Cloud Services

DevOps Intelligence

GitHub and GitHub Enterprise configuration
Published On Nov 05, 2024 - 1:34 PM

GitHub and GitHub Enterprise configuration

Learn how to configure DevOps Intelligence to collect data acquired by GitHub, extending the single pane of glass DevOps Intelligence affords in your hybrid IT estate.
GitHub provides version control through an open-source distributed version control system, which enables your entire codebase and history to be available to every developer and allows for easy branching and merging.
DevOps Intelligence supports your use of GitHub and GitHub Enterprise. This topic describes the configuration requirements for both tools. For DevOps Intelligence to pull data from GitHub, you must configure a GitHub account.

Integration of GitHub with DevOps Intelligence

The process for onboarding GitHub comprises the following steps, each of which is a multistep procedure:
  1. Create a Personal Access Token.
  2. Create a connection.
  3. Configure the application.
  4. Onboard the GitHub technical service.

Create a GitHub token

The Application requires the following information for GitHub:
Name:
 Local account name. It could be any string and is used only for reference.
  • User:
     Username for GitHub. Generally, the e-mail ID with which the user logged in to GitHub.
  • Token:
     Personal access token. The personal access token requires permissions within the following recommended scopes:
The application also requires to set up permissions:
  1. On GitHub, navigate to the main page of the repository.
  2. Under your repository name, select
    Settings
    Developer settings
    Personal Access Tokens
    Generate new token
    .

Create a GitHub Enterprise token

The Application requires the following information for GitHub Enterprise:
  • Name:
     Local account name. It could be any string and is used only for reference.
  • Host:
     Git API URL of the Git Host. eg, API URL will take the form https://github.domain.com.
  • User:
     Username for GitHub Enterprise. Generally, the e-mail ID with which the user logged in to GitHub Enterprise.
  • Token:
     Personal access token. The personal access token requires permissions within the following scopes:
The Application also requires the following GitHub Enterprise credentials:

Create a connection

Before GitHub and DevOps Intelligence can exchange information, you must establish a connection between the two services. Use the following procedure:
  1. Click on App Manager → IAM → Connections → Add New → Add connection.
  2. Choose Content Provider as GitHub.
  3. Provide a local account name for reference.
  4. Add the Host Git API URL of the Git Host (e.g., https://github.test.net).
  5. Enter your GitHub account user name.
  6. Enter the token you created in the Create a Token section.
  • If you are using a Proxy Adapter, provide the ProxyID UUID. A proxy adapter is necessary when you want to access a service or system with a different interface than your application expects
  • When Sync is enabled, all organizations and repositories accessible to the user will be synced.
  • When Archive is enabled, the connection is archived for future use.

Secure alert synchronization

  • Pre-requisites
    • GitHub personal access token.
    • Token user needs to have secure alert access enabled.
For DevOps Intelligence  to pull data from GitHub and GitHub enterprise, you must provide the following permissions:
Repository permissions:
  • On GitHub, navigate to the main page of the repository.
  • Under your repository name, select Settings.
  • In the "Security" section of the sidebar, select Code security and analysis.
  • Under "Access to alerts", in the search field, start typing the name of the person or team you'd like to find, then select a name in the list of matches.
  • Select Save changes.
Only one user credential can be used to pull information at a single time for a specific application. This avoids reaching the IP rate limit.
For more information regarding DevOps Intelligence Secure alerts see: Secure alerts dashboard.
For the GitHub Enterprise account: If the administrator has set a limit on API calls, DevOps Intelligence optimizes its process of fetching data and will take around 1000 calls each hour. This is to make sure no other tasks using the credentials are hampered. Once the limit is exceeded we see a message depicting the same on
sync
 page of GitHub.

