CodePipeline 需要哪些 GitHub 权限才能使用存储库?
What GitHub permissions does CodePipeline need to work with a repository?
我注意到 AWS CodeBuild 只需要只读权限即可依赖 GitHub 存储库。 AWS CodePipeline 并没有没有实质性的错误。相反,存储库不会显示。
CodePipeline 需要什么权限才能使用 GitHub 存储库?
事实证明,与 AWS CodePipeline 一起使用的 GitHub 帐户需要完全管理员访问权限,CodePipeline 才能使用它。
或者,您可以提供仅具有 Public 在 CloudFormation 模板中读取的 Repo 的个人授权令牌。
在GitHub中设置并复制个人授权令牌
然后在您的 CloudFormation for CodePipeline
### Builds CI/CD pipeline Stages and Actions
Pipeline:
Type: AWS::CodePipeline::Pipeline
Properties:
ArtifactStore:
Type: S3
Location: !Join ["-", ["byu", !Ref "AWS::AccountId", !Ref "AWS::Region", "code-build-artifacts" ]]
#RoleArn: !Ref CodePipelineServiceRole
RoleArn: !Join ["",["arn:aws:iam::", !Ref "AWS::AccountId", ":role/CodePipelineServiceRole"]]
Stages:
### Defines Source repository via params
- Name: !Join ["-",["Source", !Ref GitHubBranch, !Ref GitHubRepository]]
Actions:
- InputArtifacts: []
Name: Source
ActionTypeId:
Category: Source
Owner: ThirdParty
Version: '1'
Provider: GitHub
OutputArtifacts:
- Name: MyApp
Configuration:
Owner: !Ref GitHubUser
Repo: !Ref GitHubRepository
Branch: !Ref GitHubBranch
OAuthToken: !Ref GitHubToken
RunOrder: 1
我们正在使用 !Ref 访问可通过 cli 传入的 CloudFormation 参数 - 这使我们无法在代码中获得访问密钥 :O
Parameters:
GitHubUser:
Type: String
Description: GitHub user name or organization name - whichever prepends the repo name
GitHubRepository:
Type: String
Description: GitHub repository name (not url)
GitHubBranch:
Type: String
Description: GitHub repository branch
GitHubToken:
Type: String
Description: GitHub personal-access-token - see
https://help.github.com/articles/creating-an-access-token-for-command-line-use/
GitHub 用户名是用户名或组织名称 - 以显示在您的存储库名称之前的那个为准。
我注意到 AWS CodeBuild 只需要只读权限即可依赖 GitHub 存储库。 AWS CodePipeline 并没有没有实质性的错误。相反,存储库不会显示。
CodePipeline 需要什么权限才能使用 GitHub 存储库?
事实证明,与 AWS CodePipeline 一起使用的 GitHub 帐户需要完全管理员访问权限,CodePipeline 才能使用它。
或者,您可以提供仅具有 Public 在 CloudFormation 模板中读取的 Repo 的个人授权令牌。
在GitHub中设置并复制个人授权令牌
然后在您的 CloudFormation for CodePipeline
### Builds CI/CD pipeline Stages and Actions
Pipeline:
Type: AWS::CodePipeline::Pipeline
Properties:
ArtifactStore:
Type: S3
Location: !Join ["-", ["byu", !Ref "AWS::AccountId", !Ref "AWS::Region", "code-build-artifacts" ]]
#RoleArn: !Ref CodePipelineServiceRole
RoleArn: !Join ["",["arn:aws:iam::", !Ref "AWS::AccountId", ":role/CodePipelineServiceRole"]]
Stages:
### Defines Source repository via params
- Name: !Join ["-",["Source", !Ref GitHubBranch, !Ref GitHubRepository]]
Actions:
- InputArtifacts: []
Name: Source
ActionTypeId:
Category: Source
Owner: ThirdParty
Version: '1'
Provider: GitHub
OutputArtifacts:
- Name: MyApp
Configuration:
Owner: !Ref GitHubUser
Repo: !Ref GitHubRepository
Branch: !Ref GitHubBranch
OAuthToken: !Ref GitHubToken
RunOrder: 1
我们正在使用 !Ref 访问可通过 cli 传入的 CloudFormation 参数 - 这使我们无法在代码中获得访问密钥 :O
Parameters:
GitHubUser:
Type: String
Description: GitHub user name or organization name - whichever prepends the repo name
GitHubRepository:
Type: String
Description: GitHub repository name (not url)
GitHubBranch:
Type: String
Description: GitHub repository branch
GitHubToken:
Type: String
Description: GitHub personal-access-token - see
https://help.github.com/articles/creating-an-access-token-for-command-line-use/
GitHub 用户名是用户名或组织名称 - 以显示在您的存储库名称之前的那个为准。