aws-cdk-lib.aws_codepipeline_actions.GitHubSourceActionProps

interface GitHubSourceActionProps

LanguageType name
.NETAmazon.CDK.AWS.CodePipeline.Actions.GitHubSourceActionProps
Gogithub.com/aws/aws-cdk-go/awscdk/v2/awscodepipelineactions#GitHubSourceActionProps
Javasoftware.amazon.awscdk.services.codepipeline.actions.GitHubSourceActionProps
Pythonaws_cdk.aws_codepipeline_actions.GitHubSourceActionProps
TypeScript (source)aws-cdk-lib » aws_codepipeline_actions » GitHubSourceActionProps

Construction properties of the GitHubSourceAction GitHub source action.

Example

// Read the secret from Secrets Manager
const pipeline = new codepipeline.Pipeline(this, 'MyPipeline');
const sourceOutput = new codepipeline.Artifact();
const sourceAction = new codepipeline_actions.GitHubSourceAction({
  actionName: 'GitHub_Source',
  owner: 'awslabs',
  repo: 'aws-cdk',
  oauthToken: SecretValue.secretsManager('my-github-token'),
  output: sourceOutput,
  branch: 'develop', // default: 'master'
});
pipeline.addStage({
  stageName: 'Source',
  actions: [sourceAction],
});

Properties

NameTypeDescription
actionNamestringThe physical, human-readable name of the Action.
oauthTokenSecretValueA GitHub OAuth token to use for authentication.
outputArtifact
ownerstringThe GitHub account/user that owns the repo.
repostringThe name of the repo, without the username.
branch?stringThe branch to use.
runOrder?numberThe runOrder property for this Action.
trigger?GitHubTriggerHow AWS CodePipeline should be triggered.
variablesNamespace?stringThe name of the namespace to use for variables emitted by this action.

actionName

Type: string

The physical, human-readable name of the Action.

Note that Action names must be unique within a single Stage.


oauthToken

Type: SecretValue

A GitHub OAuth token to use for authentication.

It is recommended to use a Secrets Manager Secret to obtain the token:

const oauth = cdk.SecretValue.secretsManager('my-github-token'); new GitHubSourceAction(this, 'GitHubAction', { oauthToken: oauth, ... });

If you rotate the value in the Secret, you must also change at least one property of the CodePipeline to force CloudFormation to re-read the secret.

The GitHub Personal Access Token should have these scopes:

  • repo - to read the repository
  • admin:repo_hook - if you plan to use webhooks (true by default)

See also: https://docs.aws.amazon.com/codepipeline/latest/userguide/appendix-github-oauth.html#GitHub-create-personal-token-CLI


output

Type: Artifact


owner

Type: string

The GitHub account/user that owns the repo.


repo

Type: string

The name of the repo, without the username.


branch?

Type: string (optional, default: "master")

The branch to use.


runOrder?

Type: number (optional, default: 1)

The runOrder property for this Action.

RunOrder determines the relative order in which multiple Actions in the same Stage execute.

See also: https://docs.aws.amazon.com/codepipeline/latest/userguide/reference-pipeline-structure.html


trigger?

Type: GitHubTrigger (optional, default: GitHubTrigger.WEBHOOK)

How AWS CodePipeline should be triggered.

With the default value "WEBHOOK", a webhook is created in GitHub that triggers the action With "POLL", CodePipeline periodically checks the source for changes With "None", the action is not triggered through changes in the source

To use WEBHOOK, your GitHub Personal Access Token should have admin:repo_hook scope (in addition to the regular repo scope).


variablesNamespace?

Type: string (optional, default: a name will be generated, based on the stage and action names, if any of the action's variables were referenced - otherwise, no namespace will be set)

The name of the namespace to use for variables emitted by this action.