search

PIFSCstockassessments / ss3diags

R package with advanced diagnostics to evaluate a Stock Synthesis model. Diagnostics include residual analyses, hindcasting and cross-validation techniques, and retrospective analyses.
http://pifscstockassessments.github.io/ss3diags/
2 stars 4 forks source link

r4ss 1.50.0 dependency (patch to r4ss 1.49.3 for compat) #109

Closed efletcherPIFSC closed 1 week ago

efletcherPIFSC commented 2 weeks ago

r4ss 1.50.0 introduces a major changes to its read/write functions, but breaks compatibility with existing ss3diags functions.

https://github.com/r4ss/r4ss/releases/tag/v1.50.0

For the short term, configure/patch r4ss dependences to 1.49.3 to maintain compatibility.

For the next major update, configure ss3diags with r4ss 1.50.0 dependency

efletcherPIFSC commented 1 week ago

@iantaylor-NOAA @e-perl-NOAA @MOshima-PIFSC

Updated dependencies to r4ss/r4ss@v1.49.3, however tests scripts ran into SAML Auth access issues when r4ss calls the stock-synthesis executable to https://github.com/nmfs-ost/ss3-source-code

Summary of 00check.log

* checking for unstated dependencies in 'tests' ... OK
* checking tests ... ERROR
  Running 'testthat.R'
Running the tests in 'tests/testthat.R' failed.
Last 13 lines of output:
  Initiating curl with CURL_SSL_BACKEND: openssl
  Error in `gh::gh()`:
  ! GitHub API error (403): Resource protected by organization SAML
    enforcement. You must grant your OAuth token access to this organization.
  ℹ Read more at
    <https://docs.github.com/articles/authenticating-to-a-github-organization-with-saml-single-sign-on/>
  Backtrace:
      ▆
   1. └─r4ss::get_ss3_exe(dir = run_tmp, version = "v3.30.21")
   2.   └─gh::gh("GET /repos/nmfs-ost/ss3-source-code/tags")
   3.     └─gh:::gh_make_request(req)
   4.       └─gh:::gh_error(resp, gh_req = x, error_call = error_call)
   5.         └─cli::cli_abort(...)
   6.           └─rlang::abort(...)
  Execution halted
* checking for non-standard things in the check directory ... OK
* checking for detritus in the temp directory ... OK
* DONE
Status: 1 ERROR, 2 NOTEs
e-perl-NOAA commented 1 week ago

Are you running these tests locally? If so on what type of operating system?

efletcherPIFSC commented 1 week ago

@e-perl-NOAA

I am using Rstudio's r package checker on Windows locally.

e-perl-NOAA commented 1 week ago

Hmmm, odd. Maybe you just need to redo your git credentials git config --global user.name "YOUR_USERNAME" and git config --global user.email "YOUR_EMAIL".

e-perl-NOAA commented 1 week ago

Also, I don't know how you have downloaded r4ss but I have had much more success using devtools or remotes::install_github("r4ss/r4ss") than pak

efletcherPIFSC commented 1 week ago

@e-perl-NOAA It may be a access issue on my end. @MOshima-PIFSC performed the same R package check w/ ss3diags with no SAML auth access errors. I checked my git config, and it is configured to my github user name and the email address.

I removed previous instances of r4ss, and downloaded the ver 1.49.3 via remotes::install_github("r4ss/r4ss@v1.49.3").

efletcherPIFSC commented 1 week ago

@e-perl-NOAA @MOshima-PIFSC Related Issue to r4ss/r4ss#927 and probable fix

Attempted fix, updated curl 6.0.0, OpenSSL version is a later version documented, and remotes::install_github("tidyverse/dplyr"), but had same SAML oauth error

> curl::curl_version()$ssl_version
[1] "OpenSSL/3.4.0 (Schannel)"
e-perl-NOAA commented 1 week ago

Okay, so this isn't the only thing that is showing this error. Another r package that is in the nmfs-ost organization is also causing this error to pop up so this is definitely an issue on the GitHub side of things and not on the package side of things. I'm currently posing the problem to the github governance team members to see if we can better identify the problem and find a fix.

e-perl-NOAA commented 1 week ago

Okay, after much deliberation in the GGT google chat, I'm pretty sure we have identified the problem with both remotes (which is generally causing package installation issues) and gh (which is causing the issue here). Both of these look for a PAT (token) which was likely configured at some point, and it uses that by default even for public repositories. There seems to be something about enterprise github that uses single sign on tokens in particular that causes issues in these packages. There may be a way for me to not use the gh package to get what is needed from the GitHub api which might solve your issue (though I'm not 100% positive and it would take a lot of work, it also wouldn't be in the version of r4ss you are trying to use). A guaranteed solution (though maybe not one that you want to use if you use tokens in your workflow for other things) is to delete the token by doing the following

usethis::edit_r_environ()
gitcreds::gitcreds_delete()

Then you should be able to run the test (and download packages using remotes) with no problem.

If you need your tokens and can't delete them, I can work on trying a way to get the info from the GitHub api for the function without using gh. As for downloading packages, using pak instead of remotes has worked for some to get around this issue when downloading r packages from GitHub.

e-perl-NOAA commented 1 week ago

I created an issue on the gh github page. Eli also created a similar issue on the remotes page

efletcherPIFSC commented 1 week ago

@e-perl-NOAA Thank you for investigating the issue. I am hesitant to remove my PAT to resolve this issue, but the resolution found r-lib/gh#216 may help.

Solutions

ss3diags test scripts relies on r4ss::get_ss3_exe to obtain the stock synthesis binary from nfms-ost/ss3-source-code. To implement the fixes from r-lib/gh#216 :

  1. Patch r4ss (1.50.0 and 1.49.3) with the gh token fix. r4ss/r4ss#979
    • Note: token fix will be implemented for will r4ss 1.50.0+ versions
  2. R script based on r4ss::get_ss3_exe for ss3diags with gh token fixes to get ss3 binary from nmfs-ost repo #110
  3. ~Fix in Test script~