Skip to content

Latest commit

 

History

History
3086 lines (1857 loc) · 114 KB

API.md

File metadata and controls

3086 lines (1857 loc) · 114 KB

API Reference

Constructs

BaseGitHubApps

Initializers 

import { BaseGitHubApps } from '@catnekaise/ghrawel'

new BaseGitHubApps(scope: Construct, id: string, baseProps: GitHubAppsProps)
Name Type Description
scope constructs.Construct No description.
id string No description.
baseProps GitHubAppsProps No description.
scopeRequired
  • Type: constructs.Construct
idRequired
  • Type: string
basePropsRequired

Methods

Name Description
toString Returns a string representation of this construct.
getAppIdForAppName No description.
grantAccess No description.
toString 
public toString(): string

Returns a string representation of this construct.

getAppIdForAppName 
public getAppIdForAppName(name?: string): number
nameOptional
  • Type: string
grantAccess 
public grantAccess(principal: IPrincipal): Grant
principalRequired
  • Type: aws-cdk-lib.aws_iam.IPrincipal

Static Functions

Name Description
isConstruct Checks if x is a construct.
isConstruct 
import { BaseGitHubApps } from '@catnekaise/ghrawel'

BaseGitHubApps.isConstruct(x: any)

Checks if x is a construct.

xRequired
  • Type: any

Any object.

Properties

Name Type Description
node constructs.Node The tree node.
secretsPrefix string No description.
secretsStorage GitHubAppSecretsStorage No description.
nodeRequired 
public readonly node: Node;
  • Type: constructs.Node

The tree node.

secretsPrefixRequired 
public readonly secretsPrefix: string;
  • Type: string
secretsStorageRequired 
public readonly secretsStorage: GitHubAppSecretsStorage;

ManagedGitHubApps

Initializers 

import { ManagedGitHubApps } from '@catnekaise/ghrawel'

new ManagedGitHubApps(scope: Construct, id: string, props: ManagedGitHubAppsProps)
Name Type Description
scope constructs.Construct No description.
id string No description.
props ManagedGitHubAppsProps No description.
scopeRequired
  • Type: constructs.Construct
idRequired
  • Type: string
propsRequired

Methods

Name Description
toString Returns a string representation of this construct.
getAppIdForAppName No description.
grantAccess No description.
toString 
public toString(): string

Returns a string representation of this construct.

getAppIdForAppName 
public getAppIdForAppName(name?: string): number
nameOptional
  • Type: string
grantAccess 
public grantAccess(principal: IPrincipal): Grant
principalRequired
  • Type: aws-cdk-lib.aws_iam.IPrincipal

Static Functions

Name Description
isConstruct Checks if x is a construct.
isConstruct 
import { ManagedGitHubApps } from '@catnekaise/ghrawel'

ManagedGitHubApps.isConstruct(x: any)

Checks if x is a construct.

xRequired
  • Type: any

Any object.

Properties

Name Type Description
node constructs.Node The tree node.
secretsPrefix string No description.
secretsStorage GitHubAppSecretsStorage No description.
nodeRequired 
public readonly node: Node;
  • Type: constructs.Node

The tree node.

secretsPrefixRequired 
public readonly secretsPrefix: string;
  • Type: string
secretsStorageRequired 
public readonly secretsStorage: GitHubAppSecretsStorage;

SelfManagedGitHubApps

Initializers 

import { SelfManagedGitHubApps } from '@catnekaise/ghrawel'

new SelfManagedGitHubApps(scope: Construct, id: string, props: GitHubAppsProps)
Name Type Description
scope constructs.Construct No description.
id string No description.
props GitHubAppsProps No description.
scopeRequired
  • Type: constructs.Construct
idRequired
  • Type: string
propsRequired

Methods

Name Description
toString Returns a string representation of this construct.
getAppIdForAppName No description.
grantAccess No description.
toString 
public toString(): string

Returns a string representation of this construct.

getAppIdForAppName 
public getAppIdForAppName(name?: string): number
nameOptional
  • Type: string
grantAccess 
public grantAccess(principal: IPrincipal): Grant
principalRequired
  • Type: aws-cdk-lib.aws_iam.IPrincipal

Static Functions

Name Description
isConstruct Checks if x is a construct.
isConstruct 
import { SelfManagedGitHubApps } from '@catnekaise/ghrawel'

SelfManagedGitHubApps.isConstruct(x: any)

Checks if x is a construct.

xRequired
  • Type: any

Any object.

