AWS CodeBuild with GitHub fine-grained personal access tokens


I have created a CodeBuild project with the source configured to access the repository on GitHub. For that purpose I created a fine-grained personal access token. CodeBuild configuration was successful and a webhook has been created. Upon pushing a commit to the repo, a CodeBuild job is triggered.

However, the job hangs for 2 minutes on DOWNLOAD_SOURCE phase, and eventually fails with an error:

CLIENT_ERROR: authentication required for primary source and source version main

I kept adding more and more permissions, but didn't help:

GitHub PAT scopes

Does CodeBuild have issues with fine-grained tokens? Any ideas what could be wrong?

profile picture
gefragt vor einem Jahr1735 Aufrufe
3 Antworten

I have exactly the same problem, even after granting all permissions it does not work and I get the message CLIENT_ERROR: authentication required for primary source and source version main

If I select the classic Tokens or oAuth it works. Unfortunately thats not what I would consider as least privilege. Any idea how we get fine-graded tokens to work?

beantwortet vor einem Jahr

OMG... I have spent days trying to figure out why this wasn't working, thinking it was something wrong with my setup. The fine-grained access token works when using a Github source for CodePipeline, but apparently not when configuring it as a source for a plain CodeBuild.

beantwortet vor einem Jahr

I cannot get oAuth to show any private GitHub repos, and using the connection is not an option for Codebuild. I've wasted most of the day on this. Codepipeline, but that is not my requirement

beantwortet vor einem Jahr

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen