@@ -10,7 +10,7 @@ R console:
1010
1111``` r
1212# Install/Update sandpaper
13- options(repos = c(carpentries = " https://carpentries.r-universe.dev/" ,
13+ options(repos = c(carpentries = " https://carpentries.r-universe.dev/" ,
1414 CRAN = " https://cloud.r-project.org" ))
1515install.packages(" sandpaper" )
1616
@@ -34,21 +34,21 @@ This workflow does the following:
3434
3535 1 . checks out the lesson
3636 2 . provisions the following resources
37- - R
38- - pandoc
39- - lesson infrastructure (stored in a cache)
40- - lesson dependencies if needed (stored in a cache)
37+ - R
38+ - pandoc
39+ - lesson infrastructure (stored in a cache)
40+ - lesson dependencies if needed (stored in a cache)
4141 3 . builds the lesson via ` sandpaper:::ci_deploy() `
4242
4343#### Caching
4444
45- This workflow has two caches; one cache is for the lesson infrastructure and
46- the other is for the the lesson dependencies if the lesson contains rendered
45+ This workflow has two caches; one cache is for the lesson infrastructure and
46+ the other is for the lesson dependencies if the lesson contains rendered
4747content. These caches are invalidated by new versions of the infrastructure and
48- the ` renv.lock ` file, respectively. If there is a problem with the cache,
48+ the ` renv.lock ` file, respectively. If there is a problem with the cache,
4949manual invaliation is necessary. You will need maintain access to the repository
5050and you can either go to the actions tab and [ click on the caches button to find
51- and invalidate the failing cache] ( https://github.blog/changelog/2022-10-20-manage-caches-in-your-actions-workflows-from-web-interface/ )
51+ and invalidate the failing cache] ( https://github.blog/changelog/2022-10-20-manage-caches-in-your-actions-workflows-from-web-interface/ )
5252or by setting the ` CACHE_VERSION ` secret to the current date (which will
5353invalidate all of the caches).
5454
@@ -58,32 +58,32 @@ invalidate all of the caches).
5858
5959These workflows run on a schedule and at the maintainer's request. Because they
6060create pull requests that update workflows/require the downstream actions to run,
61- they need a special repository/organization secret token called
62- ` SANDPAPER_WORKFLOW ` and it must have the ` public_repo ` and ` workflow ` scope.
61+ they need a special repository/organization secret token called
62+ ` SANDPAPER_WORKFLOW ` and it must have the ` public_repo ` and ` workflow ` scope.
6363
6464This can be an individual user token, OR it can be a trusted bot account. If you
6565have a repository in one of the official Carpentries accounts, then you do not
6666need to worry about this token being present because the Carpentries Core Team
6767will take care of supplying this token.
6868
69- If you want to use your personal account: you can go to
69+ If you want to use your personal account: you can go to
7070< https://github.com/settings/tokens/new?scopes=public_repo,workflow&description=Sandpaper%20Token >
7171to create a token. Once you have created your token, you should copy it to your
7272clipboard and then go to your repository's settings > secrets > actions and
7373create or edit the ` SANDPAPER_WORKFLOW ` secret, pasting in the generated token.
7474
7575If you do not specify your token correctly, the runs will not fail and they will
76- give you instructions to provide the token for your repository.
76+ give you instructions to provide the token for your repository.
7777
7878### 02 Maintain: Update Workflow Files (update-workflow.yaml)
7979
80- The {sandpaper} repository was designed to do as much as possible to separate
81- the tools from the content. For local builds, this is absolutely true, but
82- there is a minor issue when it comes to workflow files: they must live inside
83- the repository.
80+ The {sandpaper} repository was designed to do as much as possible to separate
81+ the tools from the content. For local builds, this is true, but
82+ there is a minor issue when it comes to workflow files: they must live inside
83+ the repository.
8484
8585This workflow ensures that the workflow files are up-to-date. The way it work is
86- to download the update-workflows.sh script from GitHub and run it. The script
86+ to download the update-workflows.sh script from GitHub and run it. The script
8787will do the following:
8888
89891 . check the recorded version of sandpaper against the current version on github
@@ -100,25 +100,25 @@ This update is run weekly or on demand.
100100
101101For lessons that have generated content, we use {renv} to ensure that the output
102102is stable. This is controlled by a single lockfile which documents the packages
103- needed for the lesson and the version numbers. This workflow is skipped in
103+ needed for the lesson and the version numbers. This workflow is skipped in
104104lessons that do not have generated content.
