aws-cdk icon indicating copy to clipboard operation
aws-cdk copied to clipboard
verified publisher icon aws

aws-cdk-lib/pipelines: CodePipelineSource.github documentation evokes questions

Open papiro opened this issue 3 years ago • 4 comments

Describe the issue

CodePipelineSource.gitHub says "This is no longer the recommended method." but why not?

I tracked down the comment in question to this PR and specifically to this commit.

The odd thing is that the comment was added with the wording as such at the time the feature was being added. But the wording seems to imply that at one point the method was the recommended method, but the method didn't exist before the PR which introduced both it and the comment.

I am wondering why it wouldn't be a good idea to use this method, seeing as I am already using the GitHubSourceAction in one of my stacks and it is using the owner/repo/branch with the oauthToken as a SecretValue?

Links

https://github.com/aws/aws-cdk/blob/main/packages/%40aws-cdk/pipelines/lib/codepipeline/codepipeline-source.ts#L24

papiro avatar Dec 06 '22 05:12 papiro

This is a recommendation from CodePipeline - see this page for more info. We should expand upon this in our own docs, so thank you for bringing this up 🙂

peterwoodworth avatar Dec 06 '22 23:12 peterwoodworth

Hmmm, haven't seen this before! In my app, I am using CDK version 2 and I have this import:

import { GitHubSourceAction } from "aws-cdk-lib/aws-codepipeline-actions";

But that construct has owner, branch, etc as required properties. ~~Where is the construct which is mentioned in the docs above?~~ I see that the "version 2" of the GithubSourceAction is actually the CodeStarConnectionsSourceAction. Is that correct? It seems odd to call the first "version 1" and the second "version 2".

Edit: Also I wonder if the recommendation might not be as strong now that Github has fine-grained personal access tokens?

Edit: After digging into this, it looks like in order to create a CodeStarConnection, you are forced to create a CodeStarProject. If this is the case then I don't see how the connection can be the preferred method to connect to an existing github repo, like in the case of a bespoke code pipeline or cdk pipeline. Creation of the CodeStarProject ends up creating a repo for you, from what I can tell, which is too heavy-handed of a solution.

papiro avatar Dec 07 '22 02:12 papiro

Yes, CodePipeline's v1 matches with GithubSourceAction while v2 matches with CodeStarConnectionsSourceAction. This is CodePipeline's way of referring to these functionalities, I don't know if I agree with it either

You shouldn't be forced to create a project. You should be able to go to the codesuite console (CodeBuild, CodePipeline, etc) and go to settings -> connections to create a connection without any other setup other than what's necessary to link AWS with GitHub

Screen Shot 2022-12-07 at 1 44 28 PM

peterwoodworth avatar Dec 07 '22 21:12 peterwoodworth

oh jeez... definitely never noticed that before! Sorry about the fuss above. I was quite confused.

papiro avatar Dec 08 '22 03:12 papiro

is this closed or Should I Take and work on it? @papiro

kambleaa007 avatar Jul 17 '25 11:07 kambleaa007

is this closed or Should I Take and work on it? @papiro

I think it's just a matter of seeing if that comment is still there and figuring out why from a technical perspective it isn't the preferred way and providing the alternative way.

papiro avatar Jul 17 '25 15:07 papiro