Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: pepperize/cdk-github
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: v0.0.87
Choose a base ref
...
head repository: pepperize/cdk-github
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: refs/heads/main
Choose a head ref

Commits on Nov 16, 2022

  1. feat: support github actions secrets

    #7
    
    ```typescript
    new GithubCustomResource(stack, "ActionsSecret", {
      onCreate: {
        endpoint: "actions",
        method: "createOrUpdateRepoSecret",
        parameters: {
          owner: "pepperize",
          repo: "cdk-github",
          secret_name: "any-name",
          value: ActionsSecret.fromSecretsManager(secret, "any-field"),
        },
        outputPaths: [],
        physicalResourceId: custom_resources.PhysicalResourceId.of("any-id"),
      },
      authOptions: AuthOptions.appAuth(authSecret),
    });
    ```
    pflorek committed Nov 16, 2022

    Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
    Copy the full SHA
    874bcfa View commit details
  2. fix: import is duplicated

    pflorek committed Nov 16, 2022
    Copy the full SHA
    c538db7 View commit details

Commits on Nov 17, 2022

  1. chore: delete test code

    pflorek authored Nov 17, 2022
    Copy the full SHA
    25bf51d View commit details

Commits on Dec 7, 2022

  1. chore(deps-dev): Bump aws-sdk from 2.1269.0 to 2.1270.0

    Bumps [aws-sdk](https://github.com/aws/aws-sdk-js) from 2.1269.0 to 2.1270.0.
    - [Release notes](https://github.com/aws/aws-sdk-js/releases)
    - [Changelog](https://github.com/aws/aws-sdk-js/blob/master/CHANGELOG.md)
    - [Commits](aws/aws-sdk-js@v2.1269.0...v2.1270.0)
    
    ---
    updated-dependencies:
    - dependency-name: aws-sdk
      dependency-type: direct:development
      update-type: version-update:semver-minor
    ...
    
    Signed-off-by: dependabot[bot] <support@github.com>
    dependabot[bot] authored Dec 7, 2022
    Copy the full SHA
    08463ac View commit details
  2. Copy the full SHA
    3c5120a View commit details
  3. chore(deps-dev): Bump aws-sdk from 2.1269.0 to 2.1270.0 (#103)

    Bumps [aws-sdk](https://github.com/aws/aws-sdk-js) from 2.1269.0 to 2.1270.0.
    <details>
    <summary>Release notes</summary>
    <p><em>Sourced from <a href="https://github.com/aws/aws-sdk-js/releases">aws-sdk's releases</a>.</em></p>
    <blockquote>
    <h2>Release v2.1270.0</h2>
    <p>See <a href="https://github.com/aws/aws-sdk-js/blob/master/CHANGELOG.md">changelog</a> for more information.</p>
    </blockquote>
    </details>
    <details>
    <summary>Changelog</summary>
    <p><em>Sourced from <a href="https://github.com/aws/aws-sdk-js/blob/master/CHANGELOG.md">aws-sdk's changelog</a>.</em></p>
    <blockquote>
    <h2>2.1270.0</h2>
    <ul>
    <li>feature: CloudFront: Introducing UpdateDistributionWithStagingConfig that can be used to promote the staging configuration to the production.</li>
    <li>feature: CostExplorer: This release adds the LinkedAccountName field to the GetAnomalies API response under RootCause</li>
    <li>feature: EKS: Adds support for EKS add-ons configurationValues fields and DescribeAddonConfiguration function</li>
    </ul>
    </blockquote>
    </details>
    <details>
    <summary>Commits</summary>
    <ul>
    <li><a href="https://github.com/aws/aws-sdk-js/commit/eb9866ccaf6bdbc0cd72a4c655bd621d3c8ac25f"><code>eb9866c</code></a> Updates SDK to v2.1270.0</li>
    <li>See full diff in <a href="https://github.com/aws/aws-sdk-js/compare/v2.1269.0...v2.1270.0">compare view</a></li>
    </ul>
    </details>
    <br />
    
    
    [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=aws-sdk&package-manager=npm_and_yarn&previous-version=2.1269.0&new-version=2.1270.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
    
    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
    
    [//]: # (dependabot-automerge-start)
    [//]: # (dependabot-automerge-end)
    
    ---
    
    <details>
    <summary>Dependabot commands and options</summary>
    <br />
    
    You can trigger Dependabot actions by commenting on this PR:
    - `@dependabot rebase` will rebase this PR
    - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
    - `@dependabot merge` will merge this PR after your CI passes on it
    - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
    - `@dependabot cancel merge` will cancel a previously requested merge and block automerging
    - `@dependabot reopen` will reopen this PR if it is closed
    - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    
    
    </details>
    mergify[bot] authored Dec 7, 2022
    Copy the full SHA
    2a4d9db View commit details

Commits on Dec 8, 2022

  1. chore(deps-dev): Bump @typescript-eslint/eslint-plugin

    Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 5.45.1 to 5.46.0.
    - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
    - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
    - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.46.0/packages/eslint-plugin)
    
    ---
    updated-dependencies:
    - dependency-name: "@typescript-eslint/eslint-plugin"
      dependency-type: direct:development
      update-type: version-update:semver-minor
    ...
    
    Signed-off-by: dependabot[bot] <support@github.com>
    dependabot[bot] authored Dec 8, 2022
    Copy the full SHA
    5c4a928 View commit details
  2. chore(deps-dev): Bump typescript from 4.9.3 to 4.9.4

    Bumps [typescript](https://github.com/Microsoft/TypeScript) from 4.9.3 to 4.9.4.
    - [Release notes](https://github.com/Microsoft/TypeScript/releases)
    - [Commits](microsoft/TypeScript@v4.9.3...v4.9.4)
    
    ---
    updated-dependencies:
    - dependency-name: typescript
      dependency-type: direct:development
      update-type: version-update:semver-patch
    ...
    
    Signed-off-by: dependabot[bot] <support@github.com>
    dependabot[bot] authored Dec 8, 2022
    Copy the full SHA
    3ca9a48 View commit details
  3. chore(deps-dev): Bump jsii-docgen from 7.0.166 to 7.0.167

    Bumps [jsii-docgen](https://github.com/cdklabs/jsii-docgen) from 7.0.166 to 7.0.167.
    - [Release notes](https://github.com/cdklabs/jsii-docgen/releases)
    - [Changelog](https://github.com/cdklabs/jsii-docgen/blob/main/CHANGELOG.md)
    - [Commits](cdklabs/jsii-docgen@v7.0.166...v7.0.167)
    
    ---
    updated-dependencies:
    - dependency-name: jsii-docgen
      dependency-type: direct:development
      update-type: version-update:semver-patch
    ...
    
    Signed-off-by: dependabot[bot] <support@github.com>
    dependabot[bot] authored Dec 8, 2022
    Copy the full SHA
    98be4cd View commit details
  4. chore(deps-dev): Bump @pepperize/projen-awscdk-construct

    Bumps [@pepperize/projen-awscdk-construct](https://github.com/pepperize/projen-awscdk-construct) from 0.0.333 to 0.0.336.
    - [Release notes](https://github.com/pepperize/projen-awscdk-construct/releases)
    - [Commits](pepperize/projen-awscdk-construct@v0.0.333...v0.0.336)
    
    ---
    updated-dependencies:
    - dependency-name: "@pepperize/projen-awscdk-construct"
      dependency-type: direct:development
      update-type: version-update:semver-patch
    ...
    
    Signed-off-by: dependabot[bot] <support@github.com>
    dependabot[bot] authored Dec 8, 2022
    Copy the full SHA
    9502a5e View commit details
  5. chore(deps-dev): Bump @typescript-eslint/eslint-plugin from 5.45.1 to…

    … 5.46.0 (#104)
    
    Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 5.45.1 to 5.46.0.
    <details>
    <summary>Release notes</summary>
    <p><em>Sourced from <a href="https://github.com/typescript-eslint/typescript-eslint/releases"><code>@​typescript-eslint/eslint-plugin</code>'s releases</a>.</em></p>
    <blockquote>
    <h2>v5.46.0</h2>
    <h1><a href="https://github.com/typescript-eslint/typescript-eslint/compare/v5.45.1...v5.46.0">5.46.0</a> (2022-12-08)</h1>
    <h3>Bug Fixes</h3>
    <ul>
    <li><strong>eslint-plugin:</strong> [ban-types] update message to suggest <code>object</code> instead of <code>Record&lt;string, unknown&gt;</code> (<a href="https://github-redirect.dependabot.com/typescript-eslint/typescript-eslint/issues/6079">#6079</a>) (<a href="https://github.com/typescript-eslint/typescript-eslint/commit/d91a5fc41be5bc2a0625574e9c9496f61fb7471d">d91a5fc</a>)</li>
    </ul>
    <h3>Features</h3>
    <ul>
    <li><strong>eslint-plugin:</strong> [prefer-nullish-coalescing] logic and test for strict null checks (<a href="https://github-redirect.dependabot.com/typescript-eslint/typescript-eslint/issues/6174">#6174</a>) (<a href="https://github.com/typescript-eslint/typescript-eslint/commit/8a91cbd9fbe5bc4cf750cd949d2b8d48ff4c311d">8a91cbd</a>)</li>
    </ul>
    </blockquote>
    </details>
    <details>
    <summary>Changelog</summary>
    <p><em>Sourced from <a href="https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md"><code>@​typescript-eslint/eslint-plugin</code>'s changelog</a>.</em></p>
    <blockquote>
    <h1><a href="https://github.com/typescript-eslint/typescript-eslint/compare/v5.45.1...v5.46.0">5.46.0</a> (2022-12-08)</h1>
    <h3>Bug Fixes</h3>
    <ul>
    <li><strong>eslint-plugin:</strong> [ban-types] update message to suggest <code>object</code> instead of <code>Record&lt;string, unknown&gt;</code> (<a href="https://github-redirect.dependabot.com/typescript-eslint/typescript-eslint/issues/6079">#6079</a>) (<a href="https://github.com/typescript-eslint/typescript-eslint/commit/d91a5fc41be5bc2a0625574e9c9496f61fb7471d">d91a5fc</a>)</li>
    </ul>
    <h3>Features</h3>
    <ul>
    <li><strong>eslint-plugin:</strong> [prefer-nullish-coalescing] logic and test for strict null checks (<a href="https://github-redirect.dependabot.com/typescript-eslint/typescript-eslint/issues/6174">#6174</a>) (<a href="https://github.com/typescript-eslint/typescript-eslint/commit/8a91cbd9fbe5bc4cf750cd949d2b8d48ff4c311d">8a91cbd</a>)</li>
    </ul>
    </blockquote>
    </details>
    <details>
    <summary>Commits</summary>
    <ul>
    <li><a href="https://github.com/typescript-eslint/typescript-eslint/commit/1e1573a868265a3a14df2a24d11f686d62e30b83"><code>1e1573a</code></a> chore: publish v5.46.0</li>
    <li><a href="https://github.com/typescript-eslint/typescript-eslint/commit/d91a5fc41be5bc2a0625574e9c9496f61fb7471d"><code>d91a5fc</code></a> fix(eslint-plugin): [ban-types] update message to suggest <code>object</code> instead of...</li>
    <li><a href="https://github.com/typescript-eslint/typescript-eslint/commit/8a91cbd9fbe5bc4cf750cd949d2b8d48ff4c311d"><code>8a91cbd</code></a> feat(eslint-plugin): [prefer-nullish-coalescing] logic and test for strict nu...</li>
    <li>See full diff in <a href="https://github.com/typescript-eslint/typescript-eslint/commits/v5.46.0/packages/eslint-plugin">compare view</a></li>
    </ul>
    </details>
    <br />
    
    
    [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@typescript-eslint/eslint-plugin&package-manager=npm_and_yarn&previous-version=5.45.1&new-version=5.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
    
    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
    
    [//]: # (dependabot-automerge-start)
    [//]: # (dependabot-automerge-end)
    
    ---
    
    <details>
    <summary>Dependabot commands and options</summary>
    <br />
    
    You can trigger Dependabot actions by commenting on this PR:
    - `@dependabot rebase` will rebase this PR
    - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
    - `@dependabot merge` will merge this PR after your CI passes on it
    - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
    - `@dependabot cancel merge` will cancel a previously requested merge and block automerging
    - `@dependabot reopen` will reopen this PR if it is closed
    - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    
    
    </details>
    mergify[bot] authored Dec 8, 2022
    Copy the full SHA
    865b25b View commit details
  6. Copy the full SHA
    6190034 View commit details
  7. chore(deps-dev): Bump @typescript-eslint/parser from 5.45.1 to 5.46.0

    Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 5.45.1 to 5.46.0.
    - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
    - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
    - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.46.0/packages/parser)
    
    ---
    updated-dependencies:
    - dependency-name: "@typescript-eslint/parser"
      dependency-type: direct:development
      update-type: version-update:semver-minor
    ...
    
