fix: Access githubtoken w/ unsafeUnwrap in AutoBuild (#1145)

Directly accessing the secret githubtoken in AutoBuild is no longer allowed. Code must explicitly call unsafeUnwrap() to confirm the developer understands the data value is a secret and the risks associated with accessing it. ----- By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
cdklabs · Jul 20, 2022 · 5f50ef4 · 5f50ef4
1 parent 89915dc
commit 5f50ef4
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/lib/auto-build.ts b/lib/auto-build.ts
@@ -1,5 +1,5 @@
 import {
-  Token, SecretValue,
+  SecretValue,
   aws_codebuild as codebuild,
   aws_sam as serverless,
 } from 'aws-cdk-lib';
@@ -126,7 +126,7 @@ export class AutoBuild extends Construct {
           CodeBuildProjectName: this.project.projectName,
           DeletePreviousComments: (props.deletePreviousPublicLogsLinks ?? true).toString(),
           CommentOnSuccess: (props.publicLogsOnSuccess ?? true).toString(),
-          ...githubToken ? { GitHubOAuthToken: Token.asString(githubToken) } : undefined,
+          ...githubToken ? { GitHubOAuthToken: githubToken.unsafeUnwrap() } : undefined,
         },
       });
     }