubuntu-latest | |
container: rocker/rstudio:4.1.2 | |
env: | |
GITHUB_PAT: ${{ secrets.GITHUB_TOKEN }} | |
DCA_SCHEMATIC_API_TYPE: rest | |
DCA_API_HOST: "https://schematic-dev.api.sagebionetworks.org" | |
steps: | |
- name: Install System Dependencies | |
run: | | |
sudo apt-get update | |
sudo apt-get install -y libcurl4-openssl-dev libpng-dev libxml2-dev | |
- uses: actions/checkout@v3 | |
- uses: r-lib/actions/setup-pandoc@v2 | |
- if: ${{env.DCA_SCHEMATIC_API_TYPE == 'reticulate' }} | |
name: Install python | |
run: | | |
sudo apt-get install -y pip python3.8-venv | |
- if: ${{env.DCA_SCHEMATIC_API_TYPE == 'reticulate' }} | |
name: Set up virtual environment | |
# When shinyapps.io supports python 3.9+ split this into two steps | |
# to install schematic from pypi or github | |
shell: bash | |
run: | | |
python3 -m venv .venv | |
chmod 755 .venv/bin/activate | |
source .venv/bin/activate | |
- if: ${{env.DCA_SCHEMATIC_API_TYPE == 'reticulate' }} | |
name: Install schematicpy | |
shell: bash | |
run: | | |
source .venv/bin/activate | |
pip install schematicpy==23.1.1 | |
# https://github.com/actions/setup-python/blob/main/docs/advanced-usage.md#caching-packages | |
# For the future, look at poetry install | |
# - uses: actions/checkout@v3 | |
# - name: Install poetry | |
# run: pipx install poetry | |
# - uses: actions/setup-python@v4 | |
# with: | |
# python-version: '3.9' | |
# cache: 'poetry' | |
# - run: poetry install | |
# - run: poetry run pytest | |
# | |
- name: Set Configurations for Schematic | |
# write out configuration files using github secrets | |
if: ${{env.DCA_SCHEMATIC_API_TYPE == 'reticulate' }} | |
shell: bash | |
run: | | |
echo "${{ secrets.SCHEMATIC_SYNAPSE_CONFIG }}" > .synapseConfig | |
- name: Save service account credentials for Schematic | |
if: ${{env.DCA_SCHEMATIC_API_TYPE == 'reticulate' }} | |
id: create-json | |
uses: jsdaniell/[email protected] | |
with: | |
name: 'schematic_service_account_creds.json' | |
json: ${{ secrets.SCHEMATIC_SERVICE_ACCT_CREDS }} | |
- if: ${{env.DCA_SCHEMATIC_API_TYPE == 'reticulate' }} | |
name: Set Configurations for Data Model | |
shell: bash | |
run: | | |
source .venv/bin/activate | |
# download the data models and create config.json | |
python3 .github/config_schema.py \ | |
-c schematic_config.yml \ | |
--service_repo 'Sage-Bionetworks/schematic' \ | |
--overwrite | |
- if: ${{env.DCA_SCHEMATIC_API_TYPE == 'reticulate' }} | |
name: zip virtual env | |
shell: bash | |
# ShinyApps has a limit of 7000 files, far exceeded by the many Python dependencies | |
# that this app' has. As a workaround we zip the virtual environment and later | |
# unzip it in 'global.R' | |
run: | | |
zip -rm .venv.zip .venv | |
- uses: r-lib/actions/setup-renv@v2 | |
- name: shinyapps.io R pkg hack | |
# Delete files that makes shinyapps.io treat this like a golem app | |
shell: bash | |
run: | | |
cp R/* functions/ | |
rm -r R/ DESCRIPTION NAMESPACE | |
- name: Write R environmental variables | |
shell: bash | |
run: | | |
echo 'DCA_CLIENT_ID="${{ secrets.OAUTH_CLIENT_ID }}"' >> .Renviron | |
echo 'DCA_CLIENT_SECRET="${{ secrets.OAUTH_CLIENT_SECRET }}"' >> .Renviron | |
echo 'DCA_SCHEMATIC_API_TYPE="${{ env.DCA_SCHEMATIC_API_TYPE }}"' >> .Renviron | |
echo 'DCA_API_HOST="${{ env.DCA_API_HOST }}"' >> .Renviron | |
echo 'DCA_SYNAPSE_PROJECT_API=TRUE' >> .Renviron | |
echo 'DCA_DCC_CONFIG="https://raw.githubusercontent.com/Sage-Bionetworks/data_curator_config/shinyapps-io/dcc_config.csv"' >> .Renviron | |
echo 'GITHUB_PAT="${{ secrets.GITHUB_TOKEN }}"' >> .Renviron | |
- name: Authorize and deploy app | |
shell: Rscript {0} | |
run: | | |
renv::restore() | |
install.packages("rsconnect") | |
repo <- Sys.getenv("GITHUB_REPOSITORY") | |
appName <- strsplit(repo, "/")[[1]][2] | |
refName <- Sys.getenv("GITHUB_REF_NAME") | |
# if tag is v*.*.*, deploy to prod, if main to staging, otherwise to test | |
if (grepl("v[0-9]+.[0-9]+.[0-9]+", refName)) { | |
message("Deploying release version of app") | |
} else if (refName %in% c("main")) { | |
appName <- paste(appName, "staging", sep = "-") | |
message("Deploying staging version of app") | |
} else { | |
appName <- paste(appName, "testing1", sep = "-") | |
message("Deploying testing version of app") | |
} | |
message(sprintf("Deploying to %s instance.", appName)) | |
rsConnectUser <- "${{ secrets.RSCONNECT_USER }}" | |
rsConnectToken <- "${{ secrets.RSCONNECT_TOKEN }}" | |
rsConnectSecret <- "${{ secrets.RSCONNECT_SECRET }}" | |
rsconnect::setAccountInfo(rsConnectUser, rsConnectToken, rsConnectSecret) | |
# Set app URL for OAuth | |
appUrl <- sprintf("https://%s.shinyapps.io/%s", rsConnectUser, appName) | |
renviron <- readLines(".Renviron") | |
renviron <- c(renviron, sprintf("DCA_APP_URL=%s", appUrl)) | |
writeLines(renviron, ".Renviron") | |
# Get app names. If app exists, configure then deploy. Otherwise | |
# deploy then configure. | |
apps <- rsconnect::applications()$name | |
if (appName %in% apps) { | |
rsconnect::configureApp(appName = appName, size = "xxxlarge", logLevel = "verbose") | |
rsconnect::deployApp(appName = appName) | |
} else { | |
rsconnect::deployApp(appName = appName) | |
rsconnect::configureApp(appName = appName, size = "xxxlarge", logLevel = "verbose") | |
} |