    Signed-off-by: dependabot[bot] <support@github.com>
    dependabot[bot] authored Dec 8, 2022
    Copy the full SHA
    61f24e2 View commit details
  8. chore(deps-dev): Bump typescript from 4.9.3 to 4.9.4 (#106)

    Bumps [typescript](https://github.com/Microsoft/TypeScript) from 4.9.3 to 4.9.4.
    <details>
    <summary>Release notes</summary>
    <p><em>Sourced from <a href="https://github.com/Microsoft/TypeScript/releases">typescript's releases</a>.</em></p>
    <blockquote>
    <h2>TypeScript 4.9.4</h2>
    <p>For release notes, check out the <a href="https://devblogs.microsoft.com/typescript/announcing-typescript-4-9">release announcement</a>.</p>
    <p>For the complete list of fixed issues, check out the</p>
    <ul>
    <li><a href="https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93&amp;q=is%3Aissue+milestone%3A%22TypeScript+4.9.4%22+is%3Aclosed+">fixed issues query for Typescript v4.9.4</a>.</li>
    </ul>
    <p>Downloads are available on:</p>
    <ul>
    <li><a href="https://www.npmjs.com/package/typescript">npm</a></li>
    <li><a href="https://www.nuget.org/packages/Microsoft.TypeScript.MSBuild">NuGet package</a></li>
    </ul>
    <h2>Changes:</h2>
    <ul>
    <li>e2868216f637e875a74c675845625eb15dcfe9a2 Bump version to 4.9.4 and LKG.</li>
    <li>eb5419fc8d980859b98553586dfb5f40d811a745 Cherry-pick <a href="https://github-redirect.dependabot.com/Microsoft/TypeScript/issues/51704">#51704</a> to release 4.9 (<a href="https://github-redirect.dependabot.com/Microsoft/TypeScript/issues/51712">#51712</a>)</li>
    <li>b4d382b9b12460adf2da4cc0d1429cf19f8dc8be Cherry-pick changes for narrowing to tagged literal types.</li>
    <li>e7a02f43fce47e1a39259ada5460bcc33c8e98b5 Port of <a href="https://github-redirect.dependabot.com/Microsoft/TypeScript/issues/51626">#51626</a> and <a href="https://github-redirect.dependabot.com/Microsoft/TypeScript/issues/51689">#51689</a> to release-4.9 (<a href="https://github-redirect.dependabot.com/Microsoft/TypeScript/issues/51627">#51627</a>)</li>
    <li>1727912f0437a7f367d90040fc4b0b4f3efd017a Cherry-pick fix around <code>visitEachChild</code> to release-4.9. (<a href="https://github-redirect.dependabot.com/Microsoft/TypeScript/issues/51544">#51544</a>)</li>
    </ul>
    <p>This list of changes was <a href="https://typescript.visualstudio.com/cf7ac146-d525-443c-b23c-0d58337efebc/_release?releaseId=117&amp;_a=release-summary">auto generated</a>.</p>
    </blockquote>
    </details>
    <details>
    <summary>Commits</summary>
    <ul>
    <li><a href="https://github.com/microsoft/TypeScript/commit/e2868216f637e875a74c675845625eb15dcfe9a2"><code>e286821</code></a> Bump version to 4.9.4 and LKG.</li>
    <li><a href="https://github.com/microsoft/TypeScript/commit/eb5419fc8d980859b98553586dfb5f40d811a745"><code>eb5419f</code></a> Cherry-pick <a href="https://github-redirect.dependabot.com/Microsoft/TypeScript/issues/51704">#51704</a> to release 4.9 (<a href="https://github-redirect.dependabot.com/Microsoft/TypeScript/issues/51712">#51712</a>)</li>
    <li><a href="https://github.com/microsoft/TypeScript/commit/b4d382b9b12460adf2da4cc0d1429cf19f8dc8be"><code>b4d382b</code></a> Cherry-pick changes for narrowing to tagged literal types.</li>
    <li><a href="https://github.com/microsoft/TypeScript/commit/e7a02f43fce47e1a39259ada5460bcc33c8e98b5"><code>e7a02f4</code></a> Port of <a href="https://github-redirect.dependabot.com/Microsoft/TypeScript/issues/51626">#51626</a> and <a href="https://github-redirect.dependabot.com/Microsoft/TypeScript/issues/51689">#51689</a> to release-4.9 (<a href="https://github-redirect.dependabot.com/Microsoft/TypeScript/issues/51627">#51627</a>)</li>
    <li><a href="https://github.com/microsoft/TypeScript/commit/1727912f0437a7f367d90040fc4b0b4f3efd017a"><code>1727912</code></a> Cherry-pick fix around <code>visitEachChild</code> to release-4.9. (<a href="https://github-redirect.dependabot.com/Microsoft/TypeScript/issues/51544">#51544</a>)</li>
    <li>See full diff in <a href="https://github.com/Microsoft/TypeScript/compare/v4.9.3...v4.9.4">compare view</a></li>
    </ul>
    </details>
    <br />
    
    
    [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=typescript&package-manager=npm_and_yarn&previous-version=4.9.3&new-version=4.9.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
    
    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
    
    [//]: # (dependabot-automerge-start)
    [//]: # (dependabot-automerge-end)
    
    ---
    
    <details>
    <summary>Dependabot commands and options</summary>
    <br />
    
    You can trigger Dependabot actions by commenting on this PR:
    - `@dependabot rebase` will rebase this PR
    - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
    - `@dependabot merge` will merge this PR after your CI passes on it
    - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
    - `@dependabot cancel merge` will cancel a previously requested merge and block automerging
    - `@dependabot reopen` will reopen this PR if it is closed
    - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    
    
    </details>
    mergify[bot] authored Dec 8, 2022
    Copy the full SHA
    cc68462 View commit details
  9. Copy the full SHA
    b053e5b View commit details
  10. chore(deps-dev): Bump @pepperize/projen-awscdk-construct from 0.0.333…

    … to 0.0.336 (#108)
    
    Bumps [@pepperize/projen-awscdk-construct](https://github.com/pepperize/projen-awscdk-construct) from 0.0.333 to 0.0.336.
    <details>
    <summary>Release notes</summary>
    <p><em>Sourced from <a href="https://github.com/pepperize/projen-awscdk-construct/releases"><code>@​pepperize/projen-awscdk-construct</code>'s releases</a>.</em></p>
    <blockquote>
    <h2>v0.0.336</h2>
    <h3><a href="https://github.com/pepperize/projen-awscdk-construct/compare/v0.0.335...v0.0.336">0.0.336</a> (2022-12-08)</h3>
    <h2>v0.0.335</h2>
    <h3><a href="https://github.com/pepperize/projen-awscdk-construct/compare/v0.0.334...v0.0.335">0.0.335</a> (2022-12-08)</h3>
    <h2>v0.0.334</h2>
    <h3><a href="https://github.com/pepperize/projen-awscdk-construct/compare/v0.0.333...v0.0.334">0.0.334</a> (2022-12-08)</h3>
    </blockquote>
    </details>
    <details>
    <summary>Commits</summary>
    <ul>
    <li><a href="https://github.com/pepperize/projen-awscdk-construct/commit/e8ff10ba8734ee0ba2427b56f832af72405dc879"><code>e8ff10b</code></a> chore(deps-dev): Bump typescript from 4.9.3 to 4.9.4 (<a href="https://github-redirect.dependabot.com/pepperize/projen-awscdk-construct/issues/322">#322</a>)</li>
    <li><a href="https://github.com/pepperize/projen-awscdk-construct/commit/f5cdf0f98f200b463ff3772aa8b7cc2a11e4f09e"><code>f5cdf0f</code></a> chore(deps-dev): Bump prettier from 2.8.0 to 2.8.1 (<a href="https://github-redirect.dependabot.com/pepperize/projen-awscdk-construct/issues/321">#321</a>)</li>
    <li><a href="https://github.com/pepperize/projen-awscdk-construct/commit/da829f8ba8c9a33c3cfb30fb4731aa08821831ab"><code>da829f8</code></a> chore(deps-dev): Bump jsii-docgen from 7.0.166 to 7.0.167 (<a href="https://github-redirect.dependabot.com/pepperize/projen-awscdk-construct/issues/320">#320</a>)</li>
    <li>See full diff in <a href="https://github.com/pepperize/projen-awscdk-construct/compare/v0.0.333...v0.0.336">compare view</a></li>
    </ul>
    </details>
    <br />
    
    
    [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@pepperize/projen-awscdk-construct&package-manager=npm_and_yarn&previous-version=0.0.333&new-version=0.0.336)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
    
    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
    
    [//]: # (dependabot-automerge-start)
    [//]: # (dependabot-automerge-end)
    
    ---
    
    <details>
    <summary>Dependabot commands and options</summary>
    <br />
    
    You can trigger Dependabot actions by commenting on this PR:
    - `@dependabot rebase` will rebase this PR
    - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
    - `@dependabot merge` will merge this PR after your CI passes on it
    - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
    - `@dependabot cancel merge` will cancel a previously requested merge and block automerging
    - `@dependabot reopen` will reopen this PR if it is closed
    - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    
    
    </details>
    mergify[bot] authored Dec 8, 2022
    Copy the full SHA
    2af46c5 View commit details
  11. Copy the full SHA
    0aab48d View commit details
  12. chore(deps-dev): Bump jsii-docgen from 7.0.166 to 7.0.167 (#107)

    Bumps [jsii-docgen](https://github.com/cdklabs/jsii-docgen) from 7.0.166 to 7.0.167.
    <details>
    <summary>Release notes</summary>
    <p><em>Sourced from <a href="https://github.com/cdklabs/jsii-docgen/releases">jsii-docgen's releases</a>.</em></p>
    <blockquote>
    <h2>v7.0.167</h2>
    <h3><a href="https://github.com/cdklabs/jsii-docgen/compare/v7.0.166...v7.0.167">7.0.167</a> (2022-12-08)</h3>
    </blockquote>
    </details>
    <details>
    <summary>Commits</summary>
    <ul>
    <li><a href="https://github.com/cdklabs/jsii-docgen/commit/fe367c3e807b40c613b42885bc166cf9176cf939"><code>fe367c3</code></a> chore(deps): upgrade dependencies (<a href="https://github-redirect.dependabot.com/cdklabs/jsii-docgen/issues/858">#858</a>)</li>
    <li>See full diff in <a href="https://github.com/cdklabs/jsii-docgen/compare/v7.0.166...v7.0.167">compare view</a></li>
    </ul>
    </details>
    <br />
    
    
    [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=jsii-docgen&package-manager=npm_and_yarn&previous-version=7.0.166&new-version=7.0.167)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
    
    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
    
    [//]: # (dependabot-automerge-start)
    [//]: # (dependabot-automerge-end)
    
    ---
    
    <details>
    <summary>Dependabot commands and options</summary>
    <br />
    
    You can trigger Dependabot actions by commenting on this PR:
    - `@dependabot rebase` will rebase this PR
    - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
    - `@dependabot merge` will merge this PR after your CI passes on it
    - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
    - `@dependabot cancel merge` will cancel a previously requested merge and block automerging
    - `@dependabot reopen` will reopen this PR if it is closed
    - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    
    
    </details>
    mergify[bot] authored Dec 8, 2022
    Copy the full SHA
    6c683ff View commit details
  13. Copy the full SHA
    1227146 View commit details
  14. chore(deps-dev): Bump @typescript-eslint/parser from 5.45.1 to 5.46.0 (

    …#105)
    
    Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 5.45.1 to 5.46.0.
    <details>
    <summary>Release notes</summary>
    <p><em>Sourced from <a href="https://github.com/typescript-eslint/typescript-eslint/releases"><code>@​typescript-eslint/parser</code>'s releases</a>.</em></p>
    <blockquote>
    <h2>v5.46.0</h2>
    <h1><a href="https://github.com/typescript-eslint/typescript-eslint/compare/v5.45.1...v5.46.0">5.46.0</a> (2022-12-08)</h1>
    <h3>Bug Fixes</h3>
    <ul>
    <li><strong>eslint-plugin:</strong> [ban-types] update message to suggest <code>object</code> instead of <code>Record&lt;string, unknown&gt;</code> (<a href="https://github-redirect.dependabot.com/typescript-eslint/typescript-eslint/issues/6079">#6079</a>) (<a href="https://github.com/typescript-eslint/typescript-eslint/commit/d91a5fc41be5bc2a0625574e9c9496f61fb7471d">d91a5fc</a>)</li>
    </ul>
    <h3>Features</h3>
    <ul>
    <li><strong>eslint-plugin:</strong> [prefer-nullish-coalescing] logic and test for strict null checks (<a href="https://github-redirect.dependabot.com/typescript-eslint/typescript-eslint/issues/6174">#6174</a>) (<a href="https://github.com/typescript-eslint/typescript-eslint/commit/8a91cbd9fbe5bc4cf750cd949d2b8d48ff4c311d">8a91cbd</a>)</li>
    </ul>
    </blockquote>
    </details>
    <details>
    <summary>Changelog</summary>
    <p><em>Sourced from <a href="https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md"><code>@​typescript-eslint/parser</code>'s changelog</a>.</em></p>
    <blockquote>
    <h1><a href="https://github.com/typescript-eslint/typescript-eslint/compare/v5.45.1...v5.46.0">5.46.0</a> (2022-12-08)</h1>
    <p><strong>Note:</strong> Version bump only for package <code>@​typescript-eslint/parser</code></p>
    </blockquote>
    </details>
    <details>
    <summary>Commits</summary>
    <ul>
    <li><a href="https://github.com/typescript-eslint/typescript-eslint/commit/1e1573a868265a3a14df2a24d11f686d62e30b83"><code>1e1573a</code></a> chore: publish v5.46.0</li>
    <li>See full diff in <a href="https://github.com/typescript-eslint/typescript-eslint/commits/v5.46.0/packages/parser">compare view</a></li>
    </ul>
    </details>
    <br />
    
    
    [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@typescript-eslint/parser&package-manager=npm_and_yarn&previous-version=5.45.1&new-version=5.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
    
    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
    
    [//]: # (dependabot-automerge-start)
    [//]: # (dependabot-automerge-end)
    
    ---
    
    <details>
    <summary>Dependabot commands and options</summary>
    <br />
    
    You can trigger Dependabot actions by commenting on this PR:
    - `@dependabot rebase` will rebase this PR
    - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
    - `@dependabot merge` will merge this PR after your CI passes on it
    - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
    - `@dependabot cancel merge` will cancel a previously requested merge and block automerging
    - `@dependabot reopen` will reopen this PR if it is closed
    - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    
    
    </details>
    mergify[bot] authored Dec 8, 2022
    Copy the full SHA
    06d3a3e View commit details

Commits on Dec 9, 2022

  1. chore(deps-dev): Bump jsii-docgen from 7.0.167 to 7.0.168

    Bumps [jsii-docgen](https://github.com/cdklabs/jsii-docgen) from 7.0.167 to 7.0.168.
    - [Release notes](https://github.com/cdklabs/jsii-docgen/releases)
    - [Changelog](https://github.com/cdklabs/jsii-docgen/blob/main/CHANGELOG.md)
    - [Commits](cdklabs/jsii-docgen@v7.0.167...v7.0.168)
    
    ---
    updated-dependencies:
    - dependency-name: jsii-docgen
      dependency-type: direct:development
      update-type: version-update:semver-patch
    ...
    