Properties

Name Type Description
node constructs.Node The tree node.
secretsPrefix string No description.
secretsStorage GitHubAppSecretsStorage No description.
nodeRequired 
public readonly node: Node;
  • Type: constructs.Node

The tree node.

secretsPrefixRequired 
public readonly secretsPrefix: string;
  • Type: string
secretsStorageRequired 
public readonly secretsStorage: GitHubAppSecretsStorage;

TokenProvider

This construct may receive some changes before constructor is made public.

Until then use static create method.

Methods

Name Description
toString Returns a string representation of this construct.
grantExecute Use this to grant access to the token provider.
grantExecuteGitHubActionsAbac use this to grant access to the token provider when the role is assumed via Cognito Identity.
metric No description.
metricCacheHitCount No description.
metricCacheMissCount No description.
metricClientError No description.
metricCount No description.
metricServerError No description.
toString 
public toString(): string

Returns a string representation of this construct.

grantExecute 
public grantExecute(role: IRole, repo: string, owner?: string): Grant

Use this to grant access to the token provider.

roleRequired
  • Type: aws-cdk-lib.aws_iam.IRole
repoRequired
  • Type: string
ownerOptional
  • Type: string
grantExecuteGitHubActionsAbac 
public grantExecuteGitHubActionsAbac(role: IRole, settings: TokenProviderActionsIdentitySettings): Grant

use this to grant access to the token provider when the role is assumed via Cognito Identity.

roleRequired
  • Type: aws-cdk-lib.aws_iam.IRole
settingsRequired
metric 
public metric(metricName: string, stage: IStage, props?: MetricOptions): Metric
metricNameRequired
  • Type: string
stageRequired
  • Type: aws-cdk-lib.aws_apigateway.IStage
propsOptional
  • Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricCacheHitCount 
public metricCacheHitCount(stage: IStage, props?: MetricOptions): Metric
stageRequired
  • Type: aws-cdk-lib.aws_apigateway.IStage
propsOptional
  • Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricCacheMissCount 
public metricCacheMissCount(stage: IStage, props?: MetricOptions): Metric
stageRequired
  • Type: aws-cdk-lib.aws_apigateway.IStage
propsOptional
  • Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricClientError 
public metricClientError(stage: IStage, props?: MetricOptions): Metric
stageRequired
  • Type: aws-cdk-lib.aws_apigateway.IStage
propsOptional
  • Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricCount 
public metricCount(stage: IStage, props?: MetricOptions): Metric
stageRequired
  • Type: aws-cdk-lib.aws_apigateway.IStage
propsOptional
  • Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricServerError 
public metricServerError(stage: IStage, props?: MetricOptions): Metric
stageRequired
  • Type: aws-cdk-lib.aws_apigateway.IStage
propsOptional
  • Type: aws-cdk-lib.aws_cloudwatch.MetricOptions

Static Functions

Name Description
isConstruct Checks if x is a construct.
create No description.
isConstruct 
import { TokenProvider } from '@catnekaise/ghrawel'

TokenProvider.isConstruct(x: any)

Checks if x is a construct.

xRequired
  • Type: any

Any object.

create 
import { TokenProvider } from '@catnekaise/ghrawel'

TokenProvider.create(scope: Construct, id: string, settings: TokenProviderSettings)
scopeRequired
  • Type: constructs.Construct
idRequired
  • Type: string
settingsRequired

Properties

Name Type Description
node constructs.Node The tree node.
httpMethod string No description.
methodArn string No description.
methodId string No description.
nodeRequired 
public readonly node: Node;
  • Type: constructs.Node

The tree node.

httpMethodRequired 
public readonly httpMethod: string;
  • Type: string
methodArnRequired 
public readonly methodArn: string;
  • Type: string
methodIdRequired 
public readonly methodId: string;
  • Type: string

TokenProviderApi

Initializers 

import { TokenProviderApi } from '@catnekaise/ghrawel'

new TokenProviderApi(scope: Construct, id: string, props: TokenProviderApiProps)
Name Type Description
scope constructs.Construct No description.
id string No description.
props TokenProviderApiProps No description.
scopeRequired
  • Type: constructs.Construct
idRequired
  • Type: string
propsRequired

Methods

Name Description
toString Returns a string representation of this construct.
newTokenProvider No description.
toString 
public toString(): string

Returns a string representation of this construct.

newTokenProvider 
public newTokenProvider(name: string, configuration: NewTokenProviderConfiguration): ITokenProvider
nameRequired
  • Type: string
configurationRequired

Static Functions

Name Description
isConstruct Checks if x is a construct.
isConstruct 
import { TokenProviderApi } from '@catnekaise/ghrawel'

TokenProviderApi.isConstruct(x: any)

Checks if x is a construct.

xRequired
  • Type: any

Any object.

