Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

cdktf-github-actions

Package Overview
Dependencies
Maintainers
1
Versions
330
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

cdktf-github-actions

@awlsring/cdktf-github-actions

Source
pipPyPI
Version
0.0.326
Maintainers
1

cdktf-github-actions

This is a library to help define GitHub Actions workflows using CDKTF. This package vends constructs for defining a workflow that will be synthesized to a workflow yaml file in your repos .github/workflows directory.

Development

This project is in early development. The constructs are likely to change as the needs of the project evolve.

A few items I'm currently working towards:

  • More github resource synthesis
  • Higher test coverage
  • More indepth documentation

Usage

Example

import { Construct } from 'constructs';
import { App, TerraformStack } from 'cdktf';
import { Workflow, Job } from 'cdktf-github-actions';

const app = new App();

class MyWorkflowStack executes TerraformStack {
  constructor(scope: Construct, name: string) {
    super(scope, name);

    let echoJob = new Job(this, 'build-job', {
      steps: [
        {
          name: 'echo',
          run: 'echo "Hello World"',
        },
      ],
    });

    const wf = new Workflow(this, 'workflow', {
      repoName: 'my-repo',
      jobs: [echoJob],
    });
  }
}

const stack = new MyWorkflowStack(app, 'test');
app.synth();

The constructs support the ability to define github resources and create them using the github terrafrom provider. The following example shows how to create a create a workflow with secrets that will be stored in the repository.

import { Construct } from 'constructs';
import { App, TerraformStack } from 'cdktf';
import { Workflow, Job } from 'cdktf-github-actions';

const app = new App();

class MyWorkflowStack executes TerraformStack {
  constructor(scope: Construct, name: string) {
    super(scope, name);

    let echoJob = new Job(this, 'build-job', {
      steps: [
        {
          name: 'echo',
          run: 'echo "Hello World"',
          withSecrets: [
            {
              referencedName: 'token',
              secretName: 'MY_SECRET',
              secretValue: '123',
            },
          ],
        },
      ],
    });

    const wf = new Workflow(this, 'workflow', {
      repoName: 'my-repo',
      jobs: [echoJob],
    });
  }
}

const stack = new MyWorkflowStack(app, 'test');
app.synth();

The example above will create a secret with the name MY_SECRET and the value 123 in the repository. The secret will be referenced in the workflow using the name token.

FAQs

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Another Round of TEA Protocol Spam Floods npm, But It’s Not a Worm

Security News

Another Round of TEA Protocol Spam Floods npm, But It’s Not a Worm

Recent coverage mislabels the latest TEA protocol spam as a worm. Here’s what’s actually happening.

By Philipp Burckhardt  -  Nov 14, 2025
Malicious Chrome Extension Exfiltrates Seed Phrases, Enabling Wallet Takeover

Research

/

Security News

Malicious Chrome Extension Exfiltrates Seed Phrases, Enabling Wallet Takeover

A malicious Chrome extension posing as an Ethereum wallet steals seed phrases by encoding them into Sui transactions, enabling full wallet takeover.

By Kirill Boychenko  -  Nov 12, 2025