-
Notifications
You must be signed in to change notification settings - Fork 103
Expand file tree
/
Copy pathgithub-webhook-stack.ts
More file actions
33 lines (26 loc) · 1.21 KB
/
github-webhook-stack.ts
File metadata and controls
33 lines (26 loc) · 1.21 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
import { RestApi } from '@aws-cdk/aws-apigateway';
import { Construct, Stack, StackProps } from '@aws-cdk/core';
import { GithubWebhook } from '@cloudcomponents/cdk-github-webhook';
import { SecretKey } from '@cloudcomponents/cdk-secret-key';
export class GithubWebhookStack extends Stack {
constructor(scope: Construct, id: string, props?: StackProps) {
super(scope, id, props);
const api = new RestApi(this, 'github-webhook');
api.root.addMethod('POST');
const githubApiToken = SecretKey.fromPlainText(process.env.API_TOKEN as string);
// @example https://github.com/cloudcomponents/cdk-constructs
const githubRepoUrl = process.env.REPO_URL as string;
// @see https://developer.github.com/v3/activity/events/types/
const events = ['*'];
// @see https://docs.github.com/en/developers/webhooks-and-events/webhooks/securing-your-webhooks#validating-payloads-from-github
const webhookSecret = process.env.SECURE_WEBHOOK === 'true' ? (process.env.WEBHOOK_SECRET || githubApiToken.serialize()) : undefined
new GithubWebhook(this, 'GithubWebhook', {
githubApiToken,
githubRepoUrl,
payloadUrl: api.url,
events,
logLevel: 'debug',
webhookSecret
});
}
}