    Signed-off-by: dependabot[bot] <support@github.com>
    dependabot[bot] authored Dec 9, 2022
    Copy the full SHA
    c7c0f67 View commit details
  2. chore(deps-dev): Bump aws-sdk from 2.1270.0 to 2.1272.0

    Bumps [aws-sdk](https://github.com/aws/aws-sdk-js) from 2.1270.0 to 2.1272.0.
    - [Release notes](https://github.com/aws/aws-sdk-js/releases)
    - [Changelog](https://github.com/aws/aws-sdk-js/blob/master/CHANGELOG.md)
    - [Commits](aws/aws-sdk-js@v2.1270.0...v2.1272.0)
    
    ---
    updated-dependencies:
    - dependency-name: aws-sdk
      dependency-type: direct:development
      update-type: version-update:semver-minor
    ...
    
    Signed-off-by: dependabot[bot] <support@github.com>
    dependabot[bot] authored Dec 9, 2022
    Copy the full SHA
    99b5605 View commit details
  3. chore(deps-dev): Bump @pepperize/projen-awscdk-construct

    Bumps [@pepperize/projen-awscdk-construct](https://github.com/pepperize/projen-awscdk-construct) from 0.0.336 to 0.0.339.
    - [Release notes](https://github.com/pepperize/projen-awscdk-construct/releases)
    - [Commits](pepperize/projen-awscdk-construct@v0.0.336...v0.0.339)
    
    ---
    updated-dependencies:
    - dependency-name: "@pepperize/projen-awscdk-construct"
      dependency-type: direct:development
      update-type: version-update:semver-patch
    ...
    
    Signed-off-by: dependabot[bot] <support@github.com>
    dependabot[bot] authored Dec 9, 2022
    Copy the full SHA
    7ea750b View commit details
  4. chore(deps-dev): Bump jsii-docgen from 7.0.167 to 7.0.168 (#109)

    Bumps [jsii-docgen](https://github.com/cdklabs/jsii-docgen) from 7.0.167 to 7.0.168.
    <details>
    <summary>Release notes</summary>
    <p><em>Sourced from <a href="https://github.com/cdklabs/jsii-docgen/releases">jsii-docgen's releases</a>.</em></p>
    <blockquote>
    <h2>v7.0.168</h2>
    <h3><a href="https://github.com/cdklabs/jsii-docgen/compare/v7.0.167...v7.0.168">7.0.168</a> (2022-12-09)</h3>
    </blockquote>
    </details>
    <details>
    <summary>Commits</summary>
    <ul>
    <li><a href="https://github.com/cdklabs/jsii-docgen/commit/b811668dce6697155039281e43eca3399078b049"><code>b811668</code></a> chore(deps): upgrade dependencies (<a href="https://github-redirect.dependabot.com/cdklabs/jsii-docgen/issues/859">#859</a>)</li>
    <li>See full diff in <a href="https://github.com/cdklabs/jsii-docgen/compare/v7.0.167...v7.0.168">compare view</a></li>
    </ul>
    </details>
    <br />
    
    
    [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=jsii-docgen&package-manager=npm_and_yarn&previous-version=7.0.167&new-version=7.0.168)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
    
    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
    
    [//]: # (dependabot-automerge-start)
    [//]: # (dependabot-automerge-end)
    
    ---
    
    <details>
    <summary>Dependabot commands and options</summary>
    <br />
    
    You can trigger Dependabot actions by commenting on this PR:
    - `@dependabot rebase` will rebase this PR
    - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
    - `@dependabot merge` will merge this PR after your CI passes on it
    - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
    - `@dependabot cancel merge` will cancel a previously requested merge and block automerging
    - `@dependabot reopen` will reopen this PR if it is closed
    - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    
    
    </details>
    mergify[bot] authored Dec 9, 2022
    Copy the full SHA
    ac82ff5 View commit details
  5. Copy the full SHA
    6956b9a View commit details
  6. chore(deps-dev): Bump @pepperize/projen-awscdk-construct from 0.0.336…

    … to 0.0.339 (#111)
    
    Bumps [@pepperize/projen-awscdk-construct](https://github.com/pepperize/projen-awscdk-construct) from 0.0.336 to 0.0.339.
    <details>
    <summary>Release notes</summary>
    <p><em>Sourced from <a href="https://github.com/pepperize/projen-awscdk-construct/releases"><code>@​pepperize/projen-awscdk-construct</code>'s releases</a>.</em></p>
    <blockquote>
    <h2>v0.0.339</h2>
    <h3><a href="https://github.com/pepperize/projen-awscdk-construct/compare/v0.0.338...v0.0.339">0.0.339</a> (2022-12-09)</h3>
    <h2>v0.0.338</h2>
    <h3><a href="https://github.com/pepperize/projen-awscdk-construct/compare/v0.0.337...v0.0.338">0.0.338</a> (2022-12-09)</h3>
    <h2>v0.0.337</h2>
    <h3><a href="https://github.com/pepperize/projen-awscdk-construct/compare/v0.0.336...v0.0.337">0.0.337</a> (2022-12-09)</h3>
    </blockquote>
    </details>
    <details>
    <summary>Commits</summary>
    <ul>
    <li><a href="https://github.com/pepperize/projen-awscdk-construct/commit/dd6f36022edb5daba72432c707819d70a5c5786d"><code>dd6f360</code></a> chore(deps-dev): Bump <code>@​typescript-eslint/eslint-plugin</code> from 5.45.1 to 5.46.0 ...</li>
    <li><a href="https://github.com/pepperize/projen-awscdk-construct/commit/9c999a6ceb39b7972263d4fa37332a05acc73235"><code>9c999a6</code></a> chore(deps-dev): Bump jsii-docgen from 7.0.167 to 7.0.168 (<a href="https://github-redirect.dependabot.com/pepperize/projen-awscdk-construct/issues/323">#323</a>)</li>
    <li><a href="https://github.com/pepperize/projen-awscdk-construct/commit/90bf38347a7d02e06271cdb8d40c8b1077981b19"><code>90bf383</code></a> chore(deps-dev): Bump <code>@​typescript-eslint/parser</code> from 5.45.1 to 5.46.0 (<a href="https://github-redirect.dependabot.com/pepperize/projen-awscdk-construct/issues/324">#324</a>)</li>
    <li>See full diff in <a href="https://github.com/pepperize/projen-awscdk-construct/compare/v0.0.336...v0.0.339">compare view</a></li>
    </ul>
    </details>
    <br />
    
    
    [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@pepperize/projen-awscdk-construct&package-manager=npm_and_yarn&previous-version=0.0.336&new-version=0.0.339)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
    
    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
    
    [//]: # (dependabot-automerge-start)
    [//]: # (dependabot-automerge-end)
    
    ---
    
    <details>
    <summary>Dependabot commands and options</summary>
    <br />
    
    You can trigger Dependabot actions by commenting on this PR:
    - `@dependabot rebase` will rebase this PR
    - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
    - `@dependabot merge` will merge this PR after your CI passes on it
    - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
    - `@dependabot cancel merge` will cancel a previously requested merge and block automerging
    - `@dependabot reopen` will reopen this PR if it is closed
    - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    
    
    </details>
    mergify[bot] authored Dec 9, 2022
    Copy the full SHA
    dbbe94c View commit details
  7. Copy the full SHA
    8d4d05e View commit details
  8. chore(deps-dev): Bump aws-sdk from 2.1270.0 to 2.1272.0 (#110)

    Bumps [aws-sdk](https://github.com/aws/aws-sdk-js) from 2.1270.0 to 2.1272.0.
    <details>
    <summary>Release notes</summary>
    <p><em>Sourced from <a href="https://github.com/aws/aws-sdk-js/releases">aws-sdk's releases</a>.</em></p>
    <blockquote>
    <h2>Release v2.1272.0</h2>
    <p>See <a href="https://github.com/aws/aws-sdk-js/blob/master/CHANGELOG.md">changelog</a> for more information.</p>
    <h2>Release v2.1271.0</h2>
    <p>See <a href="https://github.com/aws/aws-sdk-js/blob/master/CHANGELOG.md">changelog</a> for more information.</p>
    </blockquote>
    </details>
    <details>
    <summary>Changelog</summary>
    <p><em>Sourced from <a href="https://github.com/aws/aws-sdk-js/blob/master/CHANGELOG.md">aws-sdk's changelog</a>.</em></p>
    <blockquote>
    <h2>2.1272.0</h2>
    <ul>
    <li>feature: IoTFleetWise: Deprecated assignedValue property for actuators and attributes.  Added a message to invalid nodes and invalid decoder manifest exceptions.</li>
    <li>feature: MediaLive: Link devices now support buffer size (latency) configuration. A higher latency value means a longer delay in transmitting from the device to MediaLive, but improved resiliency. A lower latency value means a shorter delay, but less resiliency.</li>
    <li>feature: MediaPackageVod: This release provides the approximate number of assets in a packaging group.</li>
    </ul>
    <h2>2.1271.0</h2>
    <ul>
    <li>feature: AutoScaling: Adds support for metric math for target tracking scaling policies, saving you the cost and effort of publishing a custom metric to CloudWatch. Also adds support for VPC Lattice by adding the Attach/Detach/DescribeTrafficSources APIs and a new health check type to the CreateAutoScalingGroup API.</li>
    <li>feature: IoTTwinMaker: This release adds the following new features: 1) New APIs for managing a continuous sync of assets and asset models from AWS IoT SiteWise. 2) Support user friendly names for component types (ComponentTypeName) and properties (DisplayName).</li>
    <li>feature: MigrationHubStrategy: This release adds known application filtering, server selection for assessments, support for potential recommendations, and indications for configuration and assessment status. For more information, see the AWS Migration Hub documentation at <a href="https://docs.aws.amazon.com/migrationhub/index.html">https://docs.aws.amazon.com/migrationhub/index.html</a></li>
    </ul>
    </blockquote>
    </details>
    <details>
    <summary>Commits</summary>
    <ul>
    <li><a href="https://github.com/aws/aws-sdk-js/commit/f481a23334c6415a29cb75141b9f191cf593bcbc"><code>f481a23</code></a> Updates SDK to v2.1272.0</li>
    <li><a href="https://github.com/aws/aws-sdk-js/commit/a11bc502381afae7b0a48494c4ee5f3e194a18c9"><code>a11bc50</code></a> Updates SDK to v2.1271.0</li>
    <li>See full diff in <a href="https://github.com/aws/aws-sdk-js/compare/v2.1270.0...v2.1272.0">compare view</a></li>
    </ul>
    </details>
    <br />
    
    
    [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=aws-sdk&package-manager=npm_and_yarn&previous-version=2.1270.0&new-version=2.1272.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
    
    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
    
    [//]: # (dependabot-automerge-start)
    [//]: # (dependabot-automerge-end)
    
    ---
    
    <details>
    <summary>Dependabot commands and options</summary>
    <br />
    
    You can trigger Dependabot actions by commenting on this PR:
    - `@dependabot rebase` will rebase this PR
    - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
    - `@dependabot merge` will merge this PR after your CI passes on it
    - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
    - `@dependabot cancel merge` will cancel a previously requested merge and block automerging
    - `@dependabot reopen` will reopen this PR if it is closed
    - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    
    
    </details>
    mergify[bot] authored Dec 9, 2022
    Copy the full SHA
    f21d2a1 View commit details

Commits on Dec 12, 2022

  1. chore(deps-dev): Bump @pepperize/projen-awscdk-construct

    Bumps [@pepperize/projen-awscdk-construct](https://github.com/pepperize/projen-awscdk-construct) from 0.0.339 to 0.0.340.
    - [Release notes](https://github.com/pepperize/projen-awscdk-construct/releases)
    - [Commits](pepperize/projen-awscdk-construct@v0.0.339...v0.0.340)
    
    ---
    updated-dependencies:
    - dependency-name: "@pepperize/projen-awscdk-construct"
      dependency-type: direct:development
      update-type: version-update:semver-patch
    ...
    
    Signed-off-by: dependabot[bot] <support@github.com>
    dependabot[bot] authored Dec 12, 2022
    Copy the full SHA
    48612c3 View commit details
  2. chore(deps-dev): Bump @typescript-eslint/parser from 5.46.0 to 5.46.1

    Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 5.46.0 to 5.46.1.
    - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
    - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
    - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.46.1/packages/parser)
    
    ---
    updated-dependencies:
    - dependency-name: "@typescript-eslint/parser"
      dependency-type: direct:development
      update-type: version-update:semver-patch
    ...
    
