profile picture

@clementvial

indie dev. I build things for the web.
check out my links and posts

Migrating CDK Pipelines from CodeCommit to GitHub

When using AWS CDK Pipelines for continuous delivery, you might want to switch from CodeCommit to GitHub as your source repository. Here’s how to migrate without rebuilding your pipeline from scratch.

Migration Steps

  1. First, create your GitHub repository and migrate your code:
# Add GitHub as a new remote
git remote add github https://github.com/your-username/your-repo.git

# Push everything to GitHub
git push github --all && git push github --tags

  1. Create a GitHub access token and store it in AWS Secrets Manager:

    • Go to GitHub Settings > Developer settings > Personal access tokens
    • Generate a new classic token with repo scope
    • Store it in AWS Secrets Manager as github-token

  2. Update your CDK pipeline code:

import { CodePipeline, CodePipelineSource } from 'aws-cdk-lib/pipelines';
import { Repository } from 'aws-cdk-lib/aws-codecommit';

// Define the CodeCommit repository
const codeCommitRepository = Repository.fromRepositoryName(this, 'my-codecommit-repo-id', 'my-codecommit-repo-name');

const pipeline = new CodePipeline(this, 'Pipeline', {
    pipelineName: 'my-pipeline',
    synth: new ShellStep('Synth', {
        // Replace CodeCommit source with GitHub
        input: CodePipelineSource.codeCommit(codeCommitRepository, 'main'),
        input: CodePipelineSource.gitHub('your-username/your-repo', 'main'),
        commands: ['npm ci', 'npm run build', 'npx cdk synth']
    })
});
  1. Deploy the changes and update your git remotes:
# Commit and push the changes to CodeCommit
git add .
git commit -m "chore: migrate pipeline source to GitHub"
git push origin main

# Push to GitHub to ensure both repos are in sync
git push github main

# Switch GitHub to be primary remote, but keep CodeCommit as backup
git remote rename origin codecommit-backup
git remote rename github origin

# After validating the pipeline works with GitHub, you can remove the old remote
# git remote remove codecommit-backup

How It Works

  • The pipeline uses GitHub’s API to watch for changes
  • Authentication happens via the personal access token stored in Secrets Manager
  • CodePipeline automatically handles the transition without pipeline recreation
  • Your deployment history and pipeline resources remain intact

Note:

  • Ensure your GitHub token has sufficient permissions
  • The token in Secrets Manager must be named github-token
© 2025 Clement Vial. All rights reserved.