Properties

Name Type Description
node constructs.Node The tree node.
lambdaFunction aws-cdk-lib.aws_lambda.Function No description.
restApi aws-cdk-lib.aws_apigateway.RestApi No description.
nodeRequired 
public readonly node: Node;
  • Type: constructs.Node

The tree node.

lambdaFunctionRequired 
public readonly lambdaFunction: Function;
  • Type: aws-cdk-lib.aws_lambda.Function
restApiRequired 
public readonly restApi: RestApi;
  • Type: aws-cdk-lib.aws_apigateway.RestApi

Structs

GitHubAppPermissions

Initializer 

import { GitHubAppPermissions } from '@catnekaise/ghrawel'

const gitHubAppPermissions: GitHubAppPermissions = { ... }

Properties

Name Type Description
actions PermissionLevel No description.
administration PermissionLevel No description.
checks PermissionLevel No description.
codespaces PermissionLevel No description.
contents PermissionLevel No description.
dependabotSecrets PermissionLevel No description.
deployments PermissionLevel No description.
emailAddresses PermissionLevel No description.
environments PermissionLevel No description.
followers PermissionLevel No description.
gitSshKeys PermissionLevel No description.
gpgKeys PermissionLevel No description.
interactionLimits PermissionLevel No description.
issues PermissionLevel No description.
members PermissionLevel No description.
metadata PermissionLevel No description.
organizationAdministration PermissionLevel No description.
organizationAnnouncementBanners PermissionLevel No description.
organizationCopilotSeatManagement PermissionLevel No description.
organizationCustomOrgRoles PermissionLevel No description.
organizationCustomProperties PermissionLevel No description.
organizationCustomRoles PermissionLevel No description.
organizationEvents PermissionLevel No description.
organizationHooks PermissionLevel No description.
organizationPackages PermissionLevel No description.
organizationPersonalAccessTokenRequests PermissionLevel No description.
organizationPersonalAccessTokens PermissionLevel No description.
organizationPlan PermissionLevel No description.
organizationProjects PermissionLevel No description.
organizationSecrets PermissionLevel No description.
organizationSelfHostedRunners PermissionLevel No description.
organizationUserBlocking PermissionLevel No description.
packages PermissionLevel No description.
pages PermissionLevel No description.
profile PermissionLevel No description.
pullRequests PermissionLevel No description.
repositoryCustomProperties PermissionLevel No description.
repositoryHooks PermissionLevel No description.
repositoryProjects PermissionLevel No description.
secrets PermissionLevel No description.
secretScanningAlerts PermissionLevel No description.
securityEvents PermissionLevel No description.
singleFile PermissionLevel No description.
starring PermissionLevel No description.
statuses PermissionLevel No description.
teamDiscussions PermissionLevel No description.
vulnerabilityAlerts PermissionLevel No description.
workflows PermissionLevel No description.
actionsOptional 
public readonly actions: PermissionLevel;
administrationOptional 
public readonly administration: PermissionLevel;
checksOptional 
public readonly checks: PermissionLevel;
codespacesOptional 
public readonly codespaces: PermissionLevel;
contentsOptional 
public readonly contents: PermissionLevel;
dependabotSecretsOptional 
public readonly dependabotSecrets: PermissionLevel;
deploymentsOptional 
public readonly deployments: PermissionLevel;
emailAddressesOptional 
public readonly emailAddresses: PermissionLevel;
environmentsOptional 
public readonly environments: PermissionLevel;
followersOptional 
public readonly followers: PermissionLevel;
gitSshKeysOptional 
public readonly gitSshKeys: PermissionLevel;
gpgKeysOptional 
public readonly gpgKeys: PermissionLevel;
interactionLimitsOptional 
public readonly interactionLimits: PermissionLevel;
issuesOptional 
public readonly issues: PermissionLevel;
membersOptional 
public readonly members: PermissionLevel;
metadataOptional 
public readonly metadata: PermissionLevel;
organizationAdministrationOptional 
public readonly organizationAdministration: PermissionLevel;
organizationAnnouncementBannersOptional 
public readonly organizationAnnouncementBanners: PermissionLevel;
organizationCopilotSeatManagementOptional 
public readonly organizationCopilotSeatManagement: PermissionLevel;
organizationCustomOrgRolesOptional 
public readonly organizationCustomOrgRoles: PermissionLevel;
organizationCustomPropertiesOptional 
public readonly organizationCustomProperties: PermissionLevel;
organizationCustomRolesOptional 
public readonly organizationCustomRoles: PermissionLevel;
organizationEventsOptional 
public readonly organizationEvents: PermissionLevel;
organizationHooksOptional 
public readonly organizationHooks: PermissionLevel;
organizationPackagesOptional 
public readonly organizationPackages: PermissionLevel;
organizationPersonalAccessTokenRequestsOptional 
public readonly organizationPersonalAccessTokenRequests: PermissionLevel;
organizationPersonalAccessTokensOptional 
public readonly organizationPersonalAccessTokens: PermissionLevel;
organizationPlanOptional 
public readonly organizationPlan: PermissionLevel;
organizationProjectsOptional 
public readonly organizationProjects: PermissionLevel;
organizationSecretsOptional 
public readonly organizationSecrets: PermissionLevel;
organizationSelfHostedRunnersOptional 
public readonly organizationSelfHostedRunners: PermissionLevel;
organizationUserBlockingOptional 
public readonly organizationUserBlocking: PermissionLevel;
packagesOptional 
public readonly packages: PermissionLevel;
pagesOptional 
public readonly pages: PermissionLevel;
profileOptional 
public readonly profile: PermissionLevel;
pullRequestsOptional 
public readonly pullRequests: PermissionLevel;
repositoryCustomPropertiesOptional 
public readonly repositoryCustomProperties: PermissionLevel;
repositoryHooksOptional 
public readonly repositoryHooks: PermissionLevel;
repositoryProjectsOptional 
public readonly repositoryProjects: PermissionLevel;
secretsOptional 
public readonly secrets: PermissionLevel;
secretScanningAlertsOptional 
public readonly secretScanningAlerts: PermissionLevel;
securityEventsOptional 
public readonly securityEvents: PermissionLevel;
singleFileOptional 
public readonly singleFile: PermissionLevel;
starringOptional 
public readonly starring: PermissionLevel;
statusesOptional 
public readonly statuses: PermissionLevel;
teamDiscussionsOptional 
public readonly teamDiscussions: PermissionLevel;
vulnerabilityAlertsOptional 
public readonly vulnerabilityAlerts: PermissionLevel;
workflowsOptional 
public readonly workflows: PermissionLevel;

