diff --git a/.Rbuildignore b/.Rbuildignore index 2da9b6c..2ab4e99 100644 --- a/.Rbuildignore +++ b/.Rbuildignore @@ -15,6 +15,8 @@ \.lintr$ \.travis\.yml$ ^.*\.Rproj$ +^.*\.db$ +^.*\.db.bz2$ ^README\.Rmd$ ^\.Rproj\.user$ ^\.apt$ diff --git a/.github/actions/prepare-ptaxsim/action.yaml b/.github/actions/prepare-ptaxsim/action.yaml new file mode 100644 index 0000000..e85024f --- /dev/null +++ b/.github/actions/prepare-ptaxsim/action.yaml @@ -0,0 +1,69 @@ +name: Prepare PTAXSIM database +description: Downloads and extracts the PTAXSIM database file from S3 +inputs: + PTAXSIM_DB_BASE_URL: + required: false + type: string + default: "s3://ccao-data-public-us-east-1/ptaxsim" + ASSUMED_ROLE: + description: "AWS role used for S3" +outputs: + PTAXSIM_VERSION: + description: "PTAXSIM database version" + value: ${{ steps.version_db.outputs.PTAXSIM_VERSION }} + +runs: + using: composite + steps: + - name: Checkout + uses: actions/checkout@v3 + + - name: Get database version + id: version_db + run: | + DESCRIPTION_PATH=$(echo "${{ github.workspace }}/DESCRIPTION" | sed 's/\\/\//g') + echo "PTAXSIM_VERSION=$(sed -n 's/.*Wants_DB_Version: \([0-9]*\.[0-9]*\.[0-9]\).*/\1/p' $DESCRIPTION_PATH)" >> $GITHUB_ENV + echo "PTAXSIM_VERSION=${{ env.PTAXSIM_VERSION }}" >> $GITHUB_OUTPUT + shell: bash + + - name: Cache database + uses: actions/cache@v3.3.1 + id: cache_db + with: + path: ptaxsim.db.bz2 + key: ${{ format('{0}-{1}', env.PTAXSIM_VERSION, hashFiles('DESCRIPTION')) }} + enableCrossOsArchive: true + + - name: Configure AWS credentials + if: steps.cache_db.outputs.cache-hit != 'true' + uses: aws-actions/configure-aws-credentials@v2 + with: + role-to-assume: ${{ inputs.ASSUMED_ROLE }} + aws-region: us-east-1 + + - name: Fetch database file + id: fetch_db + if: steps.cache_db.outputs.cache-hit != 'true' + run: | + aws s3 cp ${{ inputs.PTAXSIM_DB_BASE_URL }}/ptaxsim-${{ env.PTAXSIM_VERSION }}.db.bz2 ${{ github.workspace }}/ptaxsim.db.bz2 --quiet + shell: bash + + - name: Unpack database (Linux) + if: runner.os == 'Linux' + run: | + sudo apt-get install -y pbzip2 + pbzip2 -dk ${{ github.workspace }}/ptaxsim.db.bz2 + shell: bash + + - name: Unpack database (macOS) + if: runner.os == 'macOS' + run: | + brew install pbzip2 + pbzip2 -dk ${{ github.workspace }}/ptaxsim.db.bz2 + shell: bash + + - name: Unpack database (Windows) + if: runner.os == 'Windows' + run: | + 7z x ${{ github.workspace }}/ptaxsim.db.bz2 + shell: cmd diff --git a/.github/workflows/R-CMD-check.yaml b/.github/workflows/R-CMD-check.yaml index e0d023a..e6e6f44 100644 --- a/.github/workflows/R-CMD-check.yaml +++ b/.github/workflows/R-CMD-check.yaml @@ -6,14 +6,9 @@ on: name: R-CMD-check jobs: - prepare-ptaxsim: - uses: ./.github/workflows/prepare-ptaxsim.yaml - secrets: inherit - R-CMD-check: - needs: prepare-ptaxsim - runs-on: ${{ matrix.config.os }} name: ${{ matrix.config.os }} (${{ matrix.config.r }}) + runs-on: ${{ matrix.config.os }} strategy: fail-fast: false matrix: @@ -26,6 +21,12 @@ jobs: env: PTAXSIM_DB_PATH: ${{ github.workspace }}/ptaxsim.db R_KEEP_PKG_SOURCE: yes + + # Required for OIDC access to S3 + permissions: + id-token: write + contents: read + steps: - name: Checkout uses: actions/checkout@v3 @@ -46,32 +47,10 @@ jobs: extra-packages: any::rcmdcheck needs: check - - name: Restore database cache - uses: actions/cache/restore@v3.3.1 + - name: Prepare PTAXSIM database + uses: ./.github/actions/prepare-ptaxsim with: - path: ptaxsim.db.bz2 - key: ${{ format('{0}-{1}', needs.prepare-ptaxsim.outputs.PTAXSIM_VERSION, hashFiles('DESCRIPTION')) }} - fail-on-cache-miss: true - enableCrossOsArchive: true - - - name: Unpack database (Linux) - if: runner.os == 'Linux' - run: | - sudo apt-get install -y pbzip2 - pbzip2 -d ptaxsim.db.bz2 - shell: bash - - - name: Unpack database (macOS) - if: runner.os == 'macOS' - run: | - brew install pbzip2 - pbzip2 -d ptaxsim.db.bz2 - shell: bash - - - name: Unpack database (Windows) - if: runner.os == 'Windows' - run: 7z x ptaxsim.db.bz2 - shell: cmd + ASSUMED_ROLE: ${{ secrets.AWS_IAM_ROLE_TO_ASSUME_ARN }} - name: Check R package uses: r-lib/actions/check-r-package@v2 diff --git a/.github/workflows/pkgdown.yaml