class aws_cdk.aws_codepipeline_actions.GitHubSourceAction(*, oauth_token, output, owner, repo, branch=None, trigger=None, action_name, run_order=None, variables_namespace=None)

Bases: Action

Source that is provided by a GitHub repository.




# Read the secret from Secrets Manager
pipeline = codepipeline.Pipeline(self, "MyPipeline")
source_output = codepipeline.Artifact()
source_action = codepipeline_actions.GitHubSourceAction(
  • oauth_token (SecretValue) – A GitHub OAuth token to use for authentication. It is recommended to use a Secrets Manager Secret to obtain the token: const oauth = cdk.SecretValue.secretsManager(‘my-github-token’); new GitHubSourceAction(this, ‘GitHubAction’, { oauthToken: oauth, … }); If you rotate the value in the Secret, you must also change at least one property of the CodePipeline to force CloudFormation to re-read the secret. The GitHub Personal Access Token should have these scopes: - repo - to read the repository - admin:repo_hook - if you plan to use webhooks (true by default)

  • output (Artifact) –

  • owner (str) – The GitHub account/user that owns the repo.

  • repo (str) – The name of the repo, without the username.

  • branch (Optional[str]) – The branch to use. Default: “master”

  • trigger (Optional[GitHubTrigger]) – How AWS CodePipeline should be triggered. With the default value “WEBHOOK”, a webhook is created in GitHub that triggers the action With “POLL”, CodePipeline periodically checks the source for changes With “None”, the action is not triggered through changes in the source To use WEBHOOK, your GitHub Personal Access Token should have admin:repo_hook scope (in addition to the regular repo scope). Default: GitHubTrigger.WEBHOOK

  • action_name (str) – The physical, human-readable name of the Action. Note that Action names must be unique within a single Stage.

  • run_order (Union[int, float, None]) – The runOrder property for this Action. RunOrder determines the relative order in which multiple Actions in the same Stage execute. Default: 1

  • variables_namespace (Optional[str]) – The name of the namespace to use for variables emitted by this action. Default: - a name will be generated, based on the stage and action names, if any of the action’s variables were referenced - otherwise, no namespace will be set


bind(scope, stage, *, bucket, role)

The callback invoked when this Action is added to a Pipeline.

Return type:


on_state_change(name, target=None, *, enabled=None, event_bus=None, schedule=None, targets=None, cross_stack_scope=None, description=None, event_pattern=None, rule_name=None)

Creates an Event that will be triggered whenever the state of this Action changes.

  • name (str) –

  • target (Optional[IRuleTarget]) –

  • enabled (Optional[bool]) – Indicates whether the rule is enabled. Default: true

  • event_bus (Optional[IEventBus]) – The event bus to associate with this rule. Default: - The default event bus.

  • schedule (Optional[Schedule]) – The schedule or rate (frequency) that determines when EventBridge runs the rule. You must specify this property, the eventPattern property, or both. For more information, see Schedule Expression Syntax for Rules in the Amazon EventBridge User Guide. Default: - None.

  • targets (Optional[Sequence[IRuleTarget]]) – Targets to invoke when this rule matches an event. Input will be the full matched event. If you wish to specify custom target input, use addTarget(target[, inputOptions]). Default: - No targets.

  • cross_stack_scope (Optional[Construct]) – The scope to use if the source of the rule and its target are in different Stacks (but in the same account & region). This helps dealing with cycles that often arise in these situations. Default: - none (the main scope will be used, even for cross-stack Events)

  • description (Optional[str]) – A description of the rule’s purpose. Default: - No description

  • event_pattern (Union[EventPattern, Dict[str, Any], None]) – Additional restrictions for the event to route to the specified target. The method that generates the rule probably imposes some type of event filtering. The filtering implied by what you pass here is added on top of that filtering. Default: - No additional filtering based on an event pattern.

  • rule_name (Optional[str]) – A name for the rule. Default: AWS CloudFormation generates a unique physical ID.

Return type:




The simple properties of the Action, like its Owner, name, etc.

Note that this accessor will be called before the bind callback.


The variables emitted by this action.