GitHubAppsProps

Initializer 

import { GitHubAppsProps } from '@catnekaise/ghrawel'

const gitHubAppsProps: GitHubAppsProps = { ... }

Properties

Name Type Description
defaultAppId number No description.
storage GitHubAppSecretsStorage No description.
additionalApps GitHubApp[] No description.
prefix string No description.
defaultAppIdRequired 
public readonly defaultAppId: number;
  • Type: number
storageRequired 
public readonly storage: GitHubAppSecretsStorage;
additionalAppsOptional 
public readonly additionalApps: GitHubApp[];
prefixOptional 
public readonly prefix: string;
  • Type: string
  • Default: /catnekaise/github-apps

ManagedGitHubAppsProps

Initializer 

import { ManagedGitHubAppsProps } from '@catnekaise/ghrawel'

const managedGitHubAppsProps: ManagedGitHubAppsProps = { ... }

Properties

Name Type Description
defaultAppId number No description.
storage GitHubAppSecretsStorage No description.
additionalApps GitHubApp[] No description.
prefix string No description.
kmsKey aws-cdk-lib.aws_kms.IKey No description.
removalPolicy aws-cdk-lib.RemovalPolicy No description.
defaultAppIdRequired 
public readonly defaultAppId: number;
  • Type: number
storageRequired 
public readonly storage: GitHubAppSecretsStorage;
additionalAppsOptional 
public readonly additionalApps: GitHubApp[];
prefixOptional 
public readonly prefix: string;
  • Type: string
  • Default: /catnekaise/github-apps
kmsKeyOptional 
public readonly kmsKey: IKey;
  • Type: aws-cdk-lib.aws_kms.IKey
  • Default: AWS_MANAGED
removalPolicyOptional 
public readonly removalPolicy: RemovalPolicy;
  • Type: aws-cdk-lib.RemovalPolicy

NewTokenProviderConfiguration

Initializer 

import { NewTokenProviderConfiguration } from '@catnekaise/ghrawel'

const newTokenProviderConfiguration: NewTokenProviderConfiguration = { ... }

Properties

Name Type Description
permissions GitHubAppPermissions Permissions.
app string No description.
endpoint TokenProviderEndpoint No description.
targetRule TokenProviderTargetRule No description.
permissionsRequired 
public readonly permissions: GitHubAppPermissions;

Permissions.

appOptional 
public readonly app: string;
  • Type: string
  • Default: default
endpointOptional 
public readonly endpoint: TokenProviderEndpoint;
targetRuleOptional 
public readonly targetRule: TokenProviderTargetRule;

