Skip to content

/AWS1/CL_PIPWEBHOOKDEFINITION

Represents information about a webhook and its definition.

CONSTRUCTOR

IMPORTING

Required arguments:

iv_name TYPE /AWS1/PIPWEBHOOKNAME /AWS1/PIPWEBHOOKNAME

The name of the webhook.

iv_targetpipeline TYPE /AWS1/PIPPIPELINENAME /AWS1/PIPPIPELINENAME

The name of the pipeline you want to connect to the webhook.

iv_targetaction TYPE /AWS1/PIPACTIONNAME /AWS1/PIPACTIONNAME

The name of the action in a pipeline you want to connect to the webhook. The action must be from the source (first) stage of the pipeline.

it_filters TYPE /AWS1/CL_PIPWEBHOOKFILTERRULE=>TT_WEBHOOKFILTERS TT_WEBHOOKFILTERS

A list of rules applied to the body/payload sent in the POST request to a webhook URL. All defined rules must pass for the request to be accepted and the pipeline started.

iv_authentication TYPE /AWS1/PIPWEBHOOKAUTHNTCTNTYPE /AWS1/PIPWEBHOOKAUTHNTCTNTYPE

Supported options are GITHUB_HMAC, IP, and UNAUTHENTICATED.

When creating CodePipeline webhooks, do not use your own credentials or reuse the same secret token across multiple webhooks. For optimal security, generate a unique secret token for each webhook you create. The secret token is an arbitrary string that you provide, which GitHub uses to compute and sign the webhook payloads sent to CodePipeline, for protecting the integrity and authenticity of the webhook payloads. Using your own credentials or reusing the same token across multiple webhooks can lead to security vulnerabilities.

If a secret token was provided, it will be redacted in the response.

  • For information about the authentication scheme implemented by GITHUB_HMAC, see Securing your webhooks on the GitHub Developer website.

  • IP rejects webhooks trigger requests unless they originate from an IP address in the IP range whitelisted in the authentication configuration.

  • UNAUTHENTICATED accepts all webhook trigger requests regardless of origin.

io_authntctnconfiguration TYPE REF TO /AWS1/CL_PIPWEBHOOKAUTHCONF /AWS1/CL_PIPWEBHOOKAUTHCONF

Properties that configure the authentication applied to incoming webhook trigger requests. The required properties depend on the authentication type. For GITHUB_HMAC, only the SecretToken property must be set. For IP, only the AllowedIPRange property must be set to a valid CIDR range. For UNAUTHENTICATED, no properties can be set.

Queryable Attributes

name

The name of the webhook.

Accessible with the following methods

Method Description
GET_NAME() Getter for NAME, with configurable default
ASK_NAME() Getter for NAME w/ exceptions if field has no value
HAS_NAME() Determine if NAME has a value

targetPipeline

The name of the pipeline you want to connect to the webhook.

Accessible with the following methods

Method Description
GET_TARGETPIPELINE() Getter for TARGETPIPELINE, with configurable default
ASK_TARGETPIPELINE() Getter for TARGETPIPELINE w/ exceptions if field has no valu
HAS_TARGETPIPELINE() Determine if TARGETPIPELINE has a value

targetAction

The name of the action in a pipeline you want to connect to the webhook. The action must be from the source (first) stage of the pipeline.

Accessible with the following methods

Method Description
GET_TARGETACTION() Getter for TARGETACTION, with configurable default
ASK_TARGETACTION() Getter for TARGETACTION w/ exceptions if field has no value
HAS_TARGETACTION() Determine if TARGETACTION has a value

filters

A list of rules applied to the body/payload sent in the POST request to a webhook URL. All defined rules must pass for the request to be accepted and the pipeline started.

Accessible with the following methods

Method Description
GET_FILTERS() Getter for FILTERS, with configurable default
ASK_FILTERS() Getter for FILTERS w/ exceptions if field has no value
HAS_FILTERS() Determine if FILTERS has a value

authentication

Supported options are GITHUB_HMAC, IP, and UNAUTHENTICATED.

When creating CodePipeline webhooks, do not use your own credentials or reuse the same secret token across multiple webhooks. For optimal security, generate a unique secret token for each webhook you create. The secret token is an arbitrary string that you provide, which GitHub uses to compute and sign the webhook payloads sent to CodePipeline, for protecting the integrity and authenticity of the webhook payloads. Using your own credentials or reusing the same token across multiple webhooks can lead to security vulnerabilities.

If a secret token was provided, it will be redacted in the response.

  • For information about the authentication scheme implemented by GITHUB_HMAC, see Securing your webhooks on the GitHub Developer website.

  • IP rejects webhooks trigger requests unless they originate from an IP address in the IP range whitelisted in the authentication configuration.

  • UNAUTHENTICATED accepts all webhook trigger requests regardless of origin.

Accessible with the following methods

Method Description
GET_AUTHENTICATION() Getter for AUTHENTICATION, with configurable default
ASK_AUTHENTICATION() Getter for AUTHENTICATION w/ exceptions if field has no valu
HAS_AUTHENTICATION() Determine if AUTHENTICATION has a value

authenticationConfiguration

Properties that configure the authentication applied to incoming webhook trigger requests. The required properties depend on the authentication type. For GITHUB_HMAC, only the SecretToken property must be set. For IP, only the AllowedIPRange property must be set to a valid CIDR range. For UNAUTHENTICATED, no properties can be set.

Accessible with the following methods

Method Description
GET_AUTHNTCTNCONFIGURATION() Getter for AUTHENTICATIONCONFIGURATION