Cloud Services

DevOps Intelligence

GitHub and GitHub Enterprise configuration
Published On Aug 27, 2024 - 10:12 AM

GitHub and GitHub Enterprise configuration

Store and manage code and track and control changes to it with the GitHub website and cloud-based service.
GitHub provides version control through an open-source distributed version control system, which enables your entire codebase and history to be available to every developer and allows for easy branching and merging.
DevOps Intelligence supports your use of GitHub and GitHub Enterprise. This topic describes the configuration requirements for both tools. For DevOps Intelligence to pull data from GitHub, you must configure a GitHub account.

GitHub

The Application requires the following information for GitHub:
Name:
 Local account name. It could be any string and is used only for reference.
  • User:
     Username for GitHub. Generally, the e-mail ID with which the user logged in to GitHub.
  • Token:
     Personal access token. The personal access token requires permissions within the following recommended scopes:
The application also requires to set up permissions:
  1. On GitHub, navigate to the main page of the repository.
  2. Under your repository name, select
    Settings
    .
  3. In the
    Security
     section of the sidebar, select
    Code security and analysis.
  4. Under
    Access to alerts
    , in the search field, start typing the name of the person or team you'd like to find, then select a name in the list of matches.
  5. Select
    Save
     changes.

GitHub Enterprise

The Application requires the following information for GitHub Enterprise:
  • Name:
     Local account name. It could be any string and is used only for reference.
  • Host:
     Git API URL of the Git Host. eg, API URL will take the form https://github.domain.com.
  • User:
     Username for GitHub Enterprise. Generally, the e-mail ID with which the user logged in to GitHub Enterprise.
  • Token:
     Personal access token. The personal access token requires permissions within the following scopes:
The Application also requires the following GitHub Enterprise credentials:
For adding connection
Select
Admin
 ->
IAM
 ->
Connections
 ->
Add new
 button.
Select
Add Connection
 option.
The connection will look similar to the following image:

Secure alert synchronization

  • Pre-requisites
    • GitHub personal access token.
    • Token user needs to have secure alert access enabled.
For DevOps Intelligence  to pull data from GitHub and GitHub enterprise, you must provide the following permissions:
Repository permissions:
  • On GitHub, navigate to the main page of the repository.
  • Under your repository name, select Settings.
  • In the "Security" section of the sidebar, select Code security and analysis.
  • Under "Access to alerts", in the search field, start typing the name of the person or team you'd like to find, then select a name in the list of matches.
  • Select Save changes.
Only one user credential can be used to pull information at a single time for a specific application. This avoids reaching the IP rate limit.
For more information regarding DevOps Intelligence Secure alerts see: Secure alerts dashboard.
For the GitHub Enterprise account: If the administrator has set a limit on API calls, DevOps Intelligence optimizes its process of fetching data and will take around 1000 calls each hour. This is to make sure no other tasks using the credentials are hampered. Once the limit is exceeded we see a message depicting the same on
sync
 page of GitHub.

Repository level tracking

For this type of tracking, some selections have to be made in the system, as described in the following list:
  • Account:
     Refers to the account through which the tracking is to be done.
  • Select Tracking Type:
     User must select
    Repository
     for Repo level tracking.
  • Search Organization:
     By selecting here, a list of all organizations for the selected account but not tracked by the Application. Select any organization to be tracked and click
    Configure
    . Select any organization you want to track and click
    Configure
    .
  • Search Repository:
     By selecting here, a list will be displayed with all the repositories that are part of the selected organization but not tracked. Select any repository you want to track and click
    Configure
    .
In the case of GitHub Enterprise accounts - If the administrator has set a limit on API calls, DevOps Intelligence optimizes its process of fetching data and will take around 1000 calls each hour. This is to make sure no other tasks using the credentials are hampered. Once the limit is exceeded we see a message depicting the same on the sync page of GitHub.
Sync
The Sync feature scans current data for visibility after configuring credentials and provides a time estimation of the sync, delete, and pulled intervals. The sync is performed based on the current environment priority. For more details, see your Delivery representative.
Sync Status
The Sync Status section will display the status of the data retrieved after SonarQube is configured.
  • Connection: Displays the local connected tool name for the sync.
  • Active sync: Shows the active status of a sync.
  • Records Processed: Displays the number of records processed
  • Duration: Shows the amount of time taken to perform a sync.
  • Last Run: Displays the last Sync run.
  • Status: Current sync status information.
Sync Details
The Sync Details section displays the record details of each account selected.
  • Record name: Displays the name of the record selected
  • Active sync: Shows the active status of a sync.
  • Records Processed: Displays the number of records processed
  • Duration: Shows the amount of time taken to perform a sync.
  • Last Run: Displays the last Sync run.
  • Status: Current sync status information.
For more details, see your Delivery representative.
Repository level trackingFor this type of tracking, certain selections have to be made in the system, as follows:
  • Account: Refers to the account through which the tracking will be done.
  • Select Workspace for Bitbucket cloud: By clicking here, a list will display showing all the workspaces that the account above selected is a part of. Select any workspace to get the list of projects and repos in it.
  • Select Tracking Type: Select
    Repository
     for Repo level tracking.
  • Search Project: By clicking here, a list will display with all the projects the account selected is a part of, yet DevOps Intelligence still does not track it. Select a project whose repo is to be tracked.
  • Search Repository: By clicking here, a list will display all the repos that are part of the selected project and are still not tracked. Then, select any repo that needs to be tracked and select
    Configure
    .
If the configuration is successful, then the application presents a window containing a table of configuration details.
The Sync Feature scans current data for visibility after configuring credentials periodically. The intervals are set as follows:
  • The account Sync Interval is set to 5 minutes: Refresh current data.
  • The account Delete Interval is set to 7 minutes: All deleted accounts updated.
  • The history pulled Interval is set to 180 days: Data history.
For more details, see your Delivery representative.
Release terminology in service configuration
This section outlines the terminology and format used for managing releases and severity levels in service configurations. It details the structure of release names, patterns for identifying releases, and categorizing severity levels. The content also includes examples and summary tables for quick reference.
Release Format
  1. prefix
     signifies the starting sequence of characters for releases, with the default value being
    release-
    .
  2. variable
     signifies the starting sequence of characters for releases, with the default value being empty.
  3. By default, the release format is all starting with the
    release-
    .
  4. When
    syncAll
     enables, or in older service configurations, the system uses the default release format.
  5. The release format is applicable to identify the release names in issues and the release branches.
Examples of the patterns identified with the given prefix and variable
Using the specified prefix and variable, the system can match various release patterns. For instance:
  1. For
    User Story
     fixed release is in which the User Story is done.
  2. For
    Bug
     fixed release is in which the Bug is Fixed and can be multiple since fixes can be cherrypicked.
  3. By default For Azure Boards, fixed release is identified from the
    Iteration Path
     which follows just the release format.
Found Releases
  1. For
    Bug
     found release is in which the Bug is Found, and can be multiple since bugs can be found in old releases.
  2. By default Azure Boards found release is identified from the
    Tags
     which follows the
    found_
     + release formatSummary Table For Default Releases
Severity terminology in service configuration
  1. The severity data from the source is mapped to the specific categories as
    severity1
    ,
    severity2
    ,
    severity3
    ,
    severity4
    .
  2. By default, severity data is identified from
    Severity
    .Summary Table for Default Severity With Example
Do you have two minutes for a quick survey?
Take Survey