    Signed-off-by: dependabot[bot] <support@github.com>
    dependabot[bot] authored Dec 12, 2022
    Copy the full SHA
    7294cb1 View commit details
  3. chore(deps-dev): Bump jsii-docgen from 7.0.168 to 7.0.171

    Bumps [jsii-docgen](https://github.com/cdklabs/jsii-docgen) from 7.0.168 to 7.0.171.
    - [Release notes](https://github.com/cdklabs/jsii-docgen/releases)
    - [Changelog](https://github.com/cdklabs/jsii-docgen/blob/main/CHANGELOG.md)
    - [Commits](cdklabs/jsii-docgen@v7.0.168...v7.0.171)
    
    ---
    updated-dependencies:
    - dependency-name: jsii-docgen
      dependency-type: direct:development
      update-type: version-update:semver-patch
    ...
    
    Signed-off-by: dependabot[bot] <support@github.com>
    dependabot[bot] authored Dec 12, 2022
    Copy the full SHA
    5ca5e3d View commit details
  4. chore(deps-dev): Bump aws-sdk from 2.1272.0 to 2.1273.0

    Bumps [aws-sdk](https://github.com/aws/aws-sdk-js) from 2.1272.0 to 2.1273.0.
    - [Release notes](https://github.com/aws/aws-sdk-js/releases)
    - [Changelog](https://github.com/aws/aws-sdk-js/blob/master/CHANGELOG.md)
    - [Commits](aws/aws-sdk-js@v2.1272.0...v2.1273.0)
    
    ---
    updated-dependencies:
    - dependency-name: aws-sdk
      dependency-type: direct:development
      update-type: version-update:semver-minor
    ...
    
    Signed-off-by: dependabot[bot] <support@github.com>
    dependabot[bot] authored Dec 12, 2022
    Copy the full SHA
    513476f View commit details
  5. chore(deps-dev): Bump @pepperize/projen-awscdk-construct from 0.0.339…

    … to 0.0.340 (#112)
    
    Bumps [@pepperize/projen-awscdk-construct](https://github.com/pepperize/projen-awscdk-construct) from 0.0.339 to 0.0.340.
    <details>
    <summary>Release notes</summary>
    <p><em>Sourced from <a href="https://github.com/pepperize/projen-awscdk-construct/releases"><code>@​pepperize/projen-awscdk-construct</code>'s releases</a>.</em></p>
    <blockquote>
    <h2>v0.0.340</h2>
    <h3><a href="https://github.com/pepperize/projen-awscdk-construct/compare/v0.0.339...v0.0.340">0.0.340</a> (2022-12-12)</h3>
    </blockquote>
    </details>
    <details>
    <summary>Commits</summary>
    <ul>
    <li><a href="https://github.com/pepperize/projen-awscdk-construct/commit/f7cf9f557974318e626f885a2a3f02b575fd71cf"><code>f7cf9f5</code></a> chore(deps-dev): Bump jsii-docgen from 7.0.168 to 7.0.171 (<a href="https://github-redirect.dependabot.com/pepperize/projen-awscdk-construct/issues/326">#326</a>)</li>
    <li>See full diff in <a href="https://github.com/pepperize/projen-awscdk-construct/compare/v0.0.339...v0.0.340">compare view</a></li>
    </ul>
    </details>
    <br />
    
    
    [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@pepperize/projen-awscdk-construct&package-manager=npm_and_yarn&previous-version=0.0.339&new-version=0.0.340)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
    
    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
    
    [//]: # (dependabot-automerge-start)
    [//]: # (dependabot-automerge-end)
    
    ---
    
    <details>
    <summary>Dependabot commands and options</summary>
    <br />
    
    You can trigger Dependabot actions by commenting on this PR:
    - `@dependabot rebase` will rebase this PR
    - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
    - `@dependabot merge` will merge this PR after your CI passes on it
    - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
    - `@dependabot cancel merge` will cancel a previously requested merge and block automerging
    - `@dependabot reopen` will reopen this PR if it is closed
    - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    
    
    </details>
    mergify[bot] authored Dec 12, 2022
    Copy the full SHA
    e85be6c View commit details
  6. Copy the full SHA
    e340908 View commit details
  7. chore(deps-dev): Bump aws-sdk from 2.1272.0 to 2.1273.0 (#115)

    Bumps [aws-sdk](https://github.com/aws/aws-sdk-js) from 2.1272.0 to 2.1273.0.
    <details>
    <summary>Release notes</summary>
    <p><em>Sourced from <a href="https://github.com/aws/aws-sdk-js/releases">aws-sdk's releases</a>.</em></p>
    <blockquote>
    <h2>Release v2.1273.0</h2>
    <p>See <a href="https://github.com/aws/aws-sdk-js/blob/master/CHANGELOG.md">changelog</a> for more information.</p>
    </blockquote>
    </details>
    <details>
    <summary>Changelog</summary>
    <p><em>Sourced from <a href="https://github.com/aws/aws-sdk-js/blob/master/CHANGELOG.md">aws-sdk's changelog</a>.</em></p>
    <blockquote>
    <h2>2.1273.0</h2>
    <ul>
    <li>feature: CustomerProfiles: This release allows custom strings in PartyType and Gender through 2 new attributes in the CreateProfile and UpdateProfile APIs: PartyTypeString and GenderString.</li>
    <li>feature: EC2: This release updates DescribeFpgaImages to show supported instance types of AFIs in its response.</li>
    <li>feature: KinesisVideo: This release adds support for public preview of Kinesis Video Stream at Edge enabling customers to provide configuration for the Kinesis Video Stream EdgeAgent running on an on-premise IoT device. Customers can now locally record from cameras and stream videos to the cloud on configured schedule.</li>
    <li>feature: MigrationHubRefactorSpaces: This release adds support for Lambda alias service endpoints. Lambda alias ARNs can now be passed into CreateService.</li>
    <li>feature: RDS: Update the RDS API model to support copying option groups during the CopyDBSnapshot operation</li>
    <li>feature: Rekognition: Adds support for &quot;aliases&quot; and &quot;categories&quot;, inclusion and exclusion filters for labels and label categories, and aggregating labels by video segment timestamps for Stored Video Label Detection APIs.</li>
    <li>feature: SageMakerMetrics: This release introduces support SageMaker Metrics APIs.</li>
    </ul>
    </blockquote>
    </details>
    <details>
    <summary>Commits</summary>
    <ul>
    <li><a href="https://github.com/aws/aws-sdk-js/commit/187f234d1ae87a9e0e1cfa91a033b8ac88755e56"><code>187f234</code></a> Updates SDK to v2.1273.0</li>
    <li>See full diff in <a href="https://github.com/aws/aws-sdk-js/compare/v2.1272.0...v2.1273.0">compare view</a></li>
    </ul>
    </details>
    <br />
    
    
    [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=aws-sdk&package-manager=npm_and_yarn&previous-version=2.1272.0&new-version=2.1273.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
    
    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
    
    [//]: # (dependabot-automerge-start)
    [//]: # (dependabot-automerge-end)
    
    ---
    
    <details>
    <summary>Dependabot commands and options</summary>
    <br />
    
    You can trigger Dependabot actions by commenting on this PR:
    - `@dependabot rebase` will rebase this PR
    - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
    - `@dependabot merge` will merge this PR after your CI passes on it
    - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
    - `@dependabot cancel merge` will cancel a previously requested merge and block automerging
    - `@dependabot reopen` will reopen this PR if it is closed
    - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    
    
    </details>
    mergify[bot] authored Dec 12, 2022
    Copy the full SHA
    8f3bf80 View commit details
  8. Copy the full SHA
    e1268f6 View commit details
  9. chore(deps-dev): Bump @typescript-eslint/parser from 5.46.0 to 5.46.1 (

    …#113)
    
    Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 5.46.0 to 5.46.1.
    <details>
    <summary>Release notes</summary>
    <p><em>Sourced from <a href="https://github.com/typescript-eslint/typescript-eslint/releases"><code>@​typescript-eslint/parser</code>'s releases</a>.</em></p>
    <blockquote>
    <h2>v5.46.1</h2>
    <h2><a href="https://github.com/typescript-eslint/typescript-eslint/compare/v5.46.0...v5.46.1">5.46.1</a> (2022-12-12)</h2>
    <p><strong>Note:</strong> Version bump only for package <code>@​typescript-eslint/typescript-eslint</code></p>
    </blockquote>
    </details>
    <details>
    <summary>Changelog</summary>
    <p><em>Sourced from <a href="https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md"><code>@​typescript-eslint/parser</code>'s changelog</a>.</em></p>
    <blockquote>
    <h2><a href="https://github.com/typescript-eslint/typescript-eslint/compare/v5.46.0...v5.46.1">5.46.1</a> (2022-12-12)</h2>
    <p><strong>Note:</strong> Version bump only for package <code>@​typescript-eslint/parser</code></p>
    </blockquote>
    </details>
    <details>
    <summary>Commits</summary>
    <ul>
    <li><a href="https://github.com/typescript-eslint/typescript-eslint/commit/c943b845c939944d309cea7a312db4ca645308f3"><code>c943b84</code></a> chore: publish v5.46.1</li>
    <li><a href="https://github.com/typescript-eslint/typescript-eslint/commit/47241bb6f676233e37cd813714b79e3a5d9fb3e0"><code>47241bb</code></a> docs: overhaul branding and add new logo (<a href="https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser/issues/6147">#6147</a>)</li>
    <li>See full diff in <a href="https://github.com/typescript-eslint/typescript-eslint/commits/v5.46.1/packages/parser">compare view</a></li>
    </ul>
    </details>
    <br />
    
    
    [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@typescript-eslint/parser&package-manager=npm_and_yarn&previous-version=5.46.0&new-version=5.46.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
    
    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
    
    [//]: # (dependabot-automerge-start)
    [//]: # (dependabot-automerge-end)
    
    ---
    
    <details>
    <summary>Dependabot commands and options</summary>
    <br />
    
    You can trigger Dependabot actions by commenting on this PR:
    - `@dependabot rebase` will rebase this PR
    - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
    - `@dependabot merge` will merge this PR after your CI passes on it
    - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
    - `@dependabot cancel merge` will cancel a previously requested merge and block automerging
    - `@dependabot reopen` will reopen this PR if it is closed
    - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    
    
    </details>
    mergify[bot] authored Dec 12, 2022
    Copy the full SHA
    feb5a4e View commit details
  10. Copy the full SHA
    b98e915 View commit details
  11. chore(deps-dev): Bump @typescript-eslint/eslint-plugin

    Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 5.46.0 to 5.46.1.
    - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
    - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
    - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.46.1/packages/eslint-plugin)
    
    ---
    updated-dependencies:
    - dependency-name: "@typescript-eslint/eslint-plugin"
      dependency-type: direct:development
      update-type: version-update:semver-patch
    ...
    
    Signed-off-by: dependabot[bot] <support@github.com>
    dependabot[bot] authored Dec 12, 2022
    Copy the full SHA
    0078b1f View commit details
  12. chore(deps-dev): Bump jsii-docgen from 7.0.168 to 7.0.171 (#114)

    Bumps [jsii-docgen](https://github.com/cdklabs/jsii-docgen) from 7.0.168 to 7.0.171.
    <details>
    <summary>Release notes</summary>
    <p><em>Sourced from <a href="https://github.com/cdklabs/jsii-docgen/releases">jsii-docgen's releases</a>.</em></p>
    <blockquote>
    <h2>v7.0.171</h2>
    <h3><a href="https://github.com/cdklabs/jsii-docgen/compare/v7.0.170...v7.0.171">7.0.171</a> (2022-12-12)</h3>
    <h2>v7.0.170</h2>
    <h3><a href="https://github.com/cdklabs/jsii-docgen/compare/v7.0.169...v7.0.170">7.0.170</a> (2022-12-11)</h3>
    <h2>v7.0.169</h2>
    <h3><a href="https://github.com/cdklabs/jsii-docgen/compare/v7.0.168...v7.0.169">7.0.169</a> (2022-12-10)</h3>
    </blockquote>
    </details>
    <details>
    <summary>Commits</summary>
    <ul>
    <li><a href="https://github.com/cdklabs/jsii-docgen/commit/09e39c3c8ae0dbecde2e6a6d8df8ca335836750c"><code>09e39c3</code></a> chore(deps): upgrade dependencies (<a href="https://github-redirect.dependabot.com/cdklabs/jsii-docgen/issues/862">#862</a>)</li>
    <li><a href="https://github.com/cdklabs/jsii-docgen/commit/e33bc7e71ae3f772f634ceb82aff1da030acf427"><code>e33bc7e</code></a> chore(deps): upgrade dependencies (<a href="https://github-redirect.dependabot.com/cdklabs/jsii-docgen/issues/861">#861</a>)</li>
    <li><a href="https://github.com/cdklabs/jsii-docgen/commit/c279a0af06f8cf0a5b79e8b27811e80778016a18"><code>c279a0a</code></a> chore(deps): upgrade dependencies (<a href="https://github-redirect.dependabot.com/cdklabs/jsii-docgen/issues/860">#860</a>)</li>
    <li>See full diff in <a href="https://github.com/cdklabs/jsii-docgen/compare/v7.0.168...v7.0.171">compare view</a></li>
    </ul>
    </details>
    <br />
    
    
    [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=jsii-docgen&package-manager=npm_and_yarn&previous-version=7.0.168&new-version=7.0.171)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
    
    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
    
    [//]: # (dependabot-automerge-start)
    [//]: # (dependabot-automerge-end)
    
