Deploying Shiny app with GitHub Actions

mattcowgill · September 3, 2020, 4:18am

Hi,
I have a Shiny app that is part of a package. It deploys to shinyapps.io from my local machine using rsconnect::deployApp().

I would like to set up a Github Action workflow that will deploy the app to shinyapps.io on any push to the repo. The main difficulty I have is in storing my shinyapps.io credentials as a secret and then passing that secret to rsconnect::setAccountInfo() within the Github Actions workflow.

My (slightly obscured) failed attempt to do this is as follows. Note that I have a Github secret called RSCONNECT associated with this repo that stores my Shinyapps.io secret.



on: [push, pull_request]

name: deploy-shiny

jobs:
  deploy-shiny:
    runs-on: macOS-latest
    steps:
      - uses: actions/checkout@v2
      - uses: r-lib/actions/setup-r@master
      - name: Install shiny
        run: |
          install.packages(c("shiny", "rsconnect"), type = "binary")
        shell: Rscript {0}
      - name: shinyapps credentials
        with:
          rsconnect_secret: ${{ secrets.RSCONNECT }}
        run: Rscript -e 'rsconnect::setAccountInfo(name="myusername", token="tokengoeshere", secret="$rsconnect_secret")'
        shell: Rscript {0}

joseluizferreira · September 3, 2020, 6:29am

What exactly was the error that you got from setAccountInfo?

...or are you just forgetting to use deployApp afterwards (https://www.rdocumentation.org/packages/rsconnect/versions/0.8.16/topics/deployApp) ?

mattcowgill · September 3, 2020, 7:08am

Hi @joseluizferreira,
No, I'm not forgetting to deployApp().

The problem is passing the Github secret to setAccountInfo().

I think the solution is to give up.

joseluizferreira · September 3, 2020, 7:25am

Ok. I don't use GH actions, just Gitlab CI (with RStudio Connect) which should be similar.

The way I pass secrets there is via an environment variable (+ Sys.getenv in Rscript). So I'd say that if rsconnect_secret is defined, your method should work... or you can try to import it in R using secret=Sys.getenv("rsconnect_secret").

It should be safer too

mattcowgill · September 3, 2020, 7:43am

Thank you, I’ll try that

joseluizferreira · September 3, 2020, 8:18am

Besides, I just realized that you are using single quotes and $rsconnect_secret is probably not being replaced by its value.

pcall · September 4, 2020, 1:55am

Another alternative in case you want more security than storing the secret in your RStudio environment:
secret=keyringr::decrypt_kc_pw("rsconnect_secret")
where "rsconnect_secret" is a password stored in your computer's KeyChain app, assuming you're on Mac. If you're on PC, the analogous function is decrypt_apapi_pw() to be paired with with the Microsoft Data Protection API

hamgamb · September 15, 2020, 1:17am

Hi @mattcowgill

This works for me:

      - name: Push to shiny.io
        run: |
          Rscript -e "rsconnect::setAccountInfo(name='username', token=${{secrets.SHINYAPPS_TOKEN}}, secret=${{secrets.SHINYAPPS_SECRET}})"
          Rscript -e "rsconnect::deployApp(appName = 'appname')"

With two secrets named SHINYAPPS_TOKEN and SHINYAPPS_SECRET containing the values with single quotation marks.

mattcowgill · September 15, 2020, 4:16am

Thanks so much @hamgamb! I had something very similar, but had omitted the single quotation marks in the secrets.

system · September 22, 2020, 4:16am

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.

If you have a query related to it or one of the replies, start a new topic and refer back with a link.