How to connect to github with AWS CDK using codebuild?
I have the following github source:
const gitHubSource = cb.Source.gitHub({
owner: 'me',
repo: 'repo',
webhook: true,
OAuthToken: '',
webhookFilters: [
cb.FilterGroup
.inEventOf(cb.EventAction.PUSH, cb.EventAction.PULL_REQUEST_MERGED)
.andBranchIs('dev')
],
});
Here is the codebuild project:
new cb.Project(this, 'MyProject', {
environmentVariables: {
"BUCKET_NAME": { value: bucket.bucketName },
"CF_DIST_ID": { value: distribution.distributionId }
},
source: gitHubSource
});
It fails because its unable to find the oauth token:
10:49:45 | CREATE_FAILED | AWS::CodeBuild::Project |
MyProject39F7B0AE
Failed to call CreateWebhook, reason: Could not find access token for server type
github (Service: AWSCo
deBuild; Status Code: 400; Error Code: ResourceNotFoundException; Request ID:
99d1fd6d-bd2c-49b8-bbed-82
06636055b5; Proxy: null)
Reading the docs I dont find a way to pass oauth tokens to cb.Source.gitHub neither to cb.Project (cb stands for codebuild btw).
I already have a github connection in my aws account:
Is there some way to use this existing connection? if not, how can I pass the oauthtoken to codebuild or github source?
Codebuild uses your github personal access token to access github. You give Codebuild your token one time only. It's not added to each project:
CDK Docs: the credentials are global to a given account in a given region - they are not defined per CodeBuild project. CodeBuild only allows storing a single credential of a given type (GitHub, GitHub Enterprise or BitBucket) in a given account in a given region - any attempt to save more than one will result in an error. You can use the list-source-credentials AWS CLI operation to inspect what credentials are stored in your account.
You can use the CDK for the one-time credential adding step:
new codebuild.GitHubSourceCredentials(this, 'CodeBuildGitHubCreds', {
accessToken: SecretValue.secretsManager('my-token'),
});