updates for #54

DESCRIPTION

@@ -23,6 +23,7 @@ Imports:
     httr (>= 1.4.1),
     jsonlite (>= 1.5),
     openssl (>= 1.4.1),
+    usethis (>= 1.6.0),
     utils,
     yaml (>= 2.2.0)
 Suggests: 
@@ -35,4 +36,4 @@ Suggests:
 License: MIT + file LICENSE
 Encoding: UTF-8
 LazyData: true
-RoxygenNote: 7.0.2
+RoxygenNote: 7.1.0

R/buildsteps_templates.R

@@ -414,7 +414,7 @@ cr_buildstep_r <- function(r,
   )
 
   # ability to call R scripts from Cloud Storage
-  if(grepl("^gs://", r)){
+  if(grepl("^gs://", r[[1]])){
     r_here <- paste0("/workspace/", basename(r))
     myMessage(paste0("Buildstep will download R script from ", r),
               level = 3)
@@ -655,14 +655,10 @@ cr_buildstep_docker <- function(image,
 #'
 #' This creates steps to configure git to use an ssh created key.
 #'
-#' @param keyring The Key Management Store keyring containing the git ssh key
-#' @param key The Key Management Store key containing the gitssh key
-#' @param cipher The filename of the encrypted git ssh key that has been checked into the repository
+#' @param secret The name of the secret on Google Secret Manager for the git ssh private key
 #' @details
 #'
-#' The key should be encrypted offline using \code{gcloud kms} or similar first.  See \link{cr_buildstep_decrypt} for details.
-#'
-#' By default the encrypted key should then be at the root of your \link{Source} object called "id_rsa.enc"
+#' The ssh private key should be uploaded to Google Secret Manager first
 #'
 #' @seealso \href{https://cloud.google.com/cloud-build/docs/access-private-github-repos}{Accessing private GitHub repositories using Cloud Build (google article)}
 #'
@@ -672,39 +668,27 @@ cr_buildstep_docker <- function(image,
 #' cr_project_set("my-project")
 #' cr_bucket_set("my-bucket")
 #'
-#' # assumes you have previously saved git ssh key via KMS called "git_key"
+#' # assumes you have previously saved git ssh key called "github-ssh"
 #' cr_build_yaml(
 #'      steps = c(
-#'           cr_buildstep_gitsetup("my_keyring", "git_key"),
+#'           cr_buildstep_gitsetup("github-ssh"),
 #'           cr_buildstep_git(c("clone",
 #'                              "git@github.com:github_name/repo_name"))
 #'      )
 #'  )
 #'
-cr_buildstep_gitsetup <- function(keyring = "my-keyring",
-                                  key = "github-key",
-                                  cipher = "id_rsa.enc", ...){
-  # don't allow dot names that would break things
-  dots <- list(...)
-  assert_that(
-    is.null(dots$name),
-    is.null(dots$args),
-    is.null(dots$prefix),
-    is.null(dots$entrypoint)
-  )
-
-  cb <- system.file("cloudbuild/cloudbuild_git.yml",
-                    package = "googleCloudRunner")
-  bs <- cr_build_make(cb)
-
+cr_buildstep_gitsetup <- function(secret){
 
+  github_setup <- system.file("ssh", "github_setup.sh",
+                              package = "googleCloudRunner")
   c(
-    cr_buildstep_decrypt(cipher = cipher,
-                         plain = "/root/.ssh/id_rsa",
-                         keyring = keyring,
-                         key = key,
-                         volumes = git_volume()),
-    cr_buildstep_extract(bs, 2)
+    cr_buildstep_secret(secret = secret,
+                        decrypted = "/root/.ssh/id_rsa",
+                        volumes = git_volume()),
+    cr_buildstep_bash(github_setup,
+                      name = "gcr.io/cloud-builders/git",
+                      entrypoint = "bash",
+                      volumes = git_volume())
   )
 }
 
@@ -720,6 +704,7 @@ cr_buildstep_gitsetup <- function(keyring = "my-keyring",
 #' \code{cr_buildstep} must come after \code{cr_buildstep_gitsetup}
 #' @family Cloud Buildsteps
 #' @export
+#' @import assertthat
 cr_buildstep_git <- function(
   git_args = c("clone",
                "git@github.com:[GIT-USERNAME]/[REPOSITORY]",
@@ -754,39 +739,48 @@ cr_buildstep_git <- function(
 #'
 #' Its convenient to set some of the above via \link{Build} macros, such as \code{github_repo=$_GITHUB_REPO} and \code{git_email=$_BUILD_EMAIL} in the Build Trigger web UI
 #'
+#' To commit the website to git, \link{cr_buildstep_gitsetup} is used for which
+#'   you will need to add your git ssh private key to Google Secret Manager
+#'
+#' The R package is installed via \link[devtools]{install} before
+#'   running \link[pkgdown]{build_site}
+#'
 #' @export
 #' @family Cloud Buildsteps
 #' @examples
 #' cr_project_set("my-project")
 #' cr_bucket_set("my-bucket")
+#'
+#' # set github repo directly to write it out via cr_build_write()
+#' cr_buildstep_pkgdown("MarkEdmondson1234/googleCloudRunner",
+#'                      git_email = "cloudbuild@google.com",
+#'                      secret = "github-ssh")
+#'
 #' # github repo set via build trigger macro _GITHUB_REPO
 #' cr_buildstep_pkgdown("$_GITHUB_REPO",
-#'                      "cloudbuild@google.com")
+#'                      git_email = "cloudbuild@google.com",
+#'                      secret = "github-ssh")
 #'
 #' # example including environment arguments for pkgdown build step
-#' steps <- cr_buildstep_pkgdown("$_GITHUB_REPO",
-#'                      "cloudbuild@google.com",
+#' cr_buildstep_pkgdown("$_GITHUB_REPO",
+#'                      git_email = "cloudbuild@google.com",
+#'                      secret = "github-ssh",
 #'                      env = c("MYVAR=$_MY_VAR", "PROJECT=$PROJECT_ID"))
-#' build_yaml <- cr_build_yaml(steps = steps)
-#' my_source <- cr_build_source(RepoSource("my_repo", branch="master"))
-#' build <- cr_build_make(build_yaml, source = my_source)
+#'
 cr_buildstep_pkgdown <- function(
            github_repo,
            git_email,
-           keyring = "my-keyring",
-           key = "github-key",
+           secret,
            env = NULL,
-           cipher = "id_rsa.enc",
-           build_image = 'gcr.io/gcer-public/packagetools:master'){
+           build_image = "gcr.io/gcer-public/packagetools:master"){
 