TargetRuleSettings

Initializer 

import { TargetRuleSettings } from '@catnekaise/ghrawel'

const targetRuleSettings: TargetRuleSettings = { ... }

Properties

Name Type Description
mode RepositorySelectionMode No description.
modeRequired 
public readonly mode: RepositorySelectionMode;

TokenProviderActionsIdentitySettings

Initializer 

import { TokenProviderActionsIdentitySettings } from '@catnekaise/ghrawel'

const tokenProviderActionsIdentitySettings: TokenProviderActionsIdentitySettings = { ... }

Properties

Name Type Description
claimsContext @catnekaise/cdk-iam-utilities.IClaimsContext No description.
pathStrategy TokenProviderPathStrategy No description.
claimsContextRequired 
public readonly claimsContext: IClaimsContext;
  • Type: @catnekaise/cdk-iam-utilities.IClaimsContext
pathStrategyOptional 
public readonly pathStrategy: TokenProviderPathStrategy;

TokenProviderApiProps

Initializer 

import { TokenProviderApiProps } from '@catnekaise/ghrawel'

const tokenProviderApiProps: TokenProviderApiProps = { ... }

Properties

Name Type Description
apps IGitHubApps GitHub Apps configuration.
api aws-cdk-lib.aws_apigateway.RestApi Use this to provide the API Gateway RestApi configured to your requirements.
lambda aws-cdk-lib.aws_lambda.Function Use this to provide the Lambda Function configured to your requirements.
appsRequired 
public readonly apps: IGitHubApps;

GitHub Apps configuration.

apiOptional 
public readonly api: RestApi;
  • Type: aws-cdk-lib.aws_apigateway.RestApi

Use this to provide the API Gateway RestApi configured to your requirements.

lambdaOptional 
public readonly lambda: Function;
  • Type: aws-cdk-lib.aws_lambda.Function

Use this to provide the Lambda Function configured to your requirements.

TokenProviderConfiguratorIntegrationOptionsContext

Initializer 

import { TokenProviderConfiguratorIntegrationOptionsContext } from '@catnekaise/ghrawel'

const tokenProviderConfiguratorIntegrationOptionsContext: TokenProviderConfiguratorIntegrationOptionsContext = { ... }

Properties

Name Type Description
appId number No description.
appName string No description.
endpoint TokenProviderEndpoint No description.
name string No description.
permissions GitHubAppPermissions No description.
targetRule TargetRuleSettings No description.
appIdRequired 
public readonly appId: number;
  • Type: number
appNameRequired 
public readonly appName: string;
  • Type: string
endpointRequired 
public readonly endpoint: TokenProviderEndpoint;
nameRequired 
public readonly name: string;
  • Type: string
permissionsRequired 
public readonly permissions: GitHubAppPermissions;
targetRuleRequired 
public readonly targetRule: TargetRuleSettings;

TokenProviderConfiguratorMethodOptionsContext

Initializer 

import { TokenProviderConfiguratorMethodOptionsContext } from '@catnekaise/ghrawel'

const tokenProviderConfiguratorMethodOptionsContext: TokenProviderConfiguratorMethodOptionsContext = { ... }

Properties

Name Type Description
endpointType TokenProviderEndpointType No description.
errorResponseModel aws-cdk-lib.aws_apigateway.Model No description.
operationName string No description.
repositorySelectionMode RepositorySelectionMode No description.
tokenResponseModel aws-cdk-lib.aws_apigateway.Model No description.
requestValidator aws-cdk-lib.aws_apigateway.IRequestValidator No description.
endpointTypeRequired 
public readonly endpointType: TokenProviderEndpointType;
errorResponseModelRequired 
public readonly errorResponseModel: Model;
  • Type: aws-cdk-lib.aws_apigateway.Model
operationNameRequired 
public readonly operationName: string;
  • Type: string
repositorySelectionModeRequired 
public readonly repositorySelectionMode: RepositorySelectionMode;
tokenResponseModelRequired 
public readonly tokenResponseModel: Model;
  • Type: aws-cdk-lib.aws_apigateway.Model
requestValidatorOptional 
public readonly requestValidator: IRequestValidator;
  • Type: aws-cdk-lib.aws_apigateway.IRequestValidator

TokenProviderLambdaCodeOptions

Use this to build a supported the TokenProvider lambda application when the source is located in a public repository.

