Learn how to configure DevOps Intelligence for the integration of GitHub to broaden the observability of your hybrid IT estate.
GitHub provides version control through an open-source distributed version control system, which enables your entire codebase and history to be available to every developer and allows for easy branching and merging.
DevOps Intelligence supports your use of GitHub and GitHub Enterprise. This topic describes the configuration requirements for both tools. For DevOps Intelligence to pull data from GitHub, you must configure a GitHub account.
Integration of GitHub with DevOps Intelligence
The process for onboarding GitHub comprises the following steps, each of which is a multistep procedure:
Create a Personal Access Token.
Create a connection.
Configure the application.
Onboard the GitHub technical service.
Create a GitHub token
The Application requires the following information for GitHub:
Name:
Local account name. It could be any string and is used only for reference.
User:
Username for GitHub. Generally, the e-mail ID with which the user logged in to GitHub.
Token:
Personal access token. The personal access token requires permissions within the following recommended scopes:
The application also requires to set up permissions:
On GitHub, navigate to the main page of the repository.
Under your repository name, select
Settings
→
Developer settings
→
Personal Access Tokens
→
Generate new token
.
Create a GitHub Enterprise token
The Application requires the following information for GitHub Enterprise:
Name:
Local account name. It could be any string and is used only for reference.
Before GitHub and DevOps Intelligence can exchange information, you must establish a connection between the two services. Use the following procedure:
Click on App Manager → IAM → Connections → Add New → Add connection.
Choose Content Provider as GitHub.
Provide a local account name for reference.
Add the Host Git API URL of the Git Host (e.g., https://github.test.net).
Enter your GitHub account user name.
Enter the token you created in the Create a Token section.
If you are using a Proxy Adapter, provide the ProxyID UUID. A proxy adapter is necessary when you want to access a service or system with a different interface than your application expects
When Sync is enabled, all organizations and repositories accessible to the user will be synced.
When Archive is enabled, the connection is archived for future use.
Secure alert synchronization
Pre-requisites
GitHub personal access token.
Token user needs to have secure alert access enabled.
For DevOps Intelligence to pull data from GitHub and GitHub enterprise, you must provide the following permissions:
Repository permissions:
On GitHub, navigate to the main page of the repository.
Under your repository name, select Settings.
In the "Security" section of the sidebar, select Code security and analysis.
Under "Access to alerts", in the search field, start typing the name of the person or team you'd like to find, then select a name in the list of matches.
Select Save changes.
Only one user credential can be used to pull information at a single time for a specific application. This avoids reaching the IP rate limit.
For more information regarding DevOps Intelligence Secure alerts see: Secure alerts dashboard.
For the GitHub Enterprise account: If the administrator has set a limit on API calls, DevOps Intelligence optimizes its process of fetching data and will take around 1000 calls each hour. This is to make sure no other tasks using the credentials are hampered. Once the limit is exceeded we see a message depicting the same on
sync
page of GitHub.
Configuring DevOps Intelligence for GitHub, recent customers
This procedure is valid only for customers onboarded 6 June, 2024 or after. Procedures for legacy customers are provided in the subsequent section Configure DevOps Intelligence for GitHub, legacy customers.
Configuring customers for GitHub varies with the DevOps phase. The following phases require distinct configuration:
Plan
Develop
Secure
You must then onboard the technical service. Use the following procedures.
Plan
Navigate to DevOps Intelligence →
Settings & Utilities
→
Application Configurations
.
Select an existing application or create a new application.
Navigate to
Add Tools
.
Select the phase as
Plan
.
Click
Add Tool Configuration
.
For
Tool engine
, select
GitHub
.
Complete the configurations, categorized in the four tabs:
Release
,
Work Item Format
,
Bug Formats
,
Bug Severity
.
Click
Add Configuration
.
Develop
Navigate to DevOps Intelligence →
Settings & Utilities
→
Application Configurations
.
Select an existing application or create a new application.
Navigate to
Add Tools
.
Select the phase as
Develop
.
Click
Add Tool Configuration
.
For
Tool engine
, select
GitHub
.
Select the pull request states.
Click
Add Configuration
.
