Deploying Shiny app with GitHub Actions

I have a Shiny app that is part of a package. It deploys to from my local machine using rsconnect::deployApp().

I would like to set up a Github Action workflow that will deploy the app to on any push to the repo. The main difficulty I have is in storing my credentials as a secret and then passing that secret to rsconnect::setAccountInfo() within the Github Actions workflow.

My (slightly obscured) failed attempt to do this is as follows. Note that I have a Github secret called RSCONNECT associated with this repo that stores my secret.

on: [push, pull_request]

name: deploy-shiny

    runs-on: macOS-latest
      - uses: actions/checkout@v2
      - uses: r-lib/actions/setup-r@master
      - name: Install shiny
        run: |
          install.packages(c("shiny", "rsconnect"), type = "binary")
        shell: Rscript {0}
      - name: shinyapps credentials
          rsconnect_secret: ${{ secrets.RSCONNECT }}
        run: Rscript -e 'rsconnect::setAccountInfo(name="myusername", token="tokengoeshere", secret="$rsconnect_secret")'
        shell: Rscript {0}
1 Like

What exactly was the error that you got from setAccountInfo?

...or are you just forgetting to use deployApp afterwards ( ?

Hi @joseluizferreira,
No, I'm not forgetting to deployApp().

The problem is passing the Github secret to setAccountInfo().

I think the solution is to give up.

Ok. I don't use GH actions, just Gitlab CI (with RStudio Connect) which should be similar.

The way I pass secrets there is via an environment variable (+ Sys.getenv in Rscript). So I'd say that if rsconnect_secret is defined, your method should work... or you can try to import it in R using secret=Sys.getenv("rsconnect_secret").

It should be safer too

Thank you, I’ll try that

1 Like

Besides, I just realized that you are using single quotes and $rsconnect_secret is probably not being replaced by its value.

Another alternative in case you want more security than storing the secret in your RStudio environment:
where "rsconnect_secret" is a password stored in your computer's KeyChain app, assuming you're on Mac. If you're on PC, the analogous function is decrypt_apapi_pw() to be paired with with the Microsoft Data Protection API

1 Like

Hi @mattcowgill

This works for me:

      - name: Push to
        run: |
          Rscript -e "rsconnect::setAccountInfo(name='username', token=${{secrets.SHINYAPPS_TOKEN}}, secret=${{secrets.SHINYAPPS_SECRET}})"
          Rscript -e "rsconnect::deployApp(appName = 'appname')" 

With two secrets named SHINYAPPS_TOKEN and SHINYAPPS_SECRET containing the values with single quotation marks.

1 Like

Thanks so much @hamgamb! I had something very similar, but had omitted the single quotation marks in the secrets.

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.

If you have a query related to it or one of the replies, start a new topic and refer back with a link.