[R-pkg-devel] Submission to CRAN when package needs personal data (API key)
Rainer M Krug
R@iner @ending from krug@@de
Tue Sep 11 08:49:45 CEST 2018
> On 8 Sep 2018, at 21:02, Joshua Ulrich <josh.m.ulrich using gmail.com> wrote:
> Hi Rainer,
> On Wed, Sep 5, 2018 at 2:28 AM, Rainer Krug <Rainer using krugs.de> wrote:
>> I have a package at GitHub (https://github.com/rkrug/ROriginStamp) which I am
>> pre[paring for CRAN.
>> It creates a trusted timestamp using the API fro OriginStamp
>> (https://originstamp.org/home) which requires an API key. Now this API should
>> not be made public, as to much traffic through one API key will lead to it’s
>> I have stored the key encrypted in the travis.yml, and the package passes all
>> But if I send it to CRAN, it would fail the tests, as the api key is not in
>> the package itself.
>> I could disable all tests for CRAN which need the API key, but I think it
>> would be better tu run the tests there as well (as an additional check to
>> My question:
>> Is there a way of storing the API key encrypted, so that only the CRAN test
>> servers can decrypt it, or is there another way can steal with this?
> I have a similar issue with quantmod. I need API keys to test some
> functionality and I would like the tests run regularly, so I can know
> when something breaks without having to wait for a user to report the
Same motivation here.
> I store the API keys in encrypted environment variable in TravisCI,
> and I check for those environment variables before running the tests
> that require them.
I am using the same approach for TravisCI and it works perfectly.
> Then I added a cron job on TravisCI to run the build if there hasn't
> been a build in the past 24 hours. That solves the problem adequately
> for my purposes without adding any burden to CRAN. Hopefully it works
> for your purposes too.
I haven’t thought about the CRON job for TravisCI - good point. I will activate it straight away.
>> Rainer M. Krug, PhD (Conservation Ecology, SUN),
>> MSc (Conservation Biology, UCT), Dipl. Phys. (Germany)
>> University of Zürich
>> Cell: +41 (0)78 630 66 57
>> email: Rainer using krugs.de
>> Skype: RMkrug
>> PGP: 0x0F52F982
>> R-package-devel using r-project.org mailing list
> Joshua Ulrich | about.me/joshuaulrich
> FOSS Trading | www.fosstrading.com
> R/Finance 2018 | www.rinfinance.com
Rainer M. Krug, PhD (Conservation Ecology, SUN), MSc (Conservation Biology, UCT), Dipl. Phys. (Germany)
University of Zürich
Cell: +41 (0)78 630 66 57
email: Rainer using krugs.de
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 488 bytes
Desc: Message signed with OpenPGP
More information about the R-package-devel