From 26c83e72b7a4888ef1e413f17227d0c8782eff26 Mon Sep 17 00:00:00 2001 From: Adam Ruka Date: Fri, 13 Mar 2020 15:31:52 -0700 Subject: [PATCH 1/2] feat(codebuild): Version 1.0 of the source credentials (in the Source classes). --- packages/@aws-cdk/aws-codebuild/lib/source.ts | 98 +++++++++++- .../aws-codebuild/test/test.project.ts | 150 +++++++++++++----- 2 files changed, 203 insertions(+), 45 deletions(-) diff --git a/packages/@aws-cdk/aws-codebuild/lib/source.ts b/packages/@aws-cdk/aws-codebuild/lib/source.ts index 8c077771cf417..dbaade83a62b7 100644 --- a/packages/@aws-cdk/aws-codebuild/lib/source.ts +++ b/packages/@aws-cdk/aws-codebuild/lib/source.ts @@ -1,8 +1,8 @@ import * as codecommit from '@aws-cdk/aws-codecommit'; import * as iam from '@aws-cdk/aws-iam'; import * as s3 from '@aws-cdk/aws-s3'; -import { Construct } from '@aws-cdk/core'; -import { CfnProject } from './codebuild.generated'; +import { Construct, SecretValue } from '@aws-cdk/core'; +import { CfnProject, CfnSourceCredential } from './codebuild.generated'; import { IProject } from './project'; import { BITBUCKET_SOURCE_TYPE, @@ -586,6 +586,17 @@ export interface GitHubSourceProps extends ThirdPartyGitSourceProps { * @example 'aws-cdk' */ readonly repo: string; + + /** + * The personal access token to use when contacting the GitHub API. + * + * **Note**: CodeBuild only allows a single personal access token for GitHub + * to be saved in a given AWS account in a given region - + * any attempt to add more than one will result in an error. + * + * @default - no personal access token will be used + */ + readonly accessToken?: SecretValue; } /** @@ -594,14 +605,26 @@ export interface GitHubSourceProps extends ThirdPartyGitSourceProps { class GitHubSource extends ThirdPartyGitSource { public readonly type = GITHUB_SOURCE_TYPE; private readonly httpsCloneUrl: string; + private readonly accessToken?: SecretValue; constructor(props: GitHubSourceProps) { super(props); + this.httpsCloneUrl = `https://github.com/${props.owner}/${props.repo}.git`; + this.accessToken = props.accessToken; } - public bind(_scope: Construct, project: IProject): SourceConfig { - const superConfig = super.bind(_scope, project); + public bind(scope: Construct, project: IProject): SourceConfig { + // add the SourceCredential resource + if (this.accessToken) { + new CfnSourceCredential(scope, 'GitHubEnterpriseSourceCredential', { + serverType: 'GITHUB', + authType: 'PERSONAL_ACCESS_TOKEN', + token: this.accessToken.toString(), + }); + } + + const superConfig = super.bind(scope, project); return { sourceProperty: { ...superConfig.sourceProperty, @@ -628,6 +651,17 @@ export interface GitHubEnterpriseSourceProps extends ThirdPartyGitSourceProps { * @default false */ readonly ignoreSslErrors?: boolean; + + /** + * The personal access token to use when contacting the instance of the GitHub Enterprise API. + * + * **Note**: CodeBuild only allows a single personal access token for GitHub Enterprise + * to be saved in a given AWS account in a given region - + * any attempt to add more than one will result in an error. + * + * @default - no personal access token will be used + */ + readonly accessToken?: SecretValue; } /** @@ -637,15 +671,27 @@ class GitHubEnterpriseSource extends ThirdPartyGitSource { public readonly type = GITHUB_ENTERPRISE_SOURCE_TYPE; private readonly httpsCloneUrl: string; private readonly ignoreSslErrors?: boolean; + private readonly accessToken?: SecretValue; constructor(props: GitHubEnterpriseSourceProps) { super(props); + this.httpsCloneUrl = props.httpsCloneUrl; this.ignoreSslErrors = props.ignoreSslErrors; + this.accessToken = props.accessToken; } - public bind(_scope: Construct, _project: IProject): SourceConfig { - const superConfig = super.bind(_scope, _project); + public bind(scope: Construct, _project: IProject): SourceConfig { + // add the SourceCredential resource + if (this.accessToken) { + new CfnSourceCredential(scope, 'GitHubEnterpriseSourceCredential', { + serverType: 'GITHUB_ENTERPRISE', + authType: 'PERSONAL_ACCESS_TOKEN', + token: this.accessToken.toString(), + }); + } + + const superConfig = super.bind(scope, _project); return { sourceProperty: { ...superConfig.sourceProperty, @@ -658,6 +704,18 @@ class GitHubEnterpriseSource extends ThirdPartyGitSource { } } +/** + * The BitBucket source credentials provided in the + * {@link BitBucketSourceProps.credentials} property. + */ +export interface BitBucketSourceCredentials { + /** Your BitBucket username. */ + readonly username: SecretValue; + + /** Your BitBucket application password. */ + readonly password: SecretValue; +} + /** * Construction properties for {@link BitBucketSource}. */ @@ -675,6 +733,17 @@ export interface BitBucketSourceProps extends ThirdPartyGitSourceProps { * @example 'aws-cdk' */ readonly repo: string; + + /** + * The source credentials used when contacting the BitBucket API. + * + * **Note**: CodeBuild only allows a single credential for BitBucket + * to be saved in a given AWS account in a given region - + * any attempt to add more than one will result in an error. + * + * @default - no credentials will be used + */ + readonly credentials?: BitBucketSourceCredentials; } /** @@ -683,13 +752,16 @@ export interface BitBucketSourceProps extends ThirdPartyGitSourceProps { class BitBucketSource extends ThirdPartyGitSource { public readonly type = BITBUCKET_SOURCE_TYPE; private readonly httpsCloneUrl: any; + private readonly credentials?: BitBucketSourceCredentials; constructor(props: BitBucketSourceProps) { super(props); + this.httpsCloneUrl = `https://bitbucket.org/${props.owner}/${props.repo}.git`; + this.credentials = props.credentials; } - public bind(_scope: Construct, _project: IProject): SourceConfig { + public bind(scope: Construct, _project: IProject): SourceConfig { // BitBucket sources don't support the PULL_REQUEST_REOPENED event action if (this.anyWebhookFilterContainsPrReopenedEventAction()) { throw new Error('BitBucket sources do not support the PULL_REQUEST_REOPENED webhook event action'); @@ -700,7 +772,17 @@ class BitBucketSource extends ThirdPartyGitSource { throw new Error('BitBucket sources do not support file path conditions for webhook filters'); } - const superConfig = super.bind(_scope, _project); + // add the SourceCredential resource + if (this.credentials) { + new CfnSourceCredential(scope, 'BitBucketSourceCredential', { + serverType: 'BITBUCKET', + authType: 'BASIC_AUTH', + username: this.credentials.username.toString(), + token: this.credentials.password.toString(), + }); + } + + const superConfig = super.bind(scope, _project); return { sourceProperty: { ...superConfig.sourceProperty, diff --git a/packages/@aws-cdk/aws-codebuild/test/test.project.ts b/packages/@aws-cdk/aws-codebuild/test/test.project.ts index 7aa22faf2d3f6..a7e27d9d9ce38 100644 --- a/packages/@aws-cdk/aws-codebuild/test/test.project.ts +++ b/packages/@aws-cdk/aws-codebuild/test/test.project.ts @@ -124,26 +124,6 @@ export = { test.done(); }, - 'can set the SourceVersion for a gitHubEnterprise'(test: Test) { - // GIVEN - const stack = new cdk.Stack(); - - // WHEN - new codebuild.Project(stack, 'Project', { - source: codebuild.Source.gitHubEnterprise({ - httpsCloneUrl: 'https://mygithub-enterprise.com/myuser/myrepo', - branchOrRef: 'testbranch', - }) - }); - - // THEN - expect(stack).to(haveResource('AWS::CodeBuild::Project', { - SourceVersion: 'testbranch', - })); - - test.done(); - }, - 'can explicitly set reportBuildStatus to false'(test: Test) { // GIVEN const stack = new cdk.Stack(); @@ -205,27 +185,123 @@ export = { test.done(); }, + + 'can provide credentials to use with the source'(test: Test) { + // GIVEN + const stack = new cdk.Stack(); + + // WHEN + new codebuild.Project(stack, 'Project', { + source: codebuild.Source.gitHub({ + owner: 'testowner', + repo: 'testrepo', + accessToken: cdk.SecretValue.plainText('my-access-token'), + }), + }); + + // THEN + expect(stack).to(haveResource('AWS::CodeBuild::SourceCredential', { + "ServerType": "GITHUB", + "AuthType": "PERSONAL_ACCESS_TOKEN", + "Token": "my-access-token", + })); + + test.done(); + }, }, - 'project with bitbucket and SourceVersion'(test: Test) { - // GIVEN - const stack = new cdk.Stack(); + 'GitHub Enterprise source': { + 'can use branchOrRef to set the source version'(test: Test) { + // GIVEN + const stack = new cdk.Stack(); - // WHEN - new codebuild.Project(stack, 'Project', { - source: codebuild.Source.bitBucket({ - owner: 'testowner', - repo: 'testrepo', - branchOrRef: 'testbranch', - }) - }); + // WHEN + new codebuild.Project(stack, 'Project', { + source: codebuild.Source.gitHubEnterprise({ + httpsCloneUrl: 'https://mygithub-enterprise.com/myuser/myrepo', + branchOrRef: 'testbranch', + }), + }); - // THEN - expect(stack).to(haveResource('AWS::CodeBuild::Project', { - SourceVersion: 'testbranch', - })); + // THEN + expect(stack).to(haveResource('AWS::CodeBuild::Project', { + SourceVersion: 'testbranch', + })); - test.done(); + test.done(); + }, + + 'can provide credentials to use with the source'(test: Test) { + // GIVEN + const stack = new cdk.Stack(); + + // WHEN + new codebuild.Project(stack, 'Project', { + source: codebuild.Source.gitHubEnterprise({ + httpsCloneUrl: 'https://mygithub-enterprise.com/myuser/myrepo', + accessToken: cdk.SecretValue.plainText('my-access-token'), + }), + }); + + // THEN + expect(stack).to(haveResource('AWS::CodeBuild::SourceCredential', { + "ServerType": "GITHUB_ENTERPRISE", + "AuthType": "PERSONAL_ACCESS_TOKEN", + "Token": "my-access-token", + })); + + test.done(); + }, + }, + + 'BitBucket source': { + 'can use branchOrRef to set the source version'(test: Test) { + // GIVEN + const stack = new cdk.Stack(); + + // WHEN + new codebuild.Project(stack, 'Project', { + source: codebuild.Source.bitBucket({ + owner: 'testowner', + repo: 'testrepo', + branchOrRef: 'testbranch', + }) + }); + + // THEN + expect(stack).to(haveResource('AWS::CodeBuild::Project', { + SourceVersion: 'testbranch', + })); + + test.done(); + }, + + 'can provide credentials to use with the source'(test: Test) { + // GIVEN + const stack = new cdk.Stack(); + + // WHEN + new codebuild.Project(stack, 'Project', { + source: codebuild.Source.bitBucket({ + owner: 'testowner', + repo: 'testrepo', + credentials: { + username: cdk.SecretValue.plainText('my-username'), + password: cdk.SecretValue.plainText('password'), + }, + }), + }); + + // THEN + expect(stack).to(haveResource('AWS::CodeBuild::SourceCredential', { + "ServerType": "BITBUCKET", + "AuthType": "BASIC_AUTH", + "Username": "my-username", + "Token": "password", + })); + + test.done(); + }, }, 'project with s3 cache bucket'(test: Test) { @@ -433,4 +509,4 @@ export = { test.done(); } -}; \ No newline at end of file +}; From 36cb9acb4e134566e6d824a3e57708fbdabb14b7 Mon Sep 17 00:00:00 2001 From: Adam Ruka Date: Fri, 13 Mar 2020 16:48:40 -0700 Subject: [PATCH 2/2] feat(codebuild): Version 2.0 of the source credentials (separate resources). --- packages/@aws-cdk/aws-codebuild/README.md | 31 ++++++ packages/@aws-cdk/aws-codebuild/lib/index.ts | 1 + .../aws-codebuild/lib/source-credentials.ts | 98 +++++++++++++++++++ packages/@aws-cdk/aws-codebuild/lib/source.ts | 98 ++----------------- packages/@aws-cdk/aws-codebuild/package.json | 5 +- .../aws-codebuild/test/test.project.ts | 27 ++--- 6 files changed, 149 insertions(+), 111 deletions(-) create mode 100644 packages/@aws-cdk/aws-codebuild/lib/source-credentials.ts diff --git a/packages/@aws-cdk/aws-codebuild/README.md b/packages/@aws-cdk/aws-codebuild/README.md index b0deca2a1033a..18a2c024f5006 100644 --- a/packages/@aws-cdk/aws-codebuild/README.md +++ b/packages/@aws-cdk/aws-codebuild/README.md @@ -213,6 +213,37 @@ The following example shows how to define an image from a private docker registr [Docker Registry example](./test/integ.docker-registry.lit.ts) +## Credentials + +CodeBuild allows you to store credentials used when communicating with various sources, +like GitHub: + +```typescript +new codebuild.GitHubSourceCredentials(this, 'CodeBuildGitHubCreds', { + accessToken: cdk.SecretValue.secretsManager('my-token'), +}); +// GitHub Enterprise is almost the same, +// except the class is called GitHubEnterpriseSourceCredentials +``` + +and BitBucket: + +```typescript +new codebuild.BitBucketSourceCredentials(this, 'CodeBuildBitBucketCreds', { + username: cdk.SecretValue.secretsManager('my-bitbucket-creds', { jsonField: 'username' }), + password: cdk.SecretValue.secretsManager('my-bitbucket-creds', { jsonField: 'password' }), +}); +``` + +**Note**: the credentials are global to a given account in a given region - +they are not defined per CodeBuild project. +CodeBuild only allows storing a single credential of a given type +(GitHub, GitHub Enterprise or BitBucket) +in a given account in a given region - +any attempt to save more than one will result in an error. +You can use the [`list-source-credentials` AWS CLI operation](https://docs.aws.amazon.com/cli/latest/reference/codebuild/list-source-credentials.html) +to inspect what credentials are stored in your account. + ## Events CodeBuild projects can be used either as a source for events or be triggered diff --git a/packages/@aws-cdk/aws-codebuild/lib/index.ts b/packages/@aws-cdk/aws-codebuild/lib/index.ts index f1409a3c456d9..7b1685ca66e41 100644 --- a/packages/@aws-cdk/aws-codebuild/lib/index.ts +++ b/packages/@aws-cdk/aws-codebuild/lib/index.ts @@ -2,6 +2,7 @@ export * from './events'; export * from './pipeline-project'; export * from './project'; export * from './source'; +export * from './source-credentials'; export * from './artifacts'; export * from './cache'; export * from './build-spec'; diff --git a/packages/@aws-cdk/aws-codebuild/lib/source-credentials.ts b/packages/@aws-cdk/aws-codebuild/lib/source-credentials.ts new file mode 100644 index 0000000000000..e2b180ec7036f --- /dev/null +++ b/packages/@aws-cdk/aws-codebuild/lib/source-credentials.ts @@ -0,0 +1,98 @@ +import { Construct, Resource, SecretValue } from '@aws-cdk/core'; +import { CfnSourceCredential } from './codebuild.generated'; + +/** + * Creation properties for {@link GitHubSourceCredentials}. + */ +export interface GitHubSourceCredentialsProps { + /** + * The personal access token to use when contacting the GitHub API. + */ + readonly accessToken: SecretValue; +} + +/** + * The source credentials used when contacting the GitHub API. + * + * **Note**: CodeBuild only allows a single credential for GitHub + * to be saved in a given AWS account in a given region - + * any attempt to add more than one will result in an error. + * + * @resource AWS::CodeBuild::SourceCredential + */ +export class GitHubSourceCredentials extends Resource { + constructor(scope: Construct, id: string, props: GitHubSourceCredentialsProps) { + super(scope, id); + + new CfnSourceCredential(scope, 'Resource', { + serverType: 'GITHUB', + authType: 'PERSONAL_ACCESS_TOKEN', + token: props.accessToken.toString(), + }); + } +} + +/** + * Creation properties for {@link GitHubEnterpriseSourceCredentials}. + */ +export interface GitHubEnterpriseSourceCredentialsProps { + /** + * The personal access token to use when contacting the + * instance of the GitHub Enterprise API. + */ + readonly accessToken: SecretValue; +} + +/** + * The source credentials used when contacting the GitHub Enterprise API. + * + * **Note**: CodeBuild only allows a single credential for GitHub Enterprise + * to be saved in a given AWS account in a given region - + * any attempt to add more than one will result in an error. + * + * @resource AWS::CodeBuild::SourceCredential + */ +export class GitHubEnterpriseSourceCredentials extends Resource { + constructor(scope: Construct, id: string, props: GitHubEnterpriseSourceCredentialsProps) { + super(scope, id); + + new CfnSourceCredential(scope, 'Resource', { + serverType: 'GITHUB_ENTERPRISE', + authType: 'PERSONAL_ACCESS_TOKEN', + token: props.accessToken.toString(), + }); + } +} + +/** + * Construction properties of {@link BitBucketSourceCredentials}. + */ +export interface BitBucketSourceCredentialsProps { + /** Your BitBucket username. */ + readonly username: SecretValue; + + /** Your BitBucket application password. */ + readonly password: SecretValue; +} + +/** + * The source credentials used when contacting the BitBucket API. + * + * **Note**: CodeBuild only allows a single credential for BitBucket + * to be saved in a given AWS account in a given region - + * any attempt to add more than one will result in an error. + * + * @resource AWS::CodeBuild::SourceCredential + */ +export class BitBucketSourceCredentials extends Resource { + constructor(scope: Construct, id: string, props: BitBucketSourceCredentialsProps) { + super(scope, id); + + new CfnSourceCredential(this, 'Resource', { + serverType: 'BITBUCKET', + authType: 'BASIC_AUTH', + username: props.username.toString(), + token: props.password.toString(), + }); + } +} diff --git a/packages/@aws-cdk/aws-codebuild/lib/source.ts b/packages/@aws-cdk/aws-codebuild/lib/source.ts index dbaade83a62b7..8c077771cf417 100644 --- a/packages/@aws-cdk/aws-codebuild/lib/source.ts +++ b/packages/@aws-cdk/aws-codebuild/lib/source.ts @@ -1,8 +1,8 @@ import * as codecommit from '@aws-cdk/aws-codecommit'; import * as iam from '@aws-cdk/aws-iam'; import * as s3 from '@aws-cdk/aws-s3'; -import { Construct, SecretValue } from '@aws-cdk/core'; -import { CfnProject, CfnSourceCredential } from './codebuild.generated'; +import { Construct } from '@aws-cdk/core'; +import { CfnProject } from './codebuild.generated'; import { IProject } from './project'; import { BITBUCKET_SOURCE_TYPE, @@ -586,17 +586,6 @@ export interface GitHubSourceProps extends ThirdPartyGitSourceProps { * @example 'aws-cdk' */ readonly repo: string; - - /** - * The personal access token to use when contacting the GitHub API. - * - * **Note**: CodeBuild only allows a single personal access token for GitHub - * to be saved in a given AWS account in a given region - - * any attempt to add more than one will result in an error. - * - * @default - no personal access token will be used - */ - readonly accessToken?: SecretValue; } /** @@ -605,26 +594,14 @@ export interface GitHubSourceProps extends ThirdPartyGitSourceProps { class GitHubSource extends ThirdPartyGitSource { public readonly type = GITHUB_SOURCE_TYPE; private readonly httpsCloneUrl: string; - private readonly