105105
106106Because the lessons need to remain current with the package ecosystem, it's a
107- good idea to make sure these packages can be updated periodically. The
107+ good idea to make sure these packages can be updated periodically. The
108108update cache workflow will do this by checking for updates, applying them in a
109109branch called ` updates/packages ` and creating a pull request with _ only the
110- lockfile changed_ .
110+ lockfile changed_ .
111111
112112From here, the markdown documents will be rebuilt and you can inspect what has
113- changed based on how the packages have updated.
113+ changed based on how the packages have updated.
114114
115115## Pull Request and Review Management
116116
117- Because our lessons execute code, pull requests are a secruity risk for any
118- lesson and thus have security measures associted with them. ** Do not merge any
117+ Because our lessons execute code, pull requests are a security risk for any
118+ lesson and thus have security measures associated with them. ** Do not merge any
119119pull requests that do not pass checks and do not have bots commented on them.**
120120
121- This series of workflows all go together and are described in the following
121+ This series of workflows all go together and are described in the following
122122diagram and the below sections:
123123
124124![ Graph representation of a pull request] ( https://carpentries.github.io/sandpaper/articles/img/pr-flow.dot.svg )
@@ -129,22 +129,22 @@ This workflow runs every time a pull request is created and its purpose is to
129129validate that the pull request is okay to run. This means the following things:
130130
1311311 . The pull request does not contain modified workflow files
132- 2 . If the pull request contains modified workflow files, it does not contain
132+ 2 . If the pull request contains modified workflow files, it does not contain
133133 modified content files (such as a situation where @carpentries-bot will
134134 make an automated pull request)
1351353 . The pull request does not contain an invalid commit hash (e.g. from a fork
136136 that was made before a lesson was transitioned from styles to use the
137137 workbench).
138138
139- Once the checks are finished, a comment is issued to the pull request, which
140- will allow maintainers to determine if it is safe to run the
139+ Once the checks are finished, a comment is issued to the pull request, which
140+ will allow maintainers to determine if it is safe to run the
141141"Receive Pull Request" workflow from new contributors.
142142
143143### Receive Pull Request (pr-receive.yaml)
144144
145145** Note of caution:** This workflow runs arbitrary code by anyone who creates a
146146pull request. GitHub has safeguarded the token used in this workflow to have no
147- priviledges in the repository, but we have taken precautions to protect against
147+ privileges in the repository, but we have taken precautions to protect against
148148spoofing.
149149
150150This workflow is triggered with every push to a pull request. If this workflow
@@ -154,8 +154,8 @@ started.
154154
155155The first step of this workflow is to check if it is valid (e.g. that no
156156workflow files have been modified). If there are workflow files that have been
157- modified, a comment is made that indicates that the workflow is not run. If
158- both a workflow file and lesson content is modified, an error will occurr .
157+ modified, a comment is made that indicates that the workflow is not run. If
158+ both a workflow file and lesson content is modified, an error will occur .
159159
160160The second step (if valid) is to build the generated content from the pull
161161request. This builds the content and uploads three artifacts:
@@ -164,7 +164,7 @@ request. This builds the content and uploads three artifacts:
1641642 . A summary of changes after the rendering process (diff)
1651653 . The rendered files (build)
166166
167- Because this workflow builds generated content, it follows the same general
167+ Because this workflow builds generated content, it follows the same general
168168process as the ` sandpaper-main ` workflow with the same caching mechanisms.
169169
170170The artifacts produced are used by the next workflow.
@@ -183,9 +183,9 @@ The steps in this workflow are:
183183Importantly: if the pull request is invalid, the branch is not created so any
184184malicious code is not published.
185185
186- From here, the maintainer can request changes from the author and eventually
187- either merge or reject the PR. When this happens, if the PR was valid, the
188- preview branch needs to be deleted.
186+ From here, the maintainer can request changes from the author and eventually
187+ either merge or reject the PR. When this happens, if the PR was valid, the
188+ preview branch needs to be deleted.
189189
190190### Send Close PR Signal (pr-close-signal.yaml)
191191
@@ -194,5 +194,5 @@ pull request number for the next action
194194
195195### Remove Pull Request Branch (pr-post-remove-branch.yaml)
196196
197- Tiggered by ` pr-close-signal.yaml ` . This removes the temporary branch associated with
197+ Triggered by ` pr-close-signal.yaml ` . This removes the temporary branch associated with
198198the pull request (if it was created).
0 commit comments