This script will ensure every non-archived repository tagged with govuk on Github is mirrored to AWS CodeCommit. It will then synchronise all branches and the most recent tags, including removing branches that have been deleted in GitHub. In runs periodically in Jenkins.
Warning: If you need to work on a branch in private on AWS CodeCommit, this script must be prevented from running. If it runs and the branch you’re working on does not exist in GitHub, it will be removed from AWS CodeCommit. The easiest way to prevent this is to untag the repository in GitHub.
Required environment variables:
A personal access token with read:org and repo scope
IAM user with privileges to assume the role in ROLE_ARN
A private key attached to the IAM user in AWS_CODECOMMIT_USER_ID
IAM role with privileges to create, list and push to CodeCommit repositories