aws-cli icon indicating copy to clipboard operation
aws-cli copied to clipboard

Published 20 hours ago verified publisher icon aws

Support Automated Management of CodeStar Connections for GitHub Apps

Open jackson-theisen opened this issue 2 years ago • 7 comments

Describe the feature

Note: This request pertains specifically to the GitHub provider type, but may be applicable for other supported types.

The current process for creating a connection to GitHub supports programmatic creation of a connection resource. If the connection is created programmatically (AWS CLI, CloudFormation, Terraform, etc.), it is automatically left in a PENDING state. To complete a PENDING connection, you must use the console. Using the console does make sense for the initial one-time authorization and handshake to the provider for creating installations. If the AWS Connector for GitHub App already exists, I would like the ability to programmatically create my connections in an Available state. This could be achieved by supporting an argument for the GitHub App ID. To reap the benefits of this feature, we will also need a way to query GitHub App IDs for a given account/region.

Use Case

In the context of a large, multi-account, environment where everything is managed in code within the same GitHub organization, it is extremely painful to have a required manual step to visit the console and complete a connection. I understand the need for this manual step during the initial one-time installation of AWS Connector for GitHub app, but subsequent connections should not require the manual step if they plan to leverage the existing app (at the time of writing, only one AWS Connector may exist per GitHub Organization). This pain point is further exacerbated by the fact that your standard developer more than likely does not have the proper permissions to perform the connection completion (both on the AWS and GitHub side).

Proposed Solution

The API should support the ability to query for the existence of (and return their IDs if true) GitHub Apps which are already installed and configured. This would allow someone to determine whether creating a connection will require manual steps from an admin to complete the initialization. Furthermore, the creation of a connection for the GitHub App could support an argument that allows you to specify an existing GitHub App ID. This would result in connections being created in the Available state right out of the box.

Other Information

No response

Acknowledgements

  • [ ] I may be able to implement this feature request
  • [ ] This feature might incur a breaking change

CLI version used

aws-cli/2.5.4 Python/3.9.12

Environment details (OS name and version, etc.)

Ubuntu >=20.04, AL2, macOS Monterey >=12.3

jackson-theisen avatar May 02 '22 23:05 jackson-theisen