AWS CloudFormation CodePipeline: 无法从GitHub获取仓库内容

我正在尝试使用CodePipeline和GitHub设置AWS CloudFormation配置。

在我的示例项目和教程 “使用 AWS CloudFormation 创建 GitHub 管道” 中，我都失败了。

所有资源都已创建，但在CodePipeline中，在初始的“源”阶段中，我不断收到以下错误：

无法从GitHub获取存储库的内容。

请参见下面的图片：

请注意，这不是权限错误。这是某些其他问题，直到现在在Google上也没有找到答案。

如果停止使用CloudFormation并通过控制台创建CodePipeline，则可以配置GitHub以正常工作，但出于我的目的，我需要使用CloudFormation，必须坚持使用模板。

以下是从教程中复制的CloudFormation模板：

Parameters:
  BranchName:
    Description: GitHub branch name
    Type: String
    Default: master
  RepositoryName:
    Description: GitHub repository name
    Type: String
    Default: test
  GitHubOwner:
    Type: String
  GitHubSecret:
    Type: String
    NoEcho: true
  GitHubOAuthToken:
    Type: String
    NoEcho: true
  ApplicationName:
    Description: CodeDeploy application name
    Type: String
    Default: DemoApplication
  BetaFleet:
    Description: Fleet configured in CodeDeploy
    Type: String
    Default: DemoFleet
Resources:
  CodePipelineArtifactStoreBucket:
    Type: "AWS::S3::Bucket"
  CodePipelineArtifactStoreBucketPolicy:
    Type: "AWS::S3::BucketPolicy"
    Properties:
      Bucket: !Ref CodePipelineArtifactStoreBucket
      PolicyDocument:
        Version: 2012-10-17
        Statement:
          - Sid: DenyUnEncryptedObjectUploads
            Effect: Deny
            Principal: "*"
            Action: "s3:PutObject"
            Resource: !Join
              - ""
              - - !GetAtt
                  - CodePipelineArtifactStoreBucket
                  - Arn
                - /*
            Condition:
              StringNotEquals:
                "s3:x-amz-server-side-encryption": "aws:kms"
          - Sid: DenyInsecureConnections
            Effect: Deny
            Principal: "*"
            Action: "s3:*"
            Resource: !Join
              - ""
              - - !GetAtt
                  - CodePipelineArtifactStoreBucket
                  - Arn
                - /*
            Condition:
              Bool:
                "aws:SecureTransport": false
  AppPipelineWebhook:
    Type: "AWS::CodePipeline::Webhook"
    Properties:
      Authentication: GITHUB_HMAC
      AuthenticationConfiguration:
        SecretToken: !Ref GitHubSecret
      Filters:
        - JsonPath: $.ref
          MatchEquals: "refs/heads/{Branch}"
      TargetPipeline: !Ref AppPipeline
      TargetAction: SourceAction
      Name: AppPipelineWebhook
      TargetPipelineVersion: !GetAtt
        - AppPipeline
        - Version
      RegisterWithThirdParty: true
  AppPipeline:
    Type: "AWS::CodePipeline::Pipeline"
    Properties:
      Name: github-events-pipeline
      RoleArn: !GetAtt
        - CodePipelineServiceRole
        - Arn
      Stages:
        - Name: Source
          Actions:
            - Name: SourceAction
              ActionTypeId:
                Category: Source
                Owner: ThirdParty
                Version: 1
                Provider: GitHub
              OutputArtifacts:
                - Name: SourceOutput
              Configuration:
                Owner: !Ref GitHubOwner
                Repo: !Ref RepositoryName
                Branch: !Ref BranchName
                OAuthToken: !Ref GitHubOAuthToken
                PollForSourceChanges: false
              RunOrder: 1
        - Name: Beta
          Actions:
            - Name: BetaAction
              InputArtifacts:
                - Name: SourceOutput
              ActionTypeId:
                Category: Deploy
                Owner: AWS
                Version: 1
                Provider: CodeDeploy
              Configuration:
                ApplicationName: !Ref ApplicationName
                DeploymentGroupName: !Ref BetaFleet
              RunOrder: 1
      ArtifactStore:
        Type: S3
        Location: !Ref CodePipelineArtifactStoreBucket
  CodePipelineServiceRole:
    Type: "AWS::IAM::Role"
    Properties:
      AssumeRolePolicyDocument:
        Version: 2012-10-17
        Statement:
          - Effect: Allow
            Principal:
              Service:
                - codepipeline.amazonaws.com
            Action: "sts:AssumeRole"
      Path: /
      Policies:
        - PolicyName: AWS-CodePipeline-Service-3
          PolicyDocument:
            Version: 2012-10-17
            Statement:
              - Effect: Allow
                Action:
                  - "codecommit:CancelUploadArchive"
                  - "codecommit:GetBranch"
                  - "codecommit:GetCommit"
                  - "codecommit:GetUploadArchiveStatus"
                  - "codecommit:UploadArchive"
                Resource: "*"
              - Effect: Allow
                Action:
                  - "codedeploy:CreateDeployment"
                  - "codedeploy:GetApplicationRevision"
                  - "codedeploy:GetDeployment"
                  - "codedeploy:GetDeploymentConfig"
                  - "codedeploy:RegisterApplicationRevision"
                Resource: "*"
              - Effect: Allow
                Action:
                  - "codebuild:BatchGetBuilds"
                  - "codebuild:StartBuild"
                Resource: "*"
              - Effect: Allow
                Action:
                  - "devicefarm:ListProjects"
                  - "devicefarm:ListDevicePools"
                  - "devicefarm:GetRun"
                  - "devicefarm:GetUpload"
                  - "devicefarm:CreateUpload"
                  - "devicefarm:ScheduleRun"
                Resource: "*"
              - Effect: Allow
                Action:
                  - "lambda:InvokeFunction"
                  - "lambda:ListFunctions"
                Resource: "*"
              - Effect: Allow
                Action:
                  - "iam:PassRole"
                Resource: "*"
              - Effect: Allow
                Action:
                  - "elasticbeanstalk:*"
                  - "ec2:*"
                  - "elasticloadbalancing:*"
                  - "autoscaling:*"
                  - "cloudwatch:*"
                  - "s3:*"
                  - "sns:*"
                  - "cloudformation:*"
                  - "rds:*"
                  - "sqs:*"
                  - "ecs:*"
                Resource: "*"

我已经采取了以下步骤：

• 提供Github组织，存储库和分支
• 在GitHub上设置个人访问令牌，并将其提供给模板GitHubOAuthToken参数，该参数具有对repo:all和admin:repo_hook的访问权限
• 设置随机字符串并将其提供给GitHubSecret
• 尝试不包括GitHubSecret，就像许多其他示例一样
• 验证我的地区的AWS CodePipeline是否在Github应用程序下列出为“授权的OAuth应用程序”

为了从一个干净的状态开始，我还做了以下工作：

• 清除所有GitHub Webhooks，然后启动aws codepipeline list-webhooks和aws codepipeline delete-webhook --name
• 添加新的个人访问令牌
• 尝试多个存储库和分支

有什么办法可以让GitHub与CloudFormation和CodePipeline一起工作吗？