Support AWS CodeBuild using CodeStar Connection #40191
Open
+316
−70
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Community NoteVoting for Prioritization
For Submitters
|
github-actions
bot
added
documentation
AP-Hunt
added a commit
to AP-Hunt/terraform-provider-aws
that referenced
this pull request
Nov 19, 2024
AP-Hunt
added a commit
to AP-Hunt/terraform-provider-aws
that referenced
this pull request
Nov 19, 2024
AP-Hunt
force-pushed
the
f_support-codebuild-using-codestar-connection
branch
from
e5900a7 to
05c88f2
Compare
AP-Hunt
added a commit
to AP-Hunt/terraform-provider-aws
that referenced
this pull request
Nov 19, 2024
AP-Hunt
force-pushed
the
f_support-codebuild-using-codestar-connection
branch
from
05c88f2 to
aa149b6
Compare
AP-Hunt
added a commit
to AP-Hunt/terraform-provider-aws
that referenced
this pull request
Nov 19, 2024
AP-Hunt
force-pushed
the
f_support-codebuild-using-codestar-connection
branch
from
aa149b6 to
239ad38
Compare
AP-Hunt
added a commit
to AP-Hunt/terraform-provider-aws
that referenced
this pull request
Nov 20, 2024
AP-Hunt
force-pushed
the
f_support-codebuild-using-codestar-connection
branch
from
239ad38 to
fb1a0d5
Compare
justinretzolk
added
enhancement
|
@AP-Hunt I think you forgot to add something like below in tfMap["auth"] = flattenSourceAuth(apiObject.Auth)and func flattenSourceAuth(apiObject *types.SourceAuth) []interface{} {
if apiObject == nil {
return []interface{}{}
}
tfMap := map[string]interface{}{
names.AttrType: apiObject.Type,
"resource": aws.ToString(apiObject.Resource),
}
return []interface{}{tfMap}
}Now the state remains empty and re-applying will see a new change. @justinretzolk @ewbankkit How can we proceed with this? Especially considering that creating a CodeConnection requires manual action and is difficult to include in the acceptance tests. I'm not sure how to handle this properly. It would be very useful to see this merged soon (see also the upvotes on the original issue). Thanks in advance! |
In August 2024, Amazon announced that AWS CodeBuild now supported using the same GitHub app to access source code in CodeBuild as is used in CodePipeline.[1] This commit adds an optional "auth" block to "source" and "secondary_source" blocks in the aws_codebuild_project resource. That configuration, if present, is translated into the "auth" property of the CreateProject API call.[2] [1] https://aws.amazon.com/about-aws/whats-new/2024/08/aws-codebuild-github-apps-access-source-repositories/ [2] https://docs.aws.amazon.com/codebuild/latest/APIReference/API_ProjectSource.html#CodeBuild-Type-ProjectSource-auth
…credential The code already supported this, but it wasn't documented.
AP-Hunt
force-pushed
the
f_support-codebuild-using-codestar-connection
branch
from
fb1a0d5 to
10a7fe7
Compare
|
@lvthillo Good catch, thanks for that. I've added it and amended the relevant commit. |
|
The It doesn't appear I can re-trigger the job myself, so I think a maintainer will need to do that? |
|
For anyone wanting to create a GitHub Actions runner in AWS CodeBuild before this PR gets merged, you can create source {
type = "GITHUB"
location = "https://github.com/my/repo"
}
lifecycle {
ignore_changes = [source]
}After Terraform runs, you can modify the project to use the source_json="$(jq \
-rcn \
--arg "codeconnection_arn" "${CODECONNECTION_ARN}" \
'{"type": "GITHUB", "location": "https://github.com/my/repo", "auth": {"type": "CODECONNECTIONS", "resource": $codeconnection_arn}}'
)"
aws codebuild update-project \
--name "codebuild_project" \
--source "${source_json}" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
In August 2024, Amazon announced that AWS CodeBuild now supported using the same GitHub app to access source code in CodeBuild as is used in CodePipeline [1].
This PR adds additional configuration options to the
aws_codebuild_projectresource which get translated into the relevant part of theCreateProjectaction in the CodeBuild API [2].It also updates the documentation for the
aws_codebuild_source_credentialresource to include theCODECONNECTIONStype, which the provider already supported but wasn't documented.I haven't included any additional tests in this change because it's targeting AWS CodeStar Connections, which require a human in the loop to set up. I hope a maintainer can say whether they're happy with this decision, or can suggest a useful test to include.
Relations
Closes #39011
References
[1] https://aws.amazon.com/about-aws/whats-new/2024/08/aws-codebuild-github-apps-access-source-repositories/
[2] https://docs.aws.amazon.com/codebuild/latest/APIReference/API_ProjectSource.html#CodeBuild-Type-ProjectSource-auth
Output from Acceptance Testing
I haven't run the acceptance tests because I'm adding new, optional code branches which the acceptance tests don't cover. It shouldn't have any impact on them.