    ---
    
    <details>
    <summary>Dependabot commands and options</summary>
    <br />
    
    You can trigger Dependabot actions by commenting on this PR:
    - `@dependabot rebase` will rebase this PR
    - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
    - `@dependabot merge` will merge this PR after your CI passes on it
    - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
    - `@dependabot cancel merge` will cancel a previously requested merge and block automerging
    - `@dependabot reopen` will reopen this PR if it is closed
    - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    
    
    </details>
    mergify[bot] authored Dec 12, 2022
    Copy the full SHA
    f172d94 View commit details
  13. Copy the full SHA
    3351d2f View commit details
  14. chore(deps-dev): Bump @typescript-eslint/eslint-plugin from 5.46.0 to…

    … 5.46.1 (#116)
    
    Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 5.46.0 to 5.46.1.
    <details>
    <summary>Release notes</summary>
    <p><em>Sourced from <a href="https://github.com/typescript-eslint/typescript-eslint/releases"><code>@​typescript-eslint/eslint-plugin</code>'s releases</a>.</em></p>
    <blockquote>
    <h2>v5.46.1</h2>
    <h2><a href="https://github.com/typescript-eslint/typescript-eslint/compare/v5.46.0...v5.46.1">5.46.1</a> (2022-12-12)</h2>
    <p><strong>Note:</strong> Version bump only for package <code>@​typescript-eslint/typescript-eslint</code></p>
    </blockquote>
    </details>
    <details>
    <summary>Changelog</summary>
    <p><em>Sourced from <a href="https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md"><code>@​typescript-eslint/eslint-plugin</code>'s changelog</a>.</em></p>
    <blockquote>
    <h2><a href="https://github.com/typescript-eslint/typescript-eslint/compare/v5.46.0...v5.46.1">5.46.1</a> (2022-12-12)</h2>
    <p><strong>Note:</strong> Version bump only for package <code>@​typescript-eslint/eslint-plugin</code></p>
    </blockquote>
    </details>
    <details>
    <summary>Commits</summary>
    <ul>
    <li><a href="https://github.com/typescript-eslint/typescript-eslint/commit/c943b845c939944d309cea7a312db4ca645308f3"><code>c943b84</code></a> chore: publish v5.46.1</li>
    <li><a href="https://github.com/typescript-eslint/typescript-eslint/commit/47241bb6f676233e37cd813714b79e3a5d9fb3e0"><code>47241bb</code></a> docs: overhaul branding and add new logo (<a href="https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin/issues/6147">#6147</a>)</li>
    <li>See full diff in <a href="https://github.com/typescript-eslint/typescript-eslint/commits/v5.46.1/packages/eslint-plugin">compare view</a></li>
    </ul>
    </details>
    <br />
    
    
    [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@typescript-eslint/eslint-plugin&package-manager=npm_and_yarn&previous-version=5.46.0&new-version=5.46.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
    
    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
    
    [//]: # (dependabot-automerge-start)
    [//]: # (dependabot-automerge-end)
    
    ---
    
    <details>
    <summary>Dependabot commands and options</summary>
    <br />
    
    You can trigger Dependabot actions by commenting on this PR:
    - `@dependabot rebase` will rebase this PR
    - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
    - `@dependabot merge` will merge this PR after your CI passes on it
    - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
    - `@dependabot cancel merge` will cancel a previously requested merge and block automerging
    - `@dependabot reopen` will reopen this PR if it is closed
    - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    
    
    </details>
    mergify[bot] authored Dec 12, 2022
    Copy the full SHA
    144f166 View commit details

Commits on Dec 13, 2022

  1. chore(deps-dev): Bump jsii-docgen from 7.0.171 to 7.0.172

    Bumps [jsii-docgen](https://github.com/cdklabs/jsii-docgen) from 7.0.171 to 7.0.172.
    - [Release notes](https://github.com/cdklabs/jsii-docgen/releases)
    - [Changelog](https://github.com/cdklabs/jsii-docgen/blob/main/CHANGELOG.md)
    - [Commits](cdklabs/jsii-docgen@v7.0.171...v7.0.172)
    
    ---
    updated-dependencies:
    - dependency-name: jsii-docgen
      dependency-type: direct:development
      update-type: version-update:semver-patch
    ...
    
    Signed-off-by: dependabot[bot] <support@github.com>
    dependabot[bot] authored Dec 13, 2022
    Copy the full SHA
    95b5c1b View commit details
  2. chore(deps-dev): Bump @pepperize/projen-awscdk-construct

    Bumps [@pepperize/projen-awscdk-construct](https://github.com/pepperize/projen-awscdk-construct) from 0.0.340 to 0.0.343.
    - [Release notes](https://github.com/pepperize/projen-awscdk-construct/releases)
    - [Commits](pepperize/projen-awscdk-construct@v0.0.340...v0.0.343)
    
    ---
    updated-dependencies:
    - dependency-name: "@pepperize/projen-awscdk-construct"
      dependency-type: direct:development
      update-type: version-update:semver-patch
    ...
    
    Signed-off-by: dependabot[bot] <support@github.com>
    dependabot[bot] authored Dec 13, 2022
    Copy the full SHA
    c7520eb View commit details
  3. chore(deps-dev): Bump aws-sdk from 2.1273.0 to 2.1274.0

    Bumps [aws-sdk](https://github.com/aws/aws-sdk-js) from 2.1273.0 to 2.1274.0.
    - [Release notes](https://github.com/aws/aws-sdk-js/releases)
    - [Changelog](https://github.com/aws/aws-sdk-js/blob/master/CHANGELOG.md)
    - [Commits](aws/aws-sdk-js@v2.1273.0...v2.1274.0)
    
    ---
    updated-dependencies:
    - dependency-name: aws-sdk
      dependency-type: direct:development
      update-type: version-update:semver-minor
    ...
    
    Signed-off-by: dependabot[bot] <support@github.com>
    dependabot[bot] authored Dec 13, 2022
    Copy the full SHA
    3d56f6f View commit details
  4. chore(deps-dev): Bump jsii-docgen from 7.0.171 to 7.0.172 (#117)

    Bumps [jsii-docgen](https://github.com/cdklabs/jsii-docgen) from 7.0.171 to 7.0.172.
    <details>
    <summary>Release notes</summary>
    <p><em>Sourced from <a href="https://github.com/cdklabs/jsii-docgen/releases">jsii-docgen's releases</a>.</em></p>
    <blockquote>
    <h2>v7.0.172</h2>
    <h3><a href="https://github.com/cdklabs/jsii-docgen/compare/v7.0.171...v7.0.172">7.0.172</a> (2022-12-13)</h3>
    </blockquote>
    </details>
    <details>
    <summary>Commits</summary>
    <ul>
    <li><a href="https://github.com/cdklabs/jsii-docgen/commit/b5bc1644e7aaf04d41ad40b075bb16fad63e80c0"><code>b5bc164</code></a> chore(deps): upgrade dependencies (<a href="https://github-redirect.dependabot.com/cdklabs/jsii-docgen/issues/863">#863</a>)</li>
    <li>See full diff in <a href="https://github.com/cdklabs/jsii-docgen/compare/v7.0.171...v7.0.172">compare view</a></li>
    </ul>
    </details>
    <br />
    
    
    [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=jsii-docgen&package-manager=npm_and_yarn&previous-version=7.0.171&new-version=7.0.172)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
    
    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
    
    [//]: # (dependabot-automerge-start)
    [//]: # (dependabot-automerge-end)
    
    ---
    
    <details>
    <summary>Dependabot commands and options</summary>
    <br />
    
    You can trigger Dependabot actions by commenting on this PR:
    - `@dependabot rebase` will rebase this PR
    - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
    - `@dependabot merge` will merge this PR after your CI passes on it
    - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
    - `@dependabot cancel merge` will cancel a previously requested merge and block automerging
    - `@dependabot reopen` will reopen this PR if it is closed
    - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    
    
    </details>
    mergify[bot] authored Dec 13, 2022
    Copy the full SHA
    91b7c76 View commit details
  5. Copy the full SHA
    61b3cf8 View commit details
  6. chore(deps-dev): Bump @pepperize/projen-awscdk-construct from 0.0.340…

    … to 0.0.343 (#118)
    
    Bumps [@pepperize/projen-awscdk-construct](https://github.com/pepperize/projen-awscdk-construct) from 0.0.340 to 0.0.343.
    <details>
    <summary>Release notes</summary>
    <p><em>Sourced from <a href="https://github.com/pepperize/projen-awscdk-construct/releases"><code>@​pepperize/projen-awscdk-construct</code>'s releases</a>.</em></p>
    <blockquote>
    <h2>v0.0.343</h2>
    <h3><a href="https://github.com/pepperize/projen-awscdk-construct/compare/v0.0.342...v0.0.343">0.0.343</a> (2022-12-13)</h3>
    <h2>v0.0.342</h2>
    <h3><a href="https://github.com/pepperize/projen-awscdk-construct/compare/v0.0.341...v0.0.342">0.0.342</a> (2022-12-13)</h3>
    <h2>v0.0.341</h2>
    <h3><a href="https://github.com/pepperize/projen-awscdk-construct/compare/v0.0.340...v0.0.341">0.0.341</a> (2022-12-13)</h3>
    </blockquote>
    </details>
    <details>
    <summary>Commits</summary>
    <ul>
    <li><a href="https://github.com/pepperize/projen-awscdk-construct/commit/4d6589fce6674234a7cbabd69ee19919aa9bd2e4"><code>4d6589f</code></a> chore(deps-dev): Bump <code>@​typescript-eslint/parser</code> from 5.46.0 to 5.46.1 (<a href="https://github-redirect.dependabot.com/pepperize/projen-awscdk-construct/issues/327">#327</a>)</li>
    <li><a href="https://github.com/pepperize/projen-awscdk-construct/commit/39427d98358f0b34f355288d4a3c382d5c528bf2"><code>39427d9</code></a> chore(deps-dev): Bump <code>@​typescript-eslint/eslint-plugin</code> from 5.46.0 to 5.46.1 ...</li>
    <li><a href="https://github.com/pepperize/projen-awscdk-construct/commit/29e00423d6e62be33d1906a7b1baf817589f46b2"><code>29e0042</code></a> chore(deps-dev): Bump jsii-docgen from 7.0.171 to 7.0.172 (<a href="https://github-redirect.dependabot.com/pepperize/projen-awscdk-construct/issues/328">#328</a>)</li>
    <li>See full diff in <a href="https://github.com/pepperize/projen-awscdk-construct/compare/v0.0.340...v0.0.343">compare view</a></li>
    </ul>
    </details>
    <br />
    
    
    [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@pepperize/projen-awscdk-construct&package-manager=npm_and_yarn&previous-version=0.0.340&new-version=0.0.343)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
    
    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
    
    [//]: # (dependabot-automerge-start)
    [//]: # (dependabot-automerge-end)
    
    ---
    
    <details>
    <summary>Dependabot commands and options</summary>
    <br />
    
    You can trigger Dependabot actions by commenting on this PR:
    - `@dependabot rebase` will rebase this PR
    - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
    - `@dependabot merge` will merge this PR after your CI passes on it
    - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
    - `@dependabot cancel merge` will cancel a previously requested merge and block automerging
    - `@dependabot reopen` will reopen this PR if it is closed
    - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    
    
    </details>
    mergify[bot] authored Dec 13, 2022
    Copy the full SHA
    c82b846 View commit details
  7. Copy the full SHA
    e38fa23 View commit details
  8. chore(deps-dev): Bump aws-sdk from 2.1273.0 to 2.1274.0 (#119)

    Bumps [aws-sdk](https://github.com/aws/aws-sdk-js) from 2.1273.0 to 2.1274.0.
    <details>
    <summary>Release notes</summary>
    <p><em>Sourced from <a href="https://github.com/aws/aws-sdk-js/releases">aws-sdk's releases</a>.</em></p>
    <blockquote>
    <h2>Release v2.1274.0</h2>
    <p>See <a href="https://github.com/aws/aws-sdk-js/blob/master/CHANGELOG.md">changelog</a> for more information.</p>
    </blockquote>
    </details>
    <details>
    <summary>Changelog</summary>
    <p><em>Sourced from <a href="https://github.com/aws/aws-sdk-js/blob/master/CHANGELOG.md">aws-sdk's changelog</a>.</em></p>
    <blockquote>
    <h2>2.1274.0</h2>
    <ul>
    <li>feature: CloudTrail: Merging mainline branch for service model into mainline release branch. There are no new APIs.</li>
    <li>feature: RDS: This deployment adds ClientPasswordAuthType field to the Auth structure of the DBProxy.</li>
    </ul>
    </blockquote>
    </details>
    <details>
    <summary>Commits</summary>
    <ul>
    <li><a href="https://github.com/aws/aws-sdk-js/commit/7ba0bd2ebe8ca4860000714c1eb759a25362615a"><code>7ba0bd2</code></a> Updates SDK to v2.1274.0</li>
    <li>See full diff in <a href="https://github.com/aws/aws-sdk-js/compare/v2.1273.0...v2.1274.0">compare view</a></li>
    </ul>
    </details>
    <br />
    
    
    [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=aws-sdk&package-manager=npm_and_yarn&previous-version=2.1273.0&new-version=2.1274.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
    
    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
    
    [//]: # (dependabot-automerge-start)
    [//]: # (dependabot-automerge-end)
    
    ---
    
    <details>
    <summary>Dependabot commands and options</summary>
    <br />
    
    You can trigger Dependabot actions by commenting on this PR:
    - `@dependabot rebase` will rebase this PR
    - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
    - `@dependabot merge` will merge this PR after your CI passes on it
    - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
    - `@dependabot cancel merge` will cancel a previously requested merge and block automerging
    - `@dependabot reopen` will reopen this PR if it is closed
    - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    
    