Initializer 

import { TokenProviderLambdaCodeOptions } from '@catnekaise/ghrawel'

const tokenProviderLambdaCodeOptions: TokenProviderLambdaCodeOptions = { ... }

Properties

Name Type Description
architecture ApplicationArchitecture Should be equal to the architecture configured for the lambda function.
checkout string Value for git checkout after cloning the repository Example: main, origin/feature1, SHA.
platform string Value for docker platform Example: linux/amd64.
repository string Repository Url Example: https://github.com/catnekaise/example-fork.git.
architectureOptional 
public readonly architecture: ApplicationArchitecture;

Should be equal to the architecture configured for the lambda function.

This value is used to build the application in the specified architecture.

checkoutOptional 
public readonly checkout: string;
  • Type: string

Value for git checkout after cloning the repository Example: main, origin/feature1, SHA.

platformOptional 
public readonly platform: string;
  • Type: string

Value for docker platform Example: linux/amd64.

repositoryOptional 
public readonly repository: string;
  • Type: string

Repository Url Example: https://github.com/catnekaise/example-fork.git.

TokenProviderMethodOptions

Initializer 

import { TokenProviderMethodOptions } from '@catnekaise/ghrawel'

const tokenProviderMethodOptions: TokenProviderMethodOptions = { ... }

Properties

Name Type Description
endpointType TokenProviderEndpointType No description.
errorResponseModel aws-cdk-lib.aws_apigateway.Model No description.
operationName string No description.
requestValidator aws-cdk-lib.aws_apigateway.RequestValidator No description.
tokenResponseModel aws-cdk-lib.aws_apigateway.Model No description.
endpointTypeRequired 
public readonly endpointType: TokenProviderEndpointType;
errorResponseModelRequired 
public readonly errorResponseModel: Model;
  • Type: aws-cdk-lib.aws_apigateway.Model
operationNameRequired 
public readonly operationName: string;
  • Type: string
requestValidatorRequired 
public readonly requestValidator: RequestValidator;
  • Type: aws-cdk-lib.aws_apigateway.RequestValidator
tokenResponseModelRequired 
public readonly tokenResponseModel: Model;
  • Type: aws-cdk-lib.aws_apigateway.Model

TokenProviderSettings

Initializer 

import { TokenProviderSettings } from '@catnekaise/ghrawel'

const tokenProviderSettings: TokenProviderSettings = { ... }

Properties

Name Type Description
api aws-cdk-lib.aws_apigateway.IRestApi No description.
app string No description.
appId number No description.
configurator TokenProviderConfigurator No description.
endpoint TokenProviderEndpoint No description.
lambda aws-cdk-lib.aws_lambda.Function No description.
methodOptions TokenProviderMethodOptions No description.
name string No description.
permissions GitHubAppPermissions No description.
targetRule TokenProviderTargetRule No description.
apiRequired 
public readonly api: IRestApi;
  • Type: aws-cdk-lib.aws_apigateway.IRestApi
appRequired 
public readonly app: string;
  • Type: string
appIdRequired 
public readonly appId: number;
  • Type: number
configuratorRequired 
public readonly configurator: TokenProviderConfigurator;
endpointRequired 
public readonly endpoint: TokenProviderEndpoint;
lambdaRequired 
public readonly lambda: Function;
  • Type: aws-cdk-lib.aws_lambda.Function
methodOptionsRequired 
public readonly methodOptions: TokenProviderMethodOptions;
nameRequired 
public readonly name: string;
  • Type: string
permissionsRequired 
public readonly permissions: GitHubAppPermissions;
targetRuleRequired 
public readonly targetRule: TokenProviderTargetRule;

Classes

ApplicationArchitecture

Only applicable to TokenProviderLambdaCodeOptions.

Ensure that the lambda function architecture matches.

Properties

Name Type Description
name string No description.
nameRequired 
public readonly name: string;
  • Type: string

Constants

Name Type Description
ARM_64 ApplicationArchitecture No description.
X86_64 ApplicationArchitecture No description.
ARM_64Required 
public readonly ARM_64: ApplicationArchitecture;
X86_64Required 
public readonly X86_64: ApplicationArchitecture;

GitHubApp

Static Functions

Name Description
create No description.
create 
import { GitHubApp } from '@catnekaise/ghrawel'

GitHubApp.create(name: string, appId: number)
nameRequired
  • Type: string
appIdRequired
  • Type: number

Properties

Name Type Description
appId number No description.
name string No description.
appIdRequired 
public readonly appId: number;
  • Type: number
nameRequired 
public readonly name: string;
  • Type: string

TokenProviderConfigurator

This class may see some breaking changes but the intent is to stabilize, be made abstract and available as input on TokenProviderConfiguration.

