<![CDATA[Leo Lapworth Blog]]>https://blog.cuckoo.orgRSS for NodeMon, 04 May 2026 17:10:46 GMT60<![CDATA[AWS Pipelines with Github Release trigger in CDK]]>https://blog.cuckoo.org/aws-pipelines-with-github-release-trigger-in-cdkhttps://blog.cuckoo.org/aws-pipelines-with-github-release-trigger-in-cdkWed, 23 Jun 2021 06:20:51 GMTProblem

CDK pipeline supports GitHub webhook, but on branch push events, not on release events.

UPDATE 2022

The after migrating to the modern CDK Pipeline API this approach no longer works.

Instead we have setup a GitHub action that is triggered on release and pushes to a release_to_production branch and use the CDK Pipeline to trigger from the push event on that instead.

This ends up with a cleaner CDK setup even if relying on a branch rather than a release directly

Solution...

Disable triggers when you create a GitHubSourceAction

   const ghAction = new codepipeline_actions.GitHubSourceAction({
      actionName: 'GitHubRelease',
      ....
      trigger: codepipeline_actions.GitHubTrigger.NONE, // we will add our own below
    });

    // Everything else
    const synthAction = pipelines.SimpleSynthAction.standardNpmSynth({
      sourceArtifact,
      cloudAssemblyArtifact,
      buildCommand: 'echo "HELLO!"',
    });

    const myPipeLine = new pipelines.CdkPipeline(this, 'Pipeline', {
      pipelineName: 'MyAppPipeline',
      cloudAssemblyArtifact,

      sourceAction: ghAction,
      synthAction,
    });

Create your own webhook and change the filters to look at $.action and match to published events

    new codepipeline.CfnWebhook(this, 'WebhookResource', {
      authentication: 'GITHUB_HMAC',
      authenticationConfiguration: {
        secretToken: SecretValue.secretsManager('GITHUB_TEST_PIPELINE').toString(),
      },
      filters: [
        {
          jsonPath: '$.action',
          matchEquals: 'published',
        },
      ],
      targetAction: ghAction.actionProperties.actionName,
      targetPipeline: myPipeLine.codePipeline.pipelineName,
      targetPipelineVersion: 1,
      registerWithThirdParty: true,
    });

Tips

  • After initial deploy remember to edit the webhook in github to send release not push events!
  • Cloudformation deploy errors maybe based on github credentials access - make sure token valid and has permissions to create a webhook (admin I believe)
  • https://stackoverflow.com/questions/52516087/trigger-aws-codepipeline-by-github-release-webhook
  • https://www.linkedin.com/pulse/aws-codepipeline-github-releases-geo-nicolaidis/
  • https://docs.github.com/en/actions/reference/events-that-trigger-workflows#release
  • https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codepipeline-webhook.html
]]>