    </details>
    mergify[bot] authored Dec 13, 2022
    Copy the full SHA
    05340cf View commit details
2 changes: 1 addition & 1 deletion .editorconfig

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

19 changes: 8 additions & 11 deletions .eslintrc.json

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

3 changes: 2 additions & 1 deletion .gitattributes

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion .github/dependabot.yml

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion .github/workflows/auto-approve.yml

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

155 changes: 99 additions & 56 deletions .github/workflows/build.yml

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

6 changes: 4 additions & 2 deletions .github/workflows/pull-request-lint.yml

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

142 changes: 92 additions & 50 deletions .github/workflows/release.yml

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 2 additions & 2 deletions .gitignore

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion .gitpod.yml

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

14 changes: 8 additions & 6 deletions .mergify.yml

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

7 changes: 6 additions & 1 deletion .npmignore

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion .prettierignore

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

63 changes: 30 additions & 33 deletions .projen/deps.json

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion .projen/files.json

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

50 changes: 40 additions & 10 deletions .projen/tasks.json

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

16 changes: 15 additions & 1 deletion .projenrc.ts
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
import { AwsCdkConstructLibrary } from "@pepperize/projen-awscdk-construct";
import { javascript } from "projen";
import { javascript, awscdk } from "projen";

const project = new AwsCdkConstructLibrary({
author: "Patrick Florek",
authorAddress: "patrick.florek@gmail.com",
@@ -14,6 +15,8 @@ const project = new AwsCdkConstructLibrary({
"construct",
"custom-resource",
"github",
"actions",
"secret",
"provider",
"repository",
"teams",
@@ -38,8 +41,11 @@ const project = new AwsCdkConstructLibrary({
"@octokit/types",
"@pepperize/projen-awscdk-construct@latest",
"@types/aws-lambda",
"@types/libsodium-wrappers",
"aws-lambda",
"aws-sdk",
"libsodium",
"libsodium-wrappers",
],

versionrcOptions: {
@@ -67,8 +73,16 @@ const project = new AwsCdkConstructLibrary({
gitpod: true,

gitignore: ["cdk.out"],

lambdaOptions: {
runtime: awscdk.LambdaRuntime.NODEJS_22_X,
},
});

project.eslint?.allowDevDeps("src/custom-resource-provider/encrypt.ts");
project.eslint?.allowDevDeps("src/custom-resource-provider/execute-github-api-call.ts");
project.eslint?.allowDevDeps("src/custom-resource-provider/get-secret-value.ts");

project.gitpod?.addCustomTask({
name: "setup",
init: "yarn install && npx projen build",
260 changes: 225 additions & 35 deletions API.md

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion LICENSE

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

107 changes: 99 additions & 8 deletions README.md
Original file line number Diff line number Diff line change
@@ -1,9 +1,10 @@
[![PRs Welcome](https://img.shields.io/badge/PRs-welcome-brightgreen.svg?style=flat-square)](https://makeapullrequest.com)
[![GitHub](https://img.shields.io/github/license/pepperize/cdk-github?style=flat-square)](https://github.com/pepperize/cdk-github/blob/main/LICENSE)
[![npm (scoped)](https://img.shields.io/npm/v/@pepperize/cdk-github?style=flat-square)](https://www.npmjs.com/package/@pepperize/cdk-github)
[![PyPI](https://img.shields.io/pypi/v/pepperize.cdk-github?style=flat-square)](https://pypi.org/project/pepperize.cdk-github/)
[![Nuget](https://img.shields.io/nuget/v/Pepperize.CDK.Github?style=flat-square)](https://www.nuget.org/packages/Pepperize.CDK.Github/)
[![Sonatype Nexus (Releases)](https://img.shields.io/nexus/r/com.pepperize/cdk-github?server=https%3A%2F%2Fs01.oss.sonatype.org%2F&style=flat-square)](https://s01.oss.sonatype.org/content/repositories/releases/com/pepperize/cdk-github/)
[![GitHub Workflow Status (branch)](https://img.shields.io/github/workflow/status/pepperize/cdk-github/release/main?label=release&style=flat-square)](https://github.com/pepperize/cdk-github/actions/workflows/release.yml)
[![GitHub Workflow Status (branch)](https://img.shields.io/github/actions/workflow/status/pepperize/cdk-github/release.yml?branch=main&label=release&style=flat-square)](https://github.com/pepperize/cdk-github/actions/workflows/release.yml)
[![GitHub release (latest SemVer)](https://img.shields.io/github/v/release/pepperize/cdk-github?sort=semver&style=flat-square)](https://github.com/pepperize/cdk-github/releases)
[![Gitpod ready-to-code](https://img.shields.io/badge/Gitpod-ready--to--code-blue?logo=gitpod&style=flat-square)](https://gitpod.io/#https://github.com/pepperize/cdk-github)

@@ -13,6 +14,8 @@ Manage GitHub resources like repositories, teams, members, integrations and work

> You configure the endpoint, method and parameters documented by [@octokit/rest](https://octokit.github.io/rest.js/v19) and AWS CloudFormation runs them anytime you create, update (if you changed the custom resource), or delete stacks. When CloudFormation sends a lifecycle event notification, then your custom resource sends the request to the [GitHub REST API](https://docs.github.com/en/rest).
[![View on Construct Hub](https://constructs.dev/badge?package=%40pepperize%2Fcdk-github)](https://constructs.dev/packages/@pepperize/cdk-github)

## Install

<details><summary><strong>TypeScript</strong></summary>
@@ -104,7 +107,7 @@ yarn build
6. Import your secret

```typescript
const secret = secrets_manager.Secret.fromSecretNameV2(stack, "Auth", "cdk-github/test");
const secret = secrets_manager.Secret.fromSecretNameV2(stack, "Auth", "cdk-github/github-token");
```

7. Configure GitHub App authenticate as an installation
@@ -164,7 +167,7 @@ Lookup the secret in your AWS CDK app:

```typescript
// 👇Lookup your secret containing the AuthOptions
const secret = secrets_manager.Secret.fromSecretNameV2(stack, "Auth", "cdk-github/test");
const secret = secrets_manager.Secret.fromSecretNameV2(stack, "Auth", "cdk-github/github-token");
// 👇This will send the secret arn to the custom resource handler
const authOptions = AuthOptions.appAuth(secret);
```
@@ -187,7 +190,7 @@ Just add your PAT to an SSM StringParameter

```typescript
// 👇Lookup your parameter containing the TOKEN
const parameter = ssm.StringParameter.fromStringParameterName(stack, "Auth", "cdk-github/test");
const parameter = ssm.StringParameter.fromStringParameterName(stack, "Auth", "cdk-github/github-token");
// 👇This will send the parameter arn to the custom resource handler
const authOptions = AuthOptions.tokenAuth(parameter);
```
@@ -201,14 +204,16 @@ const authOptions = AuthOptions.tokenAuth(parameter);
const authOptions = AuthOptions.unauthenticated();
```

## Example
## Manage a GitHub Repository - Example

[![Manage a GitHub Repository as custom CFN resource](https://raw.githubusercontent.com/pepperize/cdk-github/main/cloudformation-stack-github-custom-resource.png)](https://github.com/pepperize/cdk-github/blob/main/src/integ.default.ts)

[@octokit/plugin-rest-endpoint-methods](https://github.com/octokit/plugin-rest-endpoint-methods.js/#usage)

```typescript
const secret = secrets_manager.Secret.fromSecretNameV2(stack, "Auth", "cdk-github/test");
const auth = secrets_manager.Secret.fromSecretNameV2(stack, "Auth", "cdk-github/github-token");

new GithubCustomResource(stack, "GithubRepo", {
const repo = new GithubCustomResource(stack, "GithubRepo", {
onCreate: {
// https://octokit.github.io/rest.js/v19/#repos-create-in-org
endpoint: "repos",
@@ -242,6 +247,92 @@ new GithubCustomResource(stack, "GithubRepo", {
},
outputPaths: [],
},
authOptions: AuthOptions.appAuth(secret),
authOptions: AuthOptions.appAuth(auth),
});

// 👇 This will return the created repository id as a CDK Token
repo.getAtt("id");
```

## Manage GitHub Actions Secrets

### Environment Secret

Manages an environment secret. Will fetch the source AWS SecretsManager secret and encrypt it to store in GitHub.

```typescript
// 👇The GitHub API authentication secret
const auth = secrets_manager.Secret.fromSecretNameV2(scope, "Auth", "cdk-github/github-token");

// 👇The AWS SecretsManager Secret to configure as GitHub Action secret.
const secret = secrets_manager.Secret.fromSecretNameV2(scope, "Secret", "any-secret/example");

new GithubActionsSecretEnvironment(scope, "GithubRepo", {
// 👇The repository id, which you may lookup from the page source or via a custom resource
repositoryId: "558989134",
environmentName: "production",
// 👇The name of the created GitHub secret
secretName: "example",
// 👇The source AWS SecretsManager secret and JSON field to use
source: GithubActionsSecret.fromSecretsManager(secret, "some-json-field"),
authOptions: AuthOptions.appAuth(auth),
// 👇Whether to delete or retain the GitHub secret on resource removal
removalPolicy: RemovalPolicy.DESTROY,
});
```

> You may retrieve the `repository_id` from the GitHub Repository page source's meta tag i.e. `<meta name="octolytics-dimension-repository_id" content="558989134">` or from another `GithubCustomResource` via `getAtt()`.
See [GitHub Developer Guide](https://docs.github.com/de/rest/actions/secrets#create-or-update-an-environment-secret), [API Reference](https://github.com/pepperize/cdk-github/blob/main/API.md)

### Organization Secret

Manage an GitHib Actions organization secret. Will fetch the source AWS SecretsManager secret and encrypt it to store in GitHub.

```typescript
// 👇The GitHub API authentication secret
const auth = secrets_manager.Secret.fromSecretNameV2(scope, "Auth", "cdk-github/github-token");

// 👇The AWS SecretsManager Secret to configure as GitHub Action secret.
const secret = secrets_manager.Secret.fromSecretNameV2(scope, "Secret", "any-secret/example");

new GithubActionsSecretOrganization(scope, "GithubRepo", {
organizationName: "pepperize",
// 👇The name of the created GitHub secret
secretName: "example",
// 👇The source AWS SecretsManager secret and JSON field to use
source: GithubActionsSecret.fromSecretsManager(secret, "some-json-field"),
visibility: Visibility.ALL,
authOptions: AuthOptions.appAuth(auth),
// 👇Whether to delete or retain the GitHub secret on resource removal
removalPolicy: RemovalPolicy.DESTROY,
});
```

See [GitHub Developer Guide](https://docs.github.com/de/rest/actions/secrets#create-or-update-an-organization-secret), [API Reference](https://github.com/pepperize/cdk-github/blob/main/API.md)

### Repository Secret

Manage an GitHib Actions Repository secret. Will fetch the source AWS SecretsManager secret and encrypt it to store in GitHub.

```typescript
// 👇The GitHub API authentication secret
const auth = secrets_manager.Secret.fromSecretNameV2(scope, "Auth", "cdk-github/github-token");

// 👇The AWS SecretsManager Secret to configure as GitHub Action secret.
const secret = secrets_manager.Secret.fromSecretNameV2(scope, "Secret", "any-secret/example");

