AWS CodeBuild with GitHub fine-grained personal access tokens


I have created a CodeBuild project with the source configured to access the repository on GitHub. For that purpose I created a fine-grained personal access token. CodeBuild configuration was successful and a webhook has been created. Upon pushing a commit to the repo, a CodeBuild job is triggered.

However, the job hangs for 2 minutes on DOWNLOAD_SOURCE phase, and eventually fails with an error:

CLIENT_ERROR: authentication required for primary source and source version main

I kept adding more and more permissions, but didn't help:

GitHub PAT scopes

Does CodeBuild have issues with fine-grained tokens? Any ideas what could be wrong?

profile picture
posta un anno fa1723 visualizzazioni
3 Risposte

I have exactly the same problem, even after granting all permissions it does not work and I get the message CLIENT_ERROR: authentication required for primary source and source version main

If I select the classic Tokens or oAuth it works. Unfortunately thats not what I would consider as least privilege. Any idea how we get fine-graded tokens to work?

con risposta un anno fa

OMG... I have spent days trying to figure out why this wasn't working, thinking it was something wrong with my setup. The fine-grained access token works when using a Github source for CodePipeline, but apparently not when configuring it as a source for a plain CodeBuild.

con risposta un anno fa

I cannot get oAuth to show any private GitHub repos, and using the connection is not an option for Codebuild. I've wasted most of the day on this. Codepipeline, but that is not my requirement

con risposta un anno fa

Accesso non effettuato. Accedi per postare una risposta.

Una buona risposta soddisfa chiaramente la domanda, fornisce un feedback costruttivo e incoraggia la crescita professionale del richiedente.

Linee guida per rispondere alle domande