Resource: awsCodepipelineWebhook
Provides a CodePipeline Webhook.
Example Usage
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
import * as github from "./.gen/providers/github";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: github.
For a more precise conversion please use the --provider flag in convert.*/
const webhookSecret = "super-secret";
const awsCodepipelineBar = new aws.codepipeline.Codepipeline(this, "bar", {
artifactStore: [
{
encryptionKey: {
id: "${data.aws_kms_alias.s3kmskey.arn}",
type: "KMS",
},
location: "${aws_s3_bucket.bar.bucket}",
type: "S3",
},
],
name: "tf-test-pipeline",
roleArn: "${aws_iam_role.bar.arn}",
stage: [
{
action: [
{
category: "Source",
configuration: [
{
branch: "master",
owner: "my-organization",
repo: "test",
},
],
name: "Source",
outputArtifacts: ["test"],
owner: "ThirdParty",
provider: "GitHub",
version: "1",
},
],
name: "Source",
},
{
action: [
{
category: "Build",
configuration: [
{
projectName: "test",
},
],
inputArtifacts: ["test"],
name: "Build",
owner: "AWS",
provider: "CodeBuild",
version: "1",
},
],
name: "Build",
},
],
});
const awsCodepipelineWebhookBar =
new aws.codepipelineWebhook.CodepipelineWebhook(this, "bar_1", {
authentication: "GITHUB_HMAC",
authenticationConfiguration: {
secretToken: webhookSecret,
},
filter: [
{
jsonPath: "$.ref",
matchEquals: "refs/heads/{Branch}",
},
],
name: "test-webhook-github-bar",
targetAction: "Source",
targetPipeline: awsCodepipelineBar.name,
});
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
awsCodepipelineWebhookBar.overrideLogicalId("bar");
const githubRepositoryWebhookBar =
new github.repositoryWebhook.RepositoryWebhook(this, "bar_2", {
configuration: [
{
content_type: "json",
insecure_ssl: true,
secret: webhookSecret,
url: awsCodepipelineWebhookBar.url,
},
],
events: ["push"],
name: "web",
repository: "${github_repository.repo.name}",
});
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
githubRepositoryWebhookBar.overrideLogicalId("bar");
Argument Reference
The following arguments are supported:
name- (Required) The name of the webhook.authentication- (Required) The type of authentication to use. One ofip,GITHUB_HMAC, orunauthenticated.authenticationConfiguration- (Optional) Anauthblock. Required foripandGITHUB_HMAC. Auth blocks are documented below.filter(Required) One or morefilterblocks. Filter blocks are documented below.targetAction- (Required) The name of the action in a pipeline you want to connect to the webhook. The action must be from the source (first) stage of the pipeline.targetPipeline- (Required) The name of the pipeline.tags- (Optional) A map of tags to assign to the resource. If configured with a providerdefaultTagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
An authenticationConfiguration block supports the following arguments:
secretToken- (Optional) The shared secret for the GitHub repository webhook. Set this assecretin yourgithubRepositoryWebhook'sconfigurationblock. Required forGITHUB_HMAC.allowedIpRange- (Optional) A valid CIDR block foripfiltering. Required forip.
A filter block supports the following arguments:
jsonPath- (Required) The JSON path to filter on.matchEquals- (Required) The value to match on (e.g.,refs/heads/{branch}). See AWS docs for details.
Attributes Reference
In addition to all arguments above, the following attributes are exported:
arn- The CodePipeline webhook's ARN.id- The CodePipeline webhook's ARN.tagsAll- A map of tags assigned to the resource, including those inherited from the providerdefaultTagsconfiguration block.url- The CodePipeline webhook's URL. POST events to this endpoint to trigger the target.
Import
CodePipeline Webhooks can be imported by their ARN, e.g.,