new GithubActionsSecretRepository(scope, "GithubRepo", {
owner: "pepperize",
repositoryName: "cdk-github",
// 👇The name of the created GitHub secret
secretName: "example",
// 👇The source AWS SecretsManager secret and JSON field to use
source: GithubActionsSecret.fromSecretsManager(secret, "some-json-field"),
authOptions: AuthOptions.appAuth(auth),
// 👇Whether to delete or retain the GitHub secret on resource removal
removalPolicy: RemovalPolicy.DESTROY,
});
```

See [GitHub Developer Guide](https://docs.github.com/de/rest/actions/secrets#create-or-update-a-repository-secret), [API Reference](https://github.com/pepperize/cdk-github/blob/main/API.md)
72 changes: 38 additions & 34 deletions package.json

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

24 changes: 24 additions & 0 deletions src/custom-resource-provider/encrypt.ts
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
import * as sodium from "libsodium-wrappers";

/**
* https://docs.github.com/en/rest/actions/secrets#create-or-update-an-organization-secret
* https://docs.github.com/en/rest/actions/secrets#create-or-update-a-repository-secret
* https://docs.github.com/en/rest/actions/secrets#create-or-update-an-environment-secret
*
* @param secret 'plain-text-secret' - replace with the secret you want to encrypt
* @param key 'base64-encoded-public-key' - replace with the Base64 encoded public key
*/
export const encrypt = async (secret: string, key: string): Promise<string> => {
// Check if libsodium is ready and then proceed.
await sodium.ready;

// Convert Secret & Base64 key to Uint8Array.
const binkey = sodium.from_base64(key, sodium.base64_variants.ORIGINAL);
const binsec = sodium.from_string(secret);

// Encrypt the secret using LibSodium
const encBytes = sodium.crypto_box_seal(binsec, binkey);

// Convert encrypted Uint8Array to Base64
return sodium.to_base64(encBytes, sodium.base64_variants.ORIGINAL);
};
103 changes: 103 additions & 0 deletions src/custom-resource-provider/execute-github-api-call.ts
Original file line number Diff line number Diff line change
@@ -0,0 +1,103 @@
import { RestEndpointMethodTypes } from "@octokit/plugin-rest-endpoint-methods/dist-types/generated/parameters-and-response-types"; // eslint-disable-line import/no-extraneous-dependencies
import { Octokit } from "@octokit/rest";
import { OctokitResponse } from "@octokit/types";
import { encrypt } from "./encrypt";
import { getSecretValue } from "./get-secret-value";
import { GithubApiCall } from "../github-custom-resource";

export const executeGithubApiCall = async (
octokit: Octokit,
call: GithubApiCall
): Promise<OctokitResponse<{ [key: string]: unknown }>> => {
switch (`${call.endpoint}.${call.method}`) {
// Handles the create or update of actions secrets. Retrieves and encrypts the SecretsManager Secret.
case "actions.createOrUpdateEnvironmentSecret":
return createOrUpdateEnvironmentSecretParameter(octokit, call.parameters);
case "actions.createOrUpdateOrgSecret":
return createOrUpdateOrgSecretParameter(octokit, call.parameters);
case "actions.createOrUpdateRepoSecret":
return createOrUpdateRepoSecretParameter(octokit, call.parameters);
default:
// https://github.com/octokit/plugin-rest-endpoint-methods.js/#usage
// @ts-ignore
return octokit.rest[call.endpoint][call.method](parameters);
}
};

/**
* Executes the environment secret encryption.
*/
export const createOrUpdateEnvironmentSecretParameter = async (
octokit: Octokit,
parameters: RestEndpointMethodTypes["actions"]["createOrUpdateEnvironmentSecret"]["parameters"]
): Promise<RestEndpointMethodTypes["actions"]["createOrUpdateEnvironmentSecret"]["response"]> => {
const {
data: { key_id, key },
} = await octokit.rest.actions.getEnvironmentPublicKey({
repository_id: parameters.repository_id,
environment_name: parameters.environment_name,
});

const { arn, field } = (parameters as any).value;
const secretString = await getSecretValue(arn, field);
const encryptedValue = await encrypt(secretString, key);

return octokit.rest.actions.createOrUpdateEnvironmentSecret({
repository_id: parameters.repository_id,
environment_name: parameters.environment_name,
secret_name: parameters.secret_name,
encrypted_value: encryptedValue,
key_id: key_id,
});
};
/**
* Executes the org secret encryption.
*/
export const createOrUpdateOrgSecretParameter = async (
octokit: Octokit,
parameters: RestEndpointMethodTypes["actions"]["createOrUpdateOrgSecret"]["parameters"]
): Promise<RestEndpointMethodTypes["actions"]["createOrUpdateOrgSecret"]["response"]> => {
const {
data: { key_id, key },
} = await octokit.rest.actions.getOrgPublicKey({
org: parameters.org,
});

const { arn, field } = (parameters as any).value;
const secretString = await getSecretValue(arn, field);
const encryptedValue = await encrypt(secretString, key);

return octokit.rest.actions.createOrUpdateOrgSecret({
org: parameters.org,
visibility: parameters.visibility,
secret_name: parameters.secret_name,
encrypted_value: encryptedValue,
key_id: key_id,
});
};
/**
* Executes the environment secret encryption.
*/
export const createOrUpdateRepoSecretParameter = async (
octokit: Octokit,
parameters: RestEndpointMethodTypes["actions"]["createOrUpdateRepoSecret"]["parameters"]
): Promise<RestEndpointMethodTypes["actions"]["createOrUpdateRepoSecret"]["response"]> => {
const {
data: { key_id, key },
} = await octokit.rest.actions.getRepoPublicKey({
owner: parameters.owner,
repo: parameters.repo,
});

const { arn, field } = (parameters as any).value;
const secretString = await getSecretValue(arn, field);
const encryptedValue = await encrypt(secretString, key);

return octokit.rest.actions.createOrUpdateRepoSecret({
owner: parameters.owner,
repo: parameters.repo,
secret_name: parameters.secret_name,
encrypted_value: encryptedValue,
key_id: key_id,
});
};
18 changes: 18 additions & 0 deletions src/custom-resource-provider/get-secret-value.ts
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
import { parse as parseArn } from "@aws-sdk/util-arn-parser";
import { SecretsManager } from "aws-sdk";

/**
* Retrieves the Secret Value from SecretsManager by Arn. If field is given, extract json field value from secret string.
*/
export const getSecretValue = async (secretId: string, field?: string): Promise<string> => {
const secretArn = parseArn(secretId!);
const secretsManager = new SecretsManager({ region: secretArn.region });
const getSecretValueResponse = await secretsManager.getSecretValue({ SecretId: secretId! }).promise();
const secretString = getSecretValueResponse.SecretString!;

if (!field) {
return secretString;
}

return JSON.parse(secretString)[field];
};
4 changes: 2 additions & 2 deletions src/custom-resource-provider/handler-function.ts

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

24 changes: 8 additions & 16 deletions src/custom-resource-provider/handler.lambda.ts
Original file line number Diff line number Diff line change
@@ -5,16 +5,14 @@ import { createUnauthenticatedAuth } from "@octokit/auth-unauthenticated";
import { OctokitOptions } from "@octokit/core/dist-types/types";
import { RequestError } from "@octokit/request-error";
import { Octokit } from "@octokit/rest";
import {
OnEventHandler,
OnEventRequest,
OnEventResponse,
} from "aws-cdk-lib/custom-resources/lib/provider-framework/types"; // eslint-disable-line import/no-unresolved
import { SecretsManager, SSM } from "aws-sdk";
import { AuthenticationStrategy, Auth } from "../auth";
import { CdkCustomResourceEvent as OnEventRequest, CdkCustomResourceResponse as OnEventResponse } from "aws-lambda";
import { SSM } from "aws-sdk";
import { executeGithubApiCall } from "./execute-github-api-call";
import { getSecretValue } from "./get-secret-value";
import { Auth, AuthenticationStrategy } from "../auth";
import { GithubApiCall } from "../github-custom-resource";

export const handler: OnEventHandler = async (event: OnEventRequest): Promise<OnEventResponse | undefined> => {
export const handler = async (event: OnEventRequest): Promise<OnEventResponse | undefined> => {
console.log(`Request of type ${event.RequestType} received`);

console.log("Payload: %j", event);
@@ -30,13 +28,9 @@ export const handler: OnEventHandler = async (event: OnEventRequest): Promise<On
const { strategy, secret } = event.ResourceProperties.Auth as Auth;
switch (strategy) {
case AuthenticationStrategy.AUTH_APP:
const secretArn = parseArn(secret!);
const secretsManager = new SecretsManager({ region: secretArn.region });
const getSecretValueResponse = await secretsManager.getSecretValue({ SecretId: secret! }).promise();

// https://github.com/octokit/authentication-strategies.js/#github-app-or-installation-authentication
octokitOptions.authStrategy = createAppAuth;
octokitOptions.auth = JSON.parse(getSecretValueResponse.SecretString!);
octokitOptions.auth = JSON.parse(await getSecretValue(secret!));
break;

case AuthenticationStrategy.AUTH_TOKEN:
@@ -58,9 +52,7 @@ export const handler: OnEventHandler = async (event: OnEventRequest): Promise<On
const octokit = new Octokit(octokitOptions);

try {
// https://github.com/octokit/plugin-rest-endpoint-methods.js/#usage
// @ts-ignore
const response = await octokit.rest[call.endpoint][call.method](call.parameters);
const response = await executeGithubApiCall(octokit, call);

console.debug("Response: %j", response);

1 change: 1 addition & 0 deletions src/custom-resource-provider/types.ts
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
export const GITHUB_ACTIONS_SECRETS = "GITHUB:ACTION:SECRET:";
102 changes: 102 additions & 0 deletions src/github-actions-secret-environment.ts
Original file line number Diff line number Diff line change
@@ -0,0 +1,102 @@
import { CustomResource, Lazy, RemovalPolicy, Stack } from "aws-cdk-lib";
import { PhysicalResourceId } from "aws-cdk-lib/custom-resources";
import { Construct } from "constructs";
import { GithubCustomResourceProvider } from "./custom-resource-provider/provider";
import { GithubActionsSecret } from "./github-actions-secret";
import { GithubApiCall, GithubCustomResourceBase, GithubCustomResourceOptions } from "./github-custom-resource";

export interface GithubActionsSecretEnvironmentProps extends GithubCustomResourceOptions {
/**
* The unique identifier of the repository.
*/
readonly repositoryId: string;
/**
* The GitHub Environment name. The name is not case-sensitive.
*/
readonly environmentName: string;
/**
* The GitHub secret name.
*/
readonly secretName: string;
/**
* The SSM Secret.
*/
readonly source: GithubActionsSecret;
/**
* Whether to DESTROY or RETAIN the secret on resource removal.
* @default RETAIN
*/
readonly removalPolicy?: RemovalPolicy;
}
/**
* Manage an GitHib Actions environment secret.
*
* ```typescript
* // The GitHub API authentication secret
* const auth = secrets_manager.Secret.fromSecretNameV2(scope, "Auth", "cdk-github/github-token");
*
* // The AWS SecretsManager Secret to configure as GitHub Action secret.
* const secret = secrets_manager.Secret.fromSecretNameV2(scope, "Secret", "any-secret/example");
*
* new GithubActionsSecretEnvironment(scope, "GithubRepo", {
* repositoryId: "558989134",
* environmentName: "production",
* secretName: "example",
* source: GithubActionsSecret.fromSecretsManager(secret, "some-json-field"),
* authOptions: AuthOptions.appAuth(auth),
* removalPolicy: RemovalPolicy.DESTROY,
* });
* ```
*/
export class GithubActionsSecretEnvironment extends GithubCustomResourceBase {
/**
* @internal
*/
readonly _resource: CustomResource;
constructor(scope: Construct, id: string, props: GithubActionsSecretEnvironmentProps) {
super(scope, id);

const provider = GithubCustomResourceProvider.getOrCreate(this);
const authOptions = props.authOptions;
authOptions._grantRead(provider);
props.source._grantRead(provider);

const onCreate: GithubApiCall = {
endpoint: "actions",
method: "createOrUpdateEnvironmentSecret", // https://github.com/octokit/plugin-rest-endpoint-methods.js/blob/main/docs/actions/createOrUpdateEnvironmentSecret.md
parameters: {
repository_id: props.repositoryId,
environment_name: props.environmentName,
secret_name: props.secretName,
value: props.source,
},
outputPaths: [],
physicalResourceId: PhysicalResourceId.of(`${props.repositoryId}::${props.environmentName}::${props.secretName}`),
};

const onDelete: GithubApiCall | undefined =
props.removalPolicy == RemovalPolicy.DESTROY
? {
endpoint: "actions",
method: "deleteOrgSecret", // https://github.com/octokit/plugin-rest-endpoint-methods.js/blob/main/docs/actions/deleteEnvironmentSecret.md
parameters: {
repository_id: props.repositoryId,
environment_name: props.environmentName,
secret_name: props.secretName,
},
outputPaths: [],
}
: undefined;

this._resource = new CustomResource(this, "Resource", {
serviceToken: provider.serviceToken,
resourceType: "Custom::GithubActions::EnvironmentSecret",
properties: {
Create: Lazy.uncachedString({ produce: () => Stack.of(this).toJsonString(onCreate) }),
Update: Lazy.uncachedString({ produce: () => Stack.of(this).toJsonString(onCreate) }),
Delete: onDelete && Lazy.uncachedString({ produce: () => Stack.of(this).toJsonString(onDelete) }),
Auth: props.authOptions._auth,
},
});
}
}
107 changes: 107 additions & 0 deletions src/github-actions-secret-organization.ts
Original file line number Diff line number Diff line change
@@ -0,0 +1,107 @@
import { CustomResource, Lazy, RemovalPolicy, Stack } from "aws-cdk-lib";
import { PhysicalResourceId } from "aws-cdk-lib/custom-resources";
import { Construct } from "constructs";
import { GithubCustomResourceProvider } from "./custom-resource-provider/provider";
import { GithubActionsSecret } from "./github-actions-secret";
import { GithubApiCall, GithubCustomResourceBase, GithubCustomResourceOptions } from "./github-custom-resource";

export enum Visibility {
ALL = "all",
PRIVATE = "private",
SELECTED = "selected",
}

export interface GithubActionsSecretOrganizationProps extends GithubCustomResourceOptions {
/**
* The GitHub organization name. The name is not case-sensitive.
*/
readonly organizationName: string;
/**
* The GitHub secret name.
*/
readonly secretName: string;
/**
* The SSM Secret.
*/
readonly source: GithubActionsSecret;
/**
* Which type of organization repositories have access to the organization secret.
*/
readonly visibility?: Visibility;
