AWS CodePipeline not able to access Organization's repositories

anshul410 picture anshul410 · Sep 4, 2015 · Viewed 9.1k times · Source

I am trying to setup Continuous deployments pipelines in AWS Codepipeline.

While creating a pipeline I provide "Source provider" as GitHub and then connect to GitHub. I am able to see my public repositories in "Repository" drop-down in create Pipeline page. But I am not able to see my Organization's private repositories in this drop-down. I have write access in Organization.

How can I make AWS Codepipeline have access to my organizations repositories.

Answer

Steffen Opel picture Steffen Opel · Sep 4, 2015

AWS CodePipeline requires two GitHub scopes for its operation, as outlined in section GitHub within Product and Service Integrations with AWS CodePipeline: Source Action Integrations:

[...] You can connect to the GitHub repository by either creating a new pipeline or editing an existing one. The first time you add a GitHub repository to a pipeline, you will be asked to authorize AWS CodePipeline access to your repositories. To integrate with GitHub, AWS CodePipeline uses OAuth tokens and requires two GitHub scopes: admin:repo_hook, which is used to detect when you have committed and pushed changes to the repository, and repo, which is used to read and pull artifacts from public and private repositories into a pipeline. For more information about GitHub scopes, see the GitHub Developer API Reference.
Access for AWS CodePipeline is configured for all repositories to which that GitHub account has access; it cannot currently be configured for individual repositories.
[emphasis mine]

Now, while you have probably done that, it is possible that your organization is set up so that it does not grant access by default (while this is visible and adjustable when authorizing a new app/service, it is easily overlooked) - here's the resp. GitHub tooltip:

Until access is granted by an owner, the application cannot access the organization's private data or modify its public data.

Provided you are an owner of the organization, you can explicitly grant access by doing the inverse instructions outlined in the referenced CodePipeline GitHub documentation:

You can revoke this access from GitHub by choosing Settings, choosing Applications, and then, under Authorized applications, finding AWS CodePipeline in the list of authorized applications and choosing Revoke. [...]

That is, go to your GitHub profile => Settings => Applications => AWS CodePipeline, and click the Grant access button for each applicable organization.