b/.github/workflows/pkgdown.yaml index 59ff4be..da46d29 100644 --- a/.github/workflows/pkgdown.yaml +++ b/.github/workflows/pkgdown.yaml @@ -8,15 +8,16 @@ on: name: pkgdown jobs: - prepare-ptaxsim: - uses: ./.github/workflows/prepare-ptaxsim.yaml - secrets: inherit - build-pkgdown-site: - needs: prepare-ptaxsim runs-on: ubuntu-latest env: PTAXSIM_DB_PATH: ${{ github.workspace }}/ptaxsim.db + + # Required for OIDC access to S3 + permissions: + id-token: write + contents: read + steps: - name: Checkout uses: actions/checkout@v3 @@ -35,18 +36,10 @@ jobs: extra-packages: any::pkgdown, local::. needs: website - - name: Restore database cache - uses: actions/cache/restore@v3 + - name: Prepare PTAXSIM database + uses: ./.github/actions/prepare-ptaxsim with: - path: ptaxsim.db.bz2 - key: ${{ format('{0}-{1}', needs.prepare-ptaxsim.outputs.PTAXSIM_VERSION, hashFiles('DESCRIPTION')) }} - fail-on-cache-miss: true - - - name: Unpack database - run: | - sudo apt-get install -y pbzip2 - pbzip2 -d ptaxsim.db.bz2 - shell: bash + ASSUMED_ROLE: ${{ secrets.AWS_IAM_ROLE_TO_ASSUME_ARN }} - name: Build pkgdown site run: pkgdown::build_site_github_pages(new_process = FALSE, install = FALSE) diff --git a/.github/workflows/prepare-ptaxsim.yaml b/.github/workflows/prepare-ptaxsim.yaml deleted file mode 100644 index 527085b..0000000 --- a/.github/workflows/prepare-ptaxsim.yaml +++ /dev/null @@ -1,57 +0,0 @@ -on: - workflow_call: - inputs: - PTAXSIM_DB_BASE_URL: - required: false - type: string - default: "s3://ccao-data-public-us-east-1/ptaxsim" - outputs: - PTAXSIM_VERSION: - description: "PTAXSIM database version" - value: ${{ jobs.download-db.outputs.output1 }} - -name: prepare-ptaxsim - -jobs: - download-db: - runs-on: ubuntu-latest - env: - AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - AWS_REGION: ${{ secrets.AWS_REGION }} - outputs: - output1: ${{ steps.version_db.outputs.PTAXSIM_VERSION }} - - steps: - - name: Checkout - uses: actions/checkout@v3 - - - name: Get database version - id: version_db - run: | - echo "PTAXSIM_VERSION=$(grep -Po "(?<=Wants_DB_Version: )[0-9]*\.[0-9]*\.[0-9]*" ${{ github.workspace }}/DESCRIPTION)" >> $GITHUB_ENV - echo "PTAXSIM_VERSION=$(grep -Po "(?<=Wants_DB_Version: )[0-9]*\.[0-9]*\.[0-9]*" ${{ github.workspace }}/DESCRIPTION)" >> $GITHUB_OUTPUT - - - name: Check database cache - uses: actions/cache/restore@v3 - id: check_db - with: - path: ptaxsim.db.bz2 - key: ${{ format('{0}-{1}', env.PTAXSIM_VERSION, hashFiles('DESCRIPTION')) }} - lookup-only: true - - - name: Fetch database file - id: fetch_db - if: steps.check_db.outputs.cache-hit != 'true' - run: | - aws s3 cp ${{ inputs.PTAXSIM_DB_BASE_URL }}/ptaxsim-${{ env.PTAXSIM_VERSION }}.db.bz2 ${{ github.workspace }}/ptaxsim.db.bz2 - shell: bash - - - name: Save database cache - uses: actions/cache/save@v3 - id: save_db - if: steps.check_db.outputs.cache-hit != 'true' - with: - path: ptaxsim.db.bz2 - key: ${{ format('{0}-{1}', env.PTAXSIM_VERSION, hashFiles('DESCRIPTION')) }} - enableCrossOsArchive: true diff --git a/.github/workflows/test-coverage.yaml b/.github/workflows/test-coverage.yaml index a240391..c4d4298 100644 --- a/.github/workflows/test-coverage.yaml +++ b/.github/workflows/test-coverage.yaml @@ -6,15 +6,16 @@ on: name: test-coverage jobs: - prepare-ptaxsim: - uses: ./.github/workflows/prepare-ptaxsim.yaml - secrets: inherit - test-coverage: - needs: prepare-ptaxsim runs-on: ubuntu-latest env: PTAXSIM_DB_PATH: ${{ github.workspace }}/ptaxsim.db + + # Required for OIDC access to S3 + permissions: + id-token: write + contents: read + steps: - name: Checkout uses: actions/checkout@v3 @@ -30,18 +31,10 @@ jobs: extra-packages: any::covr needs: coverage - - name: Restore database cache - uses: actions/cache/restore@v3 + - name: Prepare PTAXSIM database + uses: ./.github/actions/prepare-ptaxsim with: - path: ptaxsim.db.bz2 - key: ${{ format('{0}-{1}', needs.prepare-ptaxsim.outputs.PTAXSIM_VERSION, hashFiles('DESCRIPTION')) }} - fail-on-cache-miss: true - - - name: Unpack database - run: | - sudo apt-get install -y pbzip2 - pbzip2 -d ptaxsim.db.bz2 - shell: bash + ASSUMED_ROLE: ${{ secrets.AWS_IAM_ROLE_TO_ASSUME_ARN }} - name: Test coverage run: |