   repo <- paste0("git@github.com:", github_repo)
 
   c(
-    cr_buildstep_gitsetup(keyring = keyring,
-                          key = key,
-                          cipher = cipher),
+    cr_buildstep_gitsetup(secret),
     cr_buildstep_git(c("clone",repo, "repo")),
-    cr_buildstep_r(c("devtools::install()", "pkgdown::build_site()"),
+    cr_buildstep_r(c("devtools::install()",
+                     "pkgdown::build_site()"),
                    name = build_image,
                    dir = "repo",
                    env = env),

R/cloudbuild.R

@@ -148,19 +148,14 @@ extract_logs <- function(o){
 #' @examples
 #' cloudbuild <- system.file("cloudbuild/cloudbuild.yaml",
 #'                            package = "googleCloudRunner")
-#' cr_build_make(cloudbuild, projectId = "test-project")
+#' cr_build_make(cloudbuild)
 cr_build_make <- function(yaml,
                           source = NULL,
                           timeout=NULL,
                           images=NULL,
                           artifacts = NULL,
                           options = NULL,
-                          substitutions = NULL,
-                          projectId = cr_project_get()){
-
-  assert_that(
-    is.string(projectId)
-  )
+                          substitutions = NULL){
 
   stepsy <- get_cr_yaml(yaml)
   if(is.null(stepsy$steps)){

R/deploy.R

@@ -229,30 +229,34 @@ cr_deploy_docker <- function(local,
 #' unlink("cloudbuild-pkgdown.yml")
 #'
 cr_deploy_pkgdown <- function(steps = NULL,
+                              secret,
                               cloudbuild_file = "cloudbuild-pkgdown.yml",
                               git_email = "googlecloudrunner@r.com",
-                              keyring = "my-keyring",
-                              key = "github-key",
                               env = NULL,
-                              cipher = "id_rsa.enc",
                               build_image = 'gcr.io/gcer-public/packagetools:master'){
 
 
   build_yaml <-
     cr_build_yaml(steps = c(steps,
                    cr_buildstep_pkgdown("$_GIT_REPO",
                                       git_email = git_email,
-                                      env = env))
+                                      secret = secret,
+                                      env = env,
+                                      build_image = build_image))
          )
 
   build <- cr_build_make(build_yaml)
 
   cr_build_write(build, file = cloudbuild_file)
-  myMessage("Now make a build trigger pointing at this file in your repo: ", cloudbuild_file,
-            "\nBuild Trigger settings:",
-            "\nSubstitution variable: _GITHUB_REPO = {your-repo-to-push-to}",
-            "\nIgnored files filter (glob): docs/**",
-            level = 3)
+  usethis::ui_line()
+  usethis::ui_info("Complete deployment of pkgdown Cloud Build yaml:")
+  usethis::ui_todo(c(
+            "Go to https://console.cloud.google.com/cloud-build/triggers and
+            make a build trigger pointing at this file in your repo:
+            {cloudbuild_file} "))
+  usethis::ui_info(c("Build Trigger substitution variable settings:",
+                     "_GITHUB_REPO = username/repo",
+                     "Ignored files filter (glob): docs/**"))
 
   invisible(build)
 
@@ -318,11 +322,16 @@ cr_deploy_packagetests <- function(
                   )
 
   cr_build_write(build_yaml, file = cloudbuild_file)
-  myMessage("Now make a build trigger pointing at this file in your repo: ", cloudbuild_file,
-            "\nBuild Trigger settings:",
-            "\nSubstitution variable: _CODECOV_TOKEN = {your-codecov-token}",
-            "\nIgnored files filter (glob): docs/** and vignettes/**",
-            level = 3)
+
+  usethis::ui_line()
+  usethis::ui_info("Complete deployment of tests Cloud Build yaml:")
+  usethis::ui_todo(c(
+    "Go to https://console.cloud.google.com/cloud-build/triggers and
+            make a build trigger pointing at this file in your repo:
+            {cloudbuild_file} "))
+  usethis::ui_info(c("Build Trigger substitution variable settings:",
+                     "_CODECOV_TOKEN = your-codecov-token",
+                     "Ignored files filter (glob): docs/** and vignettes/**"))
 
   invisible(build_yaml)
 

inst/ssh/github_setup.sh

@@ -0,0 +1,9 @@
+chmod 600 /root/.ssh/id_rsa
+cat <<EOF >known_hosts
+github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==
+EOF
+cat <<EOF >/root/.ssh/config
+Hostname github.com
+IdentityFile /root/.ssh/id_rsa
+EOF
+mv known_hosts /root/.ssh/known_hosts