![Introducing Enhanced Alert Actions and Triage Functionality](https://cdn.sanity.io/images/cgdhsj6q/production/fe71306d515f85de6139b46745ea7180362324f0-2530x946.png?w=800&fit=max&auto=format)
Product
Introducing Enhanced Alert Actions and Triage Functionality
Socket now supports four distinct alert actions instead of the previous two, and alert triaging allows users to override the actions taken for all individual alerts.
cdk-github
Advanced tools
Readme
AWS CDK v2 L3 constructs for GitHub.
This project aims to make GitHub's API accessible through CDK with various helper constructs to create resources in GitHub. The target is to replicate most of the functionality of the Terraform GitHub Provider.
Internally AWS CloudFormation custom resources will be used to track GitHub resources (such as Secrets).
JavaScript/TypeScript:
npm install cdk-github
Python:
pip install cdk-github
This library provides the following constructs:
Currently the constructs only support authentication via a GitHub Personal Access Token. The token needs to be a stored in a AWS SecretsManager Secret and passed to the construct as parameter.
import { ActionSecret } from 'cdk-github';
export class ActionSecretStack extends Stack {
constructor(scope: Construct, id: string, props?: StackProps) {
super(scope, id, props);
const sourceSecret = Secret.fromSecretNameV2(this, 'secretToStoreInGitHub', 'testcdkgithub');
const githubTokenSecret = Secret.fromSecretNameV2(this, 'ghSecret', 'GITHUB_TOKEN');
new ActionSecret(this, 'GitHubActionSecret', {
githubTokenSecret,
repositoryName: 'cdk-github',
repositoryOwner: 'wtfjoke',
repositorySecretName: 'aRandomGitHubSecret',
sourceSecret,
});
}
}
See full example in ActionSecretStack
import cdkgithub
class ActionSecretStack(Stack):
def __init__(self, scope: Construct, construct_id: str, **kwargs) -> None:
super().__init__(scope, construct_id, **kwargs)
source_secret = sm.Secret.from_secret_name_v2(
self, "secretToStoreInGitHub", "testcdkgithub"
)
github_token_secret = sm.Secret.from_secret_name_v2(
self, "ghSecret", "GITHUB_TOKEN"
)
cdkgithub.ActionSecret(
self,
"GitHubActionSecret",
github_token_secret=github_token_secret,
repository_name="cdk-github",
repository_owner="wtfjoke",
repository_secret_name="aRandomPythonGitHubSecret",
source_secret=source_secret,
)
Please note: the module name is cdkgithub
and not cdk-github
.
import { ActionEnvironmentSecret } from 'cdk-github';
export class ActionEnvironmentSecretStack extends Stack {
constructor(scope: Construct, id: string, props?: StackProps) {
super(scope, id, props);
const sourceSecret = Secret.fromSecretNameV2(this, 'secretToStoreInGitHub', 'testcdkgithub');
const githubTokenSecret = Secret.fromSecretNameV2(this, 'ghSecret', 'GITHUB_TOKEN');
new ActionEnvironmentSecret(this, 'GitHubActionEnvironmentSecret', {
githubTokenSecret,
environment: 'dev',
repositoryName: 'cdk-github',
repositoryOwner: 'wtfjoke',
repositorySecretName: 'aRandomGitHubSecret',
sourceSecret,
});
}
}
See full example in ActionEnvironmentSecretStack
FAQs
AWS CDK Construct Library to interact with GitHub's API.
The npm package cdk-github receives a total of 704 weekly downloads. As such, cdk-github popularity was classified as not popular.
We found that cdk-github demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Product
Socket now supports four distinct alert actions instead of the previous two, and alert triaging allows users to override the actions taken for all individual alerts.
Security News
Polyfill.io has been serving malware for months via its CDN, after the project's open source maintainer sold the service to a company based in China.
Security News
OpenSSF is warning open source maintainers to stay vigilant against reputation farming on GitHub, where users artificially inflate their status by manipulating interactions on closed issues and PRs.