Sets Github token type to plaintext

pm-trey commented 1 year ago

what

Adds github_token_type for codebuild module

why

Codebuild module defaults to parameter store, so passing a plaintext token to both CodePipeline and Codebuild fails

references

Closes #107

goruha commented 1 year ago

@pm-trey Hello. Thanks for your contribution.

Can we make github_token_type as a variable with the default value of PLAINTEXT?

Does it make sense to have github_token_type PARAMETER_STORE in some usecases?

goruha commented 1 year ago

/test all

goruha commented 1 year ago

/test all

pm-trey commented 1 year ago

@goruha We can, but there will be a bit more modification needed since the Codepipeline resource is expecting a plaintext value.

action {
      name             = "Source"
      category         = "Source"
      owner            = "ThirdParty"
      provider         = "GitHub"
      version          = "1"
      output_artifacts = ["code"]

      configuration = {
        OAuthToken           = var.github_oauth_token
        Owner                = var.repo_owner
        Repo                 = var.repo_name
        Branch               = var.branch
        PollForSourceChanges = var.poll_source_changes
      }
    }

I will add the ability for the token to be pulled from Parameter Store or Secrets Manager if those types are provided. That will allow the downstream codebuild module to work while providing a plaintext value to codepipeline Github source.

max-lobur commented 1 year ago

/terratest

cloudposse / terraform-aws-cicd

Sets Github token type to plaintext #108

what

why

references