Update Github token in Codepipeline with Cloudformation

Update Github token in Codepipeline with Cloudformation

The use case

This post comes from the fact that the token used by Codepipeline to connect to Github to download the source code of the website has expired. Hence, the automation “push and update the website” is not working. Here’s the error:

Error in pipeline

Let’s view how the secret is stored into cloudformation, and how codepipeline can connect.

The secret stack

The cloudformation stack is quite easy. It does not have any hard dependency on other stacks, and it’s used both to download code for dev and prod website.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
{
"AWSTemplateFormatVersion": "2010-09-09",
"Parameters": {
"GithubOAuthTokenParameter": {
"Description": "Github OAuth Token",
"NoEcho": "true",
"Type": "String"
}
},
"Resources": {
"GithubOAuthToken": {
"Properties": {
"Name": "GithubOAuthToken",
"SecretString": {
"Ref": "GithubOAuthTokenParameter"
}
},
"Type": "AWS::SecretsManager::Secret"
}
}
}

The next part of the post is dedicated on how to create and use this cloudformation template

Read more