Methods

Name Description
createApiResource No description.
createIntegrationOptions No description.
createMethodOptions No description.
createApiResource 
public createApiResource(api: IRestApi, name: string, endpoint: TokenProviderEndpoint): Resource
apiRequired
  • Type: aws-cdk-lib.aws_apigateway.IRestApi
nameRequired
  • Type: string
endpointRequired
createIntegrationOptions 
public createIntegrationOptions(settings: TokenProviderConfiguratorIntegrationOptionsContext): LambdaIntegrationOptions
settingsRequired
createMethodOptions 
public createMethodOptions(input: TokenProviderConfiguratorMethodOptionsContext): MethodOptions
inputRequired

Static Functions

Name Description
create No description.
create 
import { TokenProviderConfigurator } from '@catnekaise/ghrawel'

TokenProviderConfigurator.create()

Properties

Name Type Description
integrationResponses aws-cdk-lib.aws_apigateway.IntegrationResponse[] No description.
integrationResponsesRequired 
public readonly integrationResponses: IntegrationResponse[];
  • Type: aws-cdk-lib.aws_apigateway.IntegrationResponse[]

TokenProviderEndpoint

Static Functions

Name Description
useDefault Use this to configure a token provider at /x/<provider-name>/{owner}/{repo}.
useOwner Use this to configure a token provider at /x/<provider-name>/{owner} or /x/<provider-name>/<owner>.
useDefault 
import { TokenProviderEndpoint } from '@catnekaise/ghrawel'

TokenProviderEndpoint.useDefault()

Use this to configure a token provider at /x/<provider-name>/{owner}/{repo}.

useOwner 
import { TokenProviderEndpoint } from '@catnekaise/ghrawel'

TokenProviderEndpoint.useOwner(owner?: string)

Use this to configure a token provider at /x/<provider-name>/{owner} or /x/<provider-name>/<owner>.

ownerOptional
  • Type: string

Properties

Name Type Description
isOwnerEndpoint boolean No description.
type TokenProviderEndpointType No description.
owner string No description.
repo string No description.
isOwnerEndpointRequired 
public readonly isOwnerEndpoint: boolean;
  • Type: boolean
typeRequired 
public readonly type: TokenProviderEndpointType;
ownerOptional 
public readonly owner: string;
  • Type: string
repoOptional 
public readonly repo: string;
  • Type: string

TokenProviderLambdaCode

Initializers 

import { TokenProviderLambdaCode } from '@catnekaise/ghrawel'

new TokenProviderLambdaCode()
Name Type Description

Static Functions

Name Description
defaultGo No description.
dotnet No description.
defaultGo 
import { TokenProviderLambdaCode } from '@catnekaise/ghrawel'

TokenProviderLambdaCode.defaultGo(options?: TokenProviderLambdaCodeOptions)
optionsOptional
dotnet 
import { TokenProviderLambdaCode } from '@catnekaise/ghrawel'

TokenProviderLambdaCode.dotnet(options?: TokenProviderLambdaCodeOptions)
optionsOptional

TokenProviderPathStrategy

Static Functions

Name Description
anyRepository Grants permission to /x/<provider-name>/*.
policyVarRepository Grants permission to /x/<provider-name>/${aws:PrincipalTag/repository}.
policyVarRepositoryOwner Grants permission to /x/<provider-name>/${aws:PrincipalTag/repository_owner} or /x/<provider-name>/${aws:PrincipalTag/repository_owner}/<repo>.
selectOwner Grants permission to /x/<provider-name>/<owner>.
selectRepositories Grants permission for each specified repo /x/<provider-name>/<owner>/<repo>.
anyRepository 
import { TokenProviderPathStrategy } from '@catnekaise/ghrawel'

TokenProviderPathStrategy.anyRepository()

Grants permission to /x/<provider-name>/*.

policyVarRepository 
import { TokenProviderPathStrategy } from '@catnekaise/ghrawel'

TokenProviderPathStrategy.policyVarRepository()

Grants permission to /x/<provider-name>/${aws:PrincipalTag/repository}.

policyVarRepositoryOwner 
import { TokenProviderPathStrategy } from '@catnekaise/ghrawel'

TokenProviderPathStrategy.policyVarRepositoryOwner(repositories: string)

Grants permission to /x/<provider-name>/${aws:PrincipalTag/repository_owner} or /x/<provider-name>/${aws:PrincipalTag/repository_owner}/<repo>.

repositoriesRequired
  • Type: string
selectOwner 
import { TokenProviderPathStrategy } from '@catnekaise/ghrawel'

TokenProviderPathStrategy.selectOwner(owner: string)

Grants permission to /x/<provider-name>/<owner>.

ownerRequired
  • Type: string
selectRepositories 
import { TokenProviderPathStrategy } from '@catnekaise/ghrawel'