/**
* Whether to DESTROY or RETAIN the secret on resource removal.
* @default RETAIN
*/
readonly removalPolicy?: RemovalPolicy;
}
/**
* Manage an GitHib Actions organization secret.
*
* ```typescript
* // The GitHub API authentication secret
* const auth = secrets_manager.Secret.fromSecretNameV2(scope, "Auth", "cdk-github/github-token");
*
* // The AWS SecretsManager Secret to configure as GitHub Action secret.
* const secret = secrets_manager.Secret.fromSecretNameV2(scope, "Secret", "any-secret/example");
*
* new GithubActionsSecretOrganization(scope, "GithubRepo", {
* organizationName: "pepperize",
* secretName: "example",
* source: GithubActionsSecret.fromSecretsManager(secret, "some-json-field"),
* visibility: Visibility.ALL,
* authOptions: AuthOptions.appAuth(auth),
* removalPolicy: RemovalPolicy.DESTROY,
* });
* ```
*/
export class GithubActionsSecretOrganization extends GithubCustomResourceBase {
/**
* @internal
*/
readonly _resource: CustomResource;
constructor(scope: Construct, id: string, props: GithubActionsSecretOrganizationProps) {
super(scope, id);

const provider = GithubCustomResourceProvider.getOrCreate(this);
const authOptions = props.authOptions;
authOptions._grantRead(provider);
props.source._grantRead(provider);

const onCreate: GithubApiCall = {
endpoint: "actions",
method: "createOrUpdateOrgSecret", // https://github.com/octokit/plugin-rest-endpoint-methods.js/blob/main/docs/actions/createOrUpdateOrgSecret.md
parameters: {
org: props.organizationName,
secret_name: props.secretName,
value: props.source,
visibility: props.visibility,
},
outputPaths: [],
physicalResourceId: PhysicalResourceId.of(`${props.organizationName}::${props.secretName}`),
};

const onDelete: GithubApiCall | undefined =
props.removalPolicy == RemovalPolicy.DESTROY
? {
endpoint: "actions",
method: "deleteOrgSecret",
parameters: {
org: props.organizationName,
secret_name: props.secretName,
},
outputPaths: [],
}
: undefined;

this._resource = new CustomResource(this, "Resource", {
serviceToken: provider.serviceToken,
resourceType: "Custom::GithubActions::OrganizationSecret",
properties: {
Create: Lazy.uncachedString({ produce: () => Stack.of(this).toJsonString(onCreate) }),
Update: Lazy.uncachedString({ produce: () => Stack.of(this).toJsonString(onCreate) }),
Delete: onDelete && Lazy.uncachedString({ produce: () => Stack.of(this).toJsonString(onDelete) }),
Auth: props.authOptions._auth,
},
});
}
}
102 changes: 102 additions & 0 deletions src/github-actions-secret-repository.ts
Original file line number Diff line number Diff line change
@@ -0,0 +1,102 @@
import { CustomResource, Lazy, RemovalPolicy, Stack } from "aws-cdk-lib";
import { PhysicalResourceId } from "aws-cdk-lib/custom-resources";
import { Construct } from "constructs";
import { GithubCustomResourceProvider } from "./custom-resource-provider/provider";
import { GithubActionsSecret } from "./github-actions-secret";
import { GithubApiCall, GithubCustomResourceBase, GithubCustomResourceOptions } from "./github-custom-resource";

export interface GithubActionsSecretRepositoryProps extends GithubCustomResourceOptions {
/**
The GitHub Repository owner. The name is not case-sensitive.
*/
readonly owner: string;
/**
* The GitHub Repository name. The name is not case-sensitive.
*/
readonly repositoryName: string;
/**
* The GitHub secret name.
*/
readonly secretName: string;
/**
* The SSM Secret.
*/
readonly source: GithubActionsSecret;
/**
* Whether to DESTROY or RETAIN the secret on resource removal.
* @default RETAIN
*/
readonly removalPolicy?: RemovalPolicy;
}
/**
* Manage an GitHib Actions Repository secret.
*
* ```typescript
* // The GitHub API authentication secret
* const auth = secrets_manager.Secret.fromSecretNameV2(scope, "Auth", "cdk-github/github-token");
*
* // The AWS SecretsManager Secret to configure as GitHub Action secret.
* const secret = secrets_manager.Secret.fromSecretNameV2(scope, "Secret", "any-secret/example");
*
* new GithubActionsSecretRepository(scope, "GithubRepo", {
* owner: "pepperize",
* repositoryName: "cdk-github",
* secretName: "example",
* source: GithubActionsSecret.fromSecretsManager(secret, "some-json-field"),
* authOptions: AuthOptions.appAuth(auth),
* removalPolicy: RemovalPolicy.DESTROY,
* });
* ```
*/
export class GithubActionsSecretRepository extends GithubCustomResourceBase {
/**
* @internal
*/
readonly _resource: CustomResource;
constructor(scope: Construct, id: string, props: GithubActionsSecretRepositoryProps) {
super(scope, id);

const provider = GithubCustomResourceProvider.getOrCreate(this);
const authOptions = props.authOptions;
authOptions._grantRead(provider);
props.source._grantRead(provider);

const onCreate: GithubApiCall = {
endpoint: "actions",
method: "createOrUpdateRepoSecret", // https://github.com/octokit/plugin-rest-endpoint-methods.js/blob/main/docs/actions/createOrUpdateRepoSecret.md
parameters: {
owner: props.owner,
repository_name: props.repositoryName,
secret_name: props.secretName,
value: props.source,
},
outputPaths: [],
physicalResourceId: PhysicalResourceId.of(`${props.owner}::${props.repositoryName}::${props.secretName}`),
};

const onDelete: GithubApiCall | undefined =
props.removalPolicy == RemovalPolicy.DESTROY
? {
endpoint: "actions",
method: "deleteOrgSecret", // https://github.com/octokit/plugin-rest-endpoint-methods.js/blob/main/docs/actions/deleteRepoSecret.md
parameters: {
owner: props.owner,
repository_name: props.repositoryName,
secret_name: props.secretName,
},
outputPaths: [],
}
: undefined;

this._resource = new CustomResource(this, "Resource", {
serviceToken: provider.serviceToken,
resourceType: "Custom::GithubActions::RepositorySecret",
properties: {
Create: Lazy.uncachedString({ produce: () => Stack.of(this).toJsonString(onCreate) }),
Update: Lazy.uncachedString({ produce: () => Stack.of(this).toJsonString(onCreate) }),
Delete: onDelete && Lazy.uncachedString({ produce: () => Stack.of(this).toJsonString(onDelete) }),
Auth: props.authOptions._auth,
},
});
}
}
32 changes: 32 additions & 0 deletions src/github-actions-secret.ts
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
import { captureStackTrace, IResolvable, IResolveContext } from "aws-cdk-lib";
import * as iam from "aws-cdk-lib/aws-iam";
import * as secretsmanager from "aws-cdk-lib/aws-secretsmanager";
import { ISecret } from "aws-cdk-lib/aws-secretsmanager";

export class GithubActionsSecret implements IResolvable {
public static fromSecretsManager(secret: secretsmanager.ISecret, field?: string): GithubActionsSecret {
return new GithubActionsSecret(secret, field);
}

public readonly creationStack: string[] = captureStackTrace();

private readonly secret: secretsmanager.ISecret;

private readonly field?: string;

private constructor(secret: ISecret, field?: string) {
this.secret = secret;
this.field = field;
}

public resolve(_: IResolveContext): any {
return { arn: this.secret.secretArn, field: this.field };
}

/**
* @internal
*/
_grantRead(grantee: iam.IGrantable) {
this.secret.grantRead(grantee);
}
}
97 changes: 55 additions & 42 deletions src/github-custom-resource.ts
Original file line number Diff line number Diff line change
@@ -50,7 +50,21 @@ export interface GithubApiCall {
readonly outputPaths?: string[];
}

export interface GithubCustomResourceProps {
export interface GithubCustomResourceOptions {
/**
* Currently, supports only GitHub App.
*
* ```typescript
* const auth = { appId, privateKey };
* const installationAuth = { appId, privateKey, installationId };
* ```
*
* @see https://github.com/octokit/authentication-strategies.js/#github-app-or-installation-authentication
*/
readonly authOptions: IAuthOptions;
}

export interface GithubCustomResourceProps extends GithubCustomResourceOptions {
/**
* Cloudformation Resource type.
*/
@@ -67,22 +81,47 @@ export interface GithubCustomResourceProps {
* The GitHub Api call to make when the resource is deleted.
*/
readonly onDelete?: GithubApiCall;
}

export abstract class GithubCustomResourceBase extends Construct {
/**
* Currently, supports only GitHub App.
* @internal
*/
abstract readonly _resource: CustomResource;
/**
* The physical name of this custom resource.
*/
get ref(): string {
return this._resource.ref;
}
/**
* Returns the value of an attribute of the custom resource of an arbitrary
* type. Attributes are returned from the custom resource provider through the
* `Data` map where the key is the attribute name.
*
* ```typescript
* const auth = { appId, privateKey };
* const installationAuth = { appId, privateKey, installationId };
* ```
* @param attributeName the name of the attribute
* @returns a token for `Fn::GetAtt`. Use `Token.asXxx` to encode the returned `Reference` as a specific type or
* use the convenience `getAttString` for string attributes.
*/
getAtt(attributeName: string): Reference {
return this._resource.getAtt(attributeName);
}
/**
* Returns the value of an attribute of the custom resource of type string.
* Attributes are returned from the custom resource provider through the
* `Data` map where the key is the attribute name.
*
* @see https://github.com/octokit/authentication-strategies.js/#github-app-or-installation-authentication
* @param attributeName the name of the attribute
* @returns a token for `Fn::GetAtt` encoded as a string.
*/
readonly authOptions: IAuthOptions;
getAttString(attributeName: string): string {
return this._resource.getAttString(attributeName);
}
}

/**
* ```typescript
* const secret = secrets_manager.Secret.fromSecretNameV2(scope, "Auth", "cdk-github/test");
* const auth = secrets_manager.Secret.fromSecretNameV2(scope, "Auth", "cdk-github/github-token");
*
* new GithubCustomResource(scope, "GithubRepo", {
* onCreate: {
@@ -118,20 +157,23 @@ export interface GithubCustomResourceProps {
* },
* outputPaths: [],
* },
* authOptions: AuthOptions.appAuth(secret),
* authOptions: AuthOptions.appAuth(auth),
* });
* ```
*/
export class GithubCustomResource extends Construct {
private readonly resource: CustomResource;
export class GithubCustomResource extends GithubCustomResourceBase {
/**
* @internal
*/
readonly _resource: CustomResource;
constructor(scope: Construct, id: string, props: GithubCustomResourceProps) {
super(scope, id);

const provider = GithubCustomResourceProvider.getOrCreate(this);
const authOptions = props.authOptions;
authOptions._grantRead(provider);

this.resource = new CustomResource(this, "Resource", {
this._resource = new CustomResource(this, "Resource", {
serviceToken: provider.serviceToken,
resourceType: props.resourceType,
properties: {
@@ -142,33 +184,4 @@ export class GithubCustomResource extends Construct {
},
});
}
/**
* The physical name of this custom resource.
*/
get ref(): string {
return this.resource.ref;
}
/**
* Returns the value of an attribute of the custom resource of an arbitrary
* type. Attributes are returned from the custom resource provider through the
* `Data` map where the key is the attribute name.
*
* @param attributeName the name of the attribute
* @returns a token for `Fn::GetAtt`. Use `Token.asXxx` to encode the returned `Reference` as a specific type or
* use the convenience `getAttString` for string attributes.
*/
getAtt(attributeName: string): Reference {
return this.resource.getAtt(attributeName);
}
/**
* Returns the value of an attribute of the custom resource of type string.
* Attributes are returned from the custom resource provider through the
* `Data` map where the key is the attribute name.
*
* @param attributeName the name of the attribute
* @returns a token for `Fn::GetAtt` encoded as a string.
*/
getAttString(attributeName: string): string {
return this.resource.getAttString(attributeName);
}
}
48 changes: 48 additions & 0 deletions test/__snapshots__/github-actions-secret.test.ts.snap

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 2 additions & 2 deletions test/__snapshots__/github-custom-resource.test.ts.snap

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

45 changes: 45 additions & 0 deletions test/github-actions-secret.test.ts
Original file line number Diff line number Diff line change
@@ -0,0 +1,45 @@
import { CfnOutput, Stack } from "aws-cdk-lib";
import { Template } from "aws-cdk-lib/assertions";
import * as secretsmanager from "aws-cdk-lib/aws-secretsmanager";
import { GithubActionsSecret } from "../src/github-actions-secret";

describe("GithubActionsSecret", () => {
it("Should match snapshot", () => {
// Given
const stack = new Stack();
const secret = secretsmanager.Secret.fromSecretCompleteArn(
stack,
"Secret",
"arn:aws:secretsmanager:us-east-1:123456789012:secret:AnySecret-Random"
);
const actionsSecrets = GithubActionsSecret.fromSecretsManager(secret, "any-field");

new CfnOutput(stack, "Output", { exportName: "test", value: stack.toJsonString(actionsSecrets) });

// When
const template = Template.fromStack(stack);

// Then
expect(template).toMatchSnapshot();
});
it("Should stringify the action secret", () => {
// Given
const stack = new Stack();
const secret = secretsmanager.Secret.fromSecretCompleteArn(
stack,
"Secret",
"arn:aws:secretsmanager:us-east-1:123456789012:secret:AnySecret-Random"
);
const actionsSecrets = GithubActionsSecret.fromSecretsManager(secret, "any-field");

// When
const token = stack.toJsonString(actionsSecrets);
const resolved = stack.resolve(token);

// Then
expect(JSON.parse(resolved)).toEqual({
arn: "arn:aws:secretsmanager:us-east-1:123456789012:secret:AnySecret-Random",
field: "any-field",
});
});
});
3 changes: 1 addition & 2 deletions test/github-custom-resource.test.ts
Original file line number Diff line number Diff line change
@@ -2,8 +2,7 @@ import { App, Stack } from "aws-cdk-lib";
import { Match, Template } from "aws-cdk-lib/assertions";
import { Secret } from "aws-cdk-lib/aws-secretsmanager";
import { Construct } from "constructs";
import { AuthOptions } from "../src/auth";
import { GithubCustomResource } from "../src/github-custom-resource";
import { AuthOptions, GithubCustomResource } from "../src";

describe("GithubCustomResource", () => {
it("Should match snapshot", () => {
5 changes: 2 additions & 3 deletions tsconfig.dev.json

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4,471 changes: 2,496 additions & 1,975 deletions yarn.lock

Large diffs are not rendered by default.