Make ZenodoManager anonymous (token-less) calls keyring-free

[eblondel]

This is not an issue as long as keyring is installed on machines. It is essentially an issue on CRAN checks (Fedora, Macos flavors) and for R codes that are tested / run on CRAN checks, as it is the case in reverse depends GermaParl package (use of zen4R for data downloads from DOI).

The purpose is to bind the keyring use when a token is specified. When anonymous / tokenless use (token = NULL), the keyring functions should not be invoked.

[maelle]

Coming a bit late to this, 1) thanks for this package and 2) how would you recommend using a token... whilst on a CI system? (we have a workflow building a bookdown book on GitHub Actions and use zen4R).

[PietrH]

@maelle , so you don't want to use keyring to get system credentials? https://r-lib.github.io/keyring/index.html

[maelle]

@PietrH I wanted to know whether there were some tips related to using it on GitHub Actions :-)

[PietrH]

I've never used it, but I know you can pipe in secrets via https://docs.github.com/en/actions/reference/encrypted-secrets

[eblondel]

@maelle i'm setting up a github action for R CMD check (previously was done on Travis) in order to consolidate some integrateion tests. There i'm using a a secret token from my Github to interact with the Zenodo sandbox:

• define your secret token as environment variable - see https://github.com/eblondel/zen4R/blob/master/.github/workflows/r-cmd-check.yml#L21
• grab your environment variable in your R code -see https://github.com/eblondel/zen4R/blob/master/tests/test-all.R#L7

Zen4R now relies on keyring to get system credentials, and token is not anymore stored as field of the ZenodoManager. Note that as recent fix to follow recent changes in keyring for Linux OS, the keyring backend will be set to env. If you use Linux OS and still use zen4R from CRAN, you may have this issue, where you will be asked to set-up password for 'system' keyring. The fix is now in Github and will be soon released to CRAN.

[maelle]

thank you @eblondel!

[maelle]

Another question (happy to use another communication channel if better): from Zen4R, can one choose what keyring backend to use?

Another approach to authentication in opencage: having a function for authenticating but suggesting the use of keyring https://docs.ropensci.org/opencage/articles/opencage.html#authentication

[eblondel]

not yet, for the timebeing i've put a default to env, but i will see to make it as argument or option;
For discussing I've set up a Github "discussion" (since yesterday only :-) ), feel free to use that in future.

[eblondel]

@maelle i've pushed some enhancement to let user define the keyring_backend when initializing the ZenodoManager, with default value to 'env'.