Secure
Navigate to DevOps Intelligence →
Settings & Utilities
→
Application Configurations
.
Select an existing application or create a new application.
Navigate to
Add Tools
.
Select the phase as
Secure
.
Click
Add Tool Configuration
.
Select the Secure Categories as
Secure Alerts
.
For
Tool engine
, select
GitHub
.
Fill the configurations, categorized into two tabs (
Severity
and
State
).
Click
Add Configuration
.
GitHub's dependabot alert is used in Secure phase, Secure Alerts category.
Onboard the technical service
You must now onboard the technical service. Use the following procedure:
Navigate to DevOps Intelligence →
Settings & Utilities
→
Application Configurations
.
Click on Overflow menu for the chosen application and click on
Onboard Technical Service
.
Select the phase for which you want to configure GitHub. The page displays only the phases for which this tools has been configured for the application.
Select the tool engine as GitHub.
For
Connection
: Select the appropriate connection name from the drop down.
DevOps Intelligence supports the following types of GitHub tracking:
Organization
Repository
Non-Organization(Independent) Repositories
Use the following procedures:
Organization Tracking
To track Organizational data, use the following procedure:
Select Tracking Type
Organization
.
Select the appropriate organization.
Click
Onboard
to onboard the technical service.
Repository Tracking
To track Organizational data, use the following procedure:
Select Tracking Type -
Organization
and
Repository
.
Select the appropriate organization.
Select the appropriate repository.
Click
Onboard
to onboard the technical service.
In case of github enterprise accounts, if the administrator has set a limit on API calls, Devops Intelligence will optimize its process of fetching data and will execute approximately 1000 calls each hour. This is to make sure no other task using the credentials are hampered. Once the limit is exceeded DevOps Intelligence display a message on the GitHub
sync
page.
Non-Organization (Independent) Repositories
To track non-organization repositories, use the following procedure:
Select Tracking Type -
Repository
. (Optional)
Select the appropriate repository.
Click
Onboard
to onboard the technical service.
Deleting the Technical Service
Use the following procedure to delete the technical service:
Navigate to DevOps Intelligence →
Settings & Utilities
→
Application Configurations
.
Expand the application to see all the associated phases.
Click on Overflow menu against the phase and click on
Delete Technical Service
.
Configure Devops Intelligence for GitHub, legacy customers
This procedure is valid only for customers onboarded before 6 June 2024. Procedures for recent customers are provided in the subsequent section Configure DevOps Intelligence for Git, legacy customers.
DevOps Intelligence supports Organization level tracking and Repository level tracking. The configuration process varies for each type of tracking.
Organization level tracking
Navigate to DevOps Intelligence →
Settings & Utilities
→
Tools Configuration
→
Add Configuration
.
For
Tool engine
, select
GitHub.
For
Connection
select the appropriate connection name.
For
Tracking Type
, select
Organization
.
For Organization, select any organization to be tracked.
Click configure.
Additional configurations are supported:
Configure release format: Release can be identified by the pattern generated from two fields,
prefix
and
variable
.
Severity of defects: Sev 1, Sev 2, Sev 3 and Sev 4 are terminologies used in DevOps Intelligence dashboards. Using these severity levels, the user is allowed to provide mapping for endpoint Severity Values. For example, any value provided under the "Severity: Sev 1" category, will be considered as "Sev 1" while displaying the values on the dashboard.
Use the following procedure to configure GitHub for repositories:
Navigate to DevOps Intelligence →
Settings & Utilities
→
Tools Configuration
→
Add Configuration
.
For
Tool engine
, select GitHub.
For
Connection
, select the appropriate connection name.
For
Type
, select Repository and Organisation. This selection is
not
required.
For Repository select any repo you want to track.
Click configure.
Additional configurations are supported:
Configure release format - Release is being identified by the pattern generated from two fields,
prefix
and
variable
.
Severity of defects: Sev 1, Sev 2, Sev 3 and Sev 4 are terminologies used in DevOps Intelligence dashboards. Using these severity levels, the user is allowed to provide mapping for endpoint Severity Values. For example, any value provided under the "Severity: Sev 1" category, will be considered as "Sev 1" while displaying the values on the dashboard.