GitHubSourceActionProps

class aws_cdk.aws_codepipeline_actions.GitHubSourceActionProps(*, action_name, run_order=None, variables_namespace=None, oauth_token, output, owner, repo, branch=None, trigger=None)

Bases: CommonActionProps

Construction properties of the GitHubSourceAction GitHub source action.

Parameters:

  • action_name (str) – The physical, human-readable name of the Action. Note that Action names must be unique within a single Stage.

  • run_order (Union[int, float, None]) – The runOrder property for this Action. RunOrder determines the relative order in which multiple Actions in the same Stage execute. Default: 1

  • variables_namespace (Optional[str]) – The name of the namespace to use for variables emitted by this action. Default: - a name will be generated, based on the stage and action names, if any of the action’s variables were referenced - otherwise, no namespace will be set

  • oauth_token (SecretValue) – A GitHub OAuth token to use for authentication. It is recommended to use a Secrets Manager Secret to obtain the token: const oauth = cdk.SecretValue.secretsManager(‘my-github-token’); new GitHubSourceAction(this, ‘GitHubAction’, { oauthToken: oauth, … }); If you rotate the value in the Secret, you must also change at least one property of the CodePipeline to force CloudFormation to re-read the secret. The GitHub Personal Access Token should have these scopes: - repo - to read the repository - admin:repo_hook - if you plan to use webhooks (true by default)

  • output (Artifact) –

  • owner (str) – The GitHub account/user that owns the repo.

  • repo (str) – The name of the repo, without the username.

  • branch (Optional[str]) – The branch to use. Default: “master”

  • trigger (Optional[GitHubTrigger]) – How AWS CodePipeline should be triggered. With the default value “WEBHOOK”, a webhook is created in GitHub that triggers the action With “POLL”, CodePipeline periodically checks the source for changes With “None”, the action is not triggered through changes in the source To use WEBHOOK, your GitHub Personal Access Token should have admin:repo_hook scope (in addition to the regular repo scope). Default: GitHubTrigger.WEBHOOK

ExampleMetadata:

infused

Example:

# Read the secret from Secrets Manager
pipeline = codepipeline.Pipeline(self, "MyPipeline")
source_output = codepipeline.Artifact()
source_action = codepipeline_actions.GitHubSourceAction(
    action_name="GitHub_Source",
    owner="awslabs",
    repo="aws-cdk",
    oauth_token=SecretValue.secrets_manager("my-github-token"),
    output=source_output,
    branch="develop"
)
pipeline.add_stage(
    stage_name="Source",
    actions=[source_action]
)

Attributes

action_name

The physical, human-readable name of the Action.

Note that Action names must be unique within a single Stage.

branch

The branch to use.

Default:

“master”

oauth_token

A GitHub OAuth token to use for authentication.

It is recommended to use a Secrets Manager Secret to obtain the token:

const oauth = cdk.SecretValue.secretsManager(‘my-github-token’); new GitHubSourceAction(this, ‘GitHubAction’, { oauthToken: oauth, … });

If you rotate the value in the Secret, you must also change at least one property of the CodePipeline to force CloudFormation to re-read the secret.

The GitHub Personal Access Token should have these scopes:

  • repo - to read the repository

  • admin:repo_hook - if you plan to use webhooks (true by default)

See:

https://docs.aws.amazon.com/codepipeline/latest/userguide/appendix-github-oauth.html#GitHub-create-personal-token-CLI

output
owner

The GitHub account/user that owns the repo.

repo

The name of the repo, without the username.

run_order

The runOrder property for this Action.

RunOrder determines the relative order in which multiple Actions in the same Stage execute.

Default:

1

See:

https://docs.aws.amazon.com/codepipeline/latest/userguide/reference-pipeline-structure.html

trigger

How AWS CodePipeline should be triggered.

With the default value “WEBHOOK”, a webhook is created in GitHub that triggers the action With “POLL”, CodePipeline periodically checks the source for changes With “None”, the action is not triggered through changes in the source

To use WEBHOOK, your GitHub Personal Access Token should have admin:repo_hook scope (in addition to the regular repo scope).

Default:

GitHubTrigger.WEBHOOK

variables_namespace

The name of the namespace to use for variables emitted by this action.

Default:

  • a name will be generated, based on the stage and action names,

if any of the action’s variables were referenced - otherwise, no namespace will be set