accessToken?: SecretValue; constructor(props: GitHubSourceProps) { super(props); - this.httpsCloneUrl = `https://github.com/${props.owner}/${props.repo}.git`; - this.accessToken = props.accessToken; } - public bind(scope: Construct, project: IProject): SourceConfig { - // add the SourceCredential resource - if (this.accessToken) { - new CfnSourceCredential(scope, 'GitHubEnterpriseSourceCredential', { - serverType: 'GITHUB', - authType: 'PERSONAL_ACCESS_TOKEN', - token: this.accessToken.toString(), - }); - } - - const superConfig = super.bind(scope, project); + public bind(_scope: Construct, project: IProject): SourceConfig { + const superConfig = super.bind(_scope, project); return { sourceProperty: { ...superConfig.sourceProperty, @@ -651,17 +628,6 @@ export interface GitHubEnterpriseSourceProps extends ThirdPartyGitSourceProps { * @default false */ readonly ignoreSslErrors?: boolean; - - /** - * The personal access token to use when contacting the instance of the GitHub Enterprise API. - * - * **Note**: CodeBuild only allows a single personal access token for GitHub Enterprise - * to be saved in a given AWS account in a given region - - * any attempt to add more than one will result in an error. - * - * @default - no personal access token will be used - */ - readonly accessToken?: SecretValue; } /** @@ -671,27 +637,15 @@ class GitHubEnterpriseSource extends ThirdPartyGitSource { public readonly type = GITHUB_ENTERPRISE_SOURCE_TYPE; private readonly httpsCloneUrl: string; private readonly ignoreSslErrors?: boolean; - private readonly accessToken?: SecretValue; constructor(props: GitHubEnterpriseSourceProps) { super(props); - this.httpsCloneUrl = props.httpsCloneUrl; this.ignoreSslErrors = props.ignoreSslErrors; - this.accessToken = props.accessToken; } - public bind(scope: Construct, _project: IProject): SourceConfig { - // add the SourceCredential resource - if (this.accessToken) { - new CfnSourceCredential(scope, 'GitHubEnterpriseSourceCredential', { - serverType: 'GITHUB_ENTERPRISE', - authType: 'PERSONAL_ACCESS_TOKEN', - token: this.accessToken.toString(), - }); - } - - const superConfig = super.bind(scope, _project); + public bind(_scope: Construct, _project: IProject): SourceConfig { + const superConfig = super.bind(_scope, _project); return { sourceProperty: { ...superConfig.sourceProperty, @@ -704,18 +658,6 @@ class GitHubEnterpriseSource extends ThirdPartyGitSource { } } -/** - * The BitBucket source credentials provided in the - * {@link BitBucketSourceProps.credentials} property. - */ -export interface BitBucketSourceCredentials { - /** Your BitBucket username. */ - readonly username: SecretValue; - - /** Your BitBucket application password. */ - readonly password: SecretValue; -} - /** * Construction properties for {@link BitBucketSource}. */ @@ -733,17 +675,6 @@ export interface BitBucketSourceProps extends ThirdPartyGitSourceProps { * @example 'aws-cdk' */ readonly repo: string; - - /** - * The source credentials used when contacting the BitBucket API. - * - * **Note**: CodeBuild only allows a single credential for BitBucket - * to be saved in a given AWS account in a given region - - * any attempt to add more than one will result in an error. - * - * @default - no credentials will be used - */ - readonly credentials?: BitBucketSourceCredentials; } /** @@ -752,16 +683,13 @@ export interface BitBucketSourceProps extends ThirdPartyGitSourceProps { class BitBucketSource extends ThirdPartyGitSource { public readonly type = BITBUCKET_SOURCE_TYPE; private readonly httpsCloneUrl: any; - private readonly credentials?: BitBucketSourceCredentials; constructor(props: BitBucketSourceProps) { super(props); - this.httpsCloneUrl = `https://bitbucket.org/${props.owner}/${props.repo}.git`; - this.credentials = props.credentials; } - public bind(scope: Construct, _project: IProject): SourceConfig { + public bind(_scope: Construct, _project: IProject): SourceConfig { // BitBucket sources don't support the PULL_REQUEST_REOPENED event action if (this.anyWebhookFilterContainsPrReopenedEventAction()) { throw new Error('BitBucket sources do not support the PULL_REQUEST_REOPENED webhook event action'); @@ -772,17 +700,7 @@ class BitBucketSource extends ThirdPartyGitSource { throw new Error('BitBucket sources do not support file path conditions for webhook filters'); } - // add the SourceCredential resource - if (this.credentials) { - new CfnSourceCredential(scope, 'BitBucketSourceCredential', { - serverType: 'BITBUCKET', - authType: 'BASIC_AUTH', - username: this.credentials.username.toString(), - token: this.credentials.password.toString(), - }); - } - - const superConfig = super.bind(scope, _project); + const superConfig = super.bind(_scope, _project); return { sourceProperty: { ...superConfig.sourceProperty, diff --git a/packages/@aws-cdk/aws-codebuild/package.json b/packages/@aws-cdk/aws-codebuild/package.json index 44f820fcc6052..532f1fc4c3cc9 100644 --- a/packages/@aws-cdk/aws-codebuild/package.json +++ b/packages/@aws-cdk/aws-codebuild/package.json @@ -203,7 +203,10 @@ "docs-public-apis:@aws-cdk/aws-codebuild.S3SourceProps.path", "docs-public-apis:@aws-cdk/aws-codebuild.SourceConfig.sourceProperty", "docs-public-apis:@aws-cdk/aws-codebuild.SourceConfig.buildTriggers", - "props-default-doc:@aws-cdk/aws-codebuild.SourceConfig.buildTriggers" + "props-default-doc:@aws-cdk/aws-codebuild.SourceConfig.buildTriggers", + "props-physical-name:@aws-cdk/aws-codebuild.BitBucketSourceCredentialsProps", + "props-physical-name:@aws-cdk/aws-codebuild.GitHubSourceCredentialsProps", + "props-physical-name:@aws-cdk/aws-codebuild.GitHubEnterpriseSourceCredentialsProps" ] }, "stability": "stable" diff --git a/packages/@aws-cdk/aws-codebuild/test/test.project.ts b/packages/@aws-cdk/aws-codebuild/test/test.project.ts index a7e27d9d9ce38..580cf94c33426 100644 --- a/packages/@aws-cdk/aws-codebuild/test/test.project.ts +++ b/packages/@aws-cdk/aws-codebuild/test/test.project.ts @@ -191,12 +191,8 @@ export = { const stack = new cdk.Stack(); // WHEN - new codebuild.Project(stack, 'Project', { - source: codebuild.Source.gitHub({ - owner: 'testowner', - repo: 'testrepo', - accessToken: cdk.SecretValue.plainText('my-access-token'), - }), + new codebuild.GitHubSourceCredentials(stack, 'GitHubSourceCredentials', { + accessToken: cdk.SecretValue.plainText('my-access-token'), }); // THEN @@ -236,11 +232,8 @@ export = { const stack = new cdk.Stack(); // WHEN - new codebuild.Project(stack, 'Project', { - source: codebuild.Source.gitHubEnterprise({ - httpsCloneUrl: 'https://mygithub-enterprise.com/myuser/myrepo', - accessToken: cdk.SecretValue.plainText('my-access-token'), - }), + new codebuild.GitHubEnterpriseSourceCredentials(stack, 'GitHubEnterpriseSourceCredentials', { + accessToken: cdk.SecretValue.plainText('my-access-token'), }); // THEN @@ -281,15 +274,9 @@ export = { const stack = new cdk.Stack(); // WHEN - new codebuild.Project(stack, 'Project', { - source: codebuild.Source.bitBucket({ - owner: 'testowner', - repo: 'testrepo', - credentials: { - username: cdk.SecretValue.plainText('my-username'), - password: cdk.SecretValue.plainText('password'), - }, - }), + new codebuild.BitBucketSourceCredentials(stack, 'BitBucketSourceCredentials', { + username: cdk.SecretValue.plainText('my-username'), + password: cdk.SecretValue.plainText('password'), }); // THEN