TokenProviderPathStrategy.selectRepositories(owner: string, repositories: string)

Grants permission for each specified repo /x/<provider-name>/<owner>/<repo>.

ownerRequired
  • Type: string
repositoriesRequired
  • Type: string

Properties

Name Type Description
pathTargetsRepositories boolean No description.
repositories string[] No description.
type TokenProviderPathStrategyType No description.
owner string No description.
policyVar TokenProviderPathPolicyVariable No description.
pathTargetsRepositoriesRequired 
public readonly pathTargetsRepositories: boolean;
  • Type: boolean
repositoriesRequired 
public readonly repositories: string[];
  • Type: string[]
typeRequired 
public readonly type: TokenProviderPathStrategyType;
ownerOptional 
public readonly owner: string;
  • Type: string
policyVarOptional 
public readonly policyVar: TokenProviderPathPolicyVariable;

TokenProviderTargetRule

Static Functions

Name Description
allowOwner No description.
atLeastOne No description.
allowOwner 
import { TokenProviderTargetRule } from '@catnekaise/ghrawel'

TokenProviderTargetRule.allowOwner()
atLeastOne 
import { TokenProviderTargetRule } from '@catnekaise/ghrawel'

TokenProviderTargetRule.atLeastOne()

Properties

Name Type Description
repositorySelectionMode RepositorySelectionMode No description.
repositorySelectionModeRequired 
public readonly repositorySelectionMode: RepositorySelectionMode;

Protocols

IGitHubApps

Methods

Name Description
getAppIdForAppName No description.
grantAccess No description.
getAppIdForAppName 
public getAppIdForAppName(name?: string): number
nameOptional
  • Type: string
grantAccess 
public grantAccess(principal: IPrincipal): Grant
principalRequired
  • Type: aws-cdk-lib.aws_iam.IPrincipal

Properties

Name Type Description
secretsPrefix string No description.
secretsStorage GitHubAppSecretsStorage No description.
secretsPrefixRequired 
public readonly secretsPrefix: string;
  • Type: string
secretsStorageRequired 
public readonly secretsStorage: GitHubAppSecretsStorage;

ITokenProvider

Methods

Name Description
grantExecute Use this to grant access to the token provider.
grantExecuteGitHubActionsAbac use this to grant access to the token provider when the role is assumed via Cognito Identity.
grantExecute 
public grantExecute(role: IRole, repo: string, owner?: string): Grant

Use this to grant access to the token provider.

roleRequired
  • Type: aws-cdk-lib.aws_iam.IRole
repoRequired
  • Type: string
ownerOptional
  • Type: string
grantExecuteGitHubActionsAbac 
public grantExecuteGitHubActionsAbac(role: IRole, settings: TokenProviderActionsIdentitySettings): Grant

use this to grant access to the token provider when the role is assumed via Cognito Identity.

roleRequired
  • Type: aws-cdk-lib.aws_iam.IRole
settingsRequired

ITokenProviderApi

Methods

Name Description
newTokenProvider No description.
newTokenProvider 
public newTokenProvider(name: string, configuration: NewTokenProviderConfiguration): ITokenProvider
nameRequired
  • Type: string
configurationRequired

Enums

GitHubAppSecretsStorage

Members

Name Description
PARAMETER_STORE No description.
SECRETS_MANAGER No description.
PARAMETER_STORE
SECRETS_MANAGER

PermissionLevel

Members

Name Description
READ No description.
WRITE No description.
ADMIN No description.
READ
WRITE
ADMIN

RepositorySelectionMode

Members

Name Description
AT_LEAST_ONE Allows targeting of any individual or multiple repos, but NOT the organization.
ALLOW_OWNER Allows targeting of any individual or multiple repos and the organization/user.
AT_LEAST_ONE

Allows targeting of any individual or multiple repos, but NOT the organization.

ALLOW_OWNER

Allows targeting of any individual or multiple repos and the organization/user.

TokenProviderEndpointType

Members

Name Description
DEFAULT No description.
DYNAMIC_OWNER No description.
STATIC_OWNER No description.
DEFAULT
DYNAMIC_OWNER
STATIC_OWNER

TokenProviderPathPolicyVariable

Members

Name Description
REPOSITORY No description.
REPOSITORY_OWNER No description.
REPOSITORY
REPOSITORY_OWNER

TokenProviderPathStrategyType

Members

Name Description
POLICY_VAR No description.
ANY_REPOSITORY No description.
OWNER No description.
REPOSITORIES No description.
POLICY_VAR
ANY_REPOSITORY
OWNER
REPOSITORIES