Configuring DevOps Intelligence for GitHub, recent customers

This procedure is valid only for customers onboarded 6 June, 2024 or after. Procedures for legacy customers are provided in the subsequent section Configure DevOps Intelligence for GitHub, legacy customers.
Configuring customers for GitHub varies with the DevOps phase. The following phases require distinct configuration:
  • Plan
  • Develop
  • Secure
You must then onboard the technical service. Use the following procedures.
Plan
  1. Navigate to DevOps Intelligence →
    Settings & Utilities
    Application Configurations
    .
  2. Select an existing application or create a new application.
  3. Navigate to
    Add Tools
    .
  4. Select the phase as
    Plan
    .
  5. Click
    Add Tool Configuration
    .
  6. For
    Tool engine
    , select
    GitHub
    .
  7. Complete the configurations, categorized in the four tabs:
    Release
    ,
    Work Item Format
    ,
    Bug Formats
    ,
    Bug Severity
    .
  8. Click
    Add Configuration
    .
Develop
  1. Navigate to DevOps Intelligence →
    Settings & Utilities
    Application Configurations
    .
  2. Select an existing application or create a new application.
  3. Navigate to
    Add Tools
    .
  4. Select the phase as
    Develop
    .
  5. Click
    Add Tool Configuration
    .
  6. For
    Tool engine
    , select
    GitHub
    .
  7. Select the pull request states.
  8. Click
    Add Configuration
    .
Secure
  1. Navigate to DevOps Intelligence →
    Settings & Utilities
    Application Configurations
    .
  2. Select an existing application or create a new application.
  3. Navigate to
    Add Tools
    .
  4. Select the phase as
    Secure
    .
  5. Click
    Add Tool Configuration
    .
  6. Select the Secure Categories as
    Secure Alerts
    .
  7. For
    Tool engine
    , select
    GitHub
    .
  8. Fill the configurations, categorized into two tabs (
    Severity
     and
    State
    ).
  9. Click
    Add Configuration
    .
GitHub's dependabot alert is used in Secure phase, Secure Alerts category.
Onboard the technical service
You must now onboard the technical service. Use the following procedure:
  1. Navigate to DevOps Intelligence →
    Settings & Utilities
    Application Configurations
    .
  2. Click on Overflow menu for the chosen application and click on
    Onboard Technical Service
    .
  3. Select the phase for which you want to configure GitHub. The page displays only the phases for which this tools has been configured for the application.
  4. Select the tool engine as GitHub.
  5. For
    Connection
    : Select the appropriate connection name from the drop down.
DevOps Intelligence supports the following types of GitHub tracking:
  • Organization
  • Repository
  • Non-Organization(Independent) Repositories
Use the following procedures:
Organization Tracking
To track Organizational data, use the following procedure:
  1. Select Tracking Type
    Organization
    .
  2. Select the appropriate organization.
  3. Click
    Onboard
     to onboard the technical service.
Repository Tracking
To track Organizational data, use the following procedure:
  1. Select Tracking Type -
    Organization
     and
    Repository
    .
  2. Select the appropriate organization.
  3. Select the appropriate repository.
  4. Click
    Onboard
     to onboard the technical service.
In case of github enterprise accounts, if the administrator has set a limit on API calls, Devops Intelligence will optimize its process of fetching data and will execute approximately 1000 calls each hour. This is to make sure no other task using the credentials are hampered. Once the limit is exceeded DevOps Intelligence display a message on the GitHub
sync
 page.
Non-Organization (Independent) Repositories
To track non-organization repositories, use the following procedure:
  1. Select Tracking Type -
    Repository
    . (Optional)
  2. Select the appropriate repository.
  3. Click
    Onboard
     to onboard the technical service.
Deleting the Technical Service
Use the following procedure to delete the technical service:
  1. Navigate to DevOps Intelligence →
    Settings & Utilities
    Application Configurations
    .
  2. Expand the application to see all the associated phases.
  3. Click on Overflow menu against the phase and click on
    Delete Technical Service
    .

Configure Devops Intelligence for GitHub, legacy customers

This procedure is valid only for customers onboarded before 6 June 2024. Procedures for recent customers are provided in the subsequent section Configure DevOps Intelligence for Git, legacy customers.
DevOps Intelligence supports Organization level tracking and Repository level tracking. The configuration process varies for each type of tracking.
Organization level tracking
  1. Navigate to DevOps Intelligence →
    Settings & Utilities
    Tools Configuration
    Add Configuration
    .
  2. For
    Tool engine
    , select
    GitHub.
  3. For
    Connection
    select the appropriate connection name.
    For
    Tracking Type
    , select
    Organization
    .
  4. For Organization, select any organization to be tracked.
  5. Click configure.
Additional configurations are supported:
  • Configure release format: Release can be identified by the pattern generated from two fields,
    prefix
     and
    variable
    .
  • Severity of defects: Sev 1, Sev 2, Sev 3 and Sev 4 are terminologies used in DevOps Intelligence dashboards. Using these severity levels, the user is allowed to provide mapping for endpoint Severity Values. For example, any value provided under the "Severity: Sev 1" category, will be considered as "Sev 1" while displaying the values on the dashboard.
Tracking Non-Organization(Independent) Repositories
Use the following procedure to configure GitHub for repositories:
  1. Navigate to DevOps Intelligence →
    Settings & Utilities
    Tools Configuration
    Add Configuration
    .
  2. For
    Tool engine
    , select GitHub.
  3. For
    Connection
    , select the appropriate connection name.
  4. For
    Type
    , select Repository and Organisation. This selection is
    not
     required.
  5. For Repository select any repo you want to track.
  6. Click configure.
Additional configurations are supported:
  • Configure release format - Release is being identified by the pattern generated from two fields,
    prefix
     and
    variable
    .
  • Severity of defects: Sev 1, Sev 2, Sev 3 and Sev 4 are terminologies used in DevOps Intelligence dashboards. Using these severity levels, the user is allowed to provide mapping for endpoint Severity Values. For example, any value provided under the "Severity: Sev 1" category, will be considered as "Sev 1" while displaying the values on the dashboard.
Do you have two minutes for a quick survey?
Take Survey