GitHub

Overview

Set up the GitHub integration to configure GitHub Apps and GitHub Actions, secure access for your repositories, and collect advanced telemetry (such as audit logs, vulnerability reports, secret scanning, and repository statistics).

The Repository Configuration tab on the GitHub integration tile

You can use the Datadog source code integration to see code snippets in your stack traces, link stack traces to source code in GitHub for your Lambda functions, show test result summaries from pull request comments in CI Visibility, and access multiple service definitions in GitHub from the Service Catalog.

Setup

Follow these instructions to install GitHub Apps and grant permissions to Datadog. Depending on the permissions granted, you can set up the source code integration, see code snippets in stack traces, view collected telemetry such as audit logs, access GitHub Actions in CI Visibility, and more.

If you are an admin in your GitHub organization, you can configure GitHub Apps.

  1. In the GitHub integration tile, navigate to the Repo Configuration tab.

  2. Click Link GitHub Account to create a new GitHub App.

  3. In Configure, either select Organization and enter a name for your organization, or select Personal Account.

    Optionally, specify the URL of your GitHub Enterprise Server instance (version 2.22 or above) and ensure Datadog servers can connect to your Enterprise instance. Server IPs are available in the Webhooks section of IP Ranges.

  4. In Edit Permissions, enable Datadog read permissions for issues, pull requests, and contents. You must select at least one permission.

  5. Click Create App in GitHub, then you are prompted to enter a GitHub App name in GitHub.

  6. Enter a name in the GitHub App name field and click Create GitHub App.

  7. In the Configuration tab, click Install GitHub App and Install & Authorize.

Your GitHub App displays in the integration tile. To enable inline code snippets in stack traces, see Setting Up Source Code Integration.

Notebooks

If you have granted your GitHub App read permissions for issues and pull requests, GitHub issues and pull requests automatically generate a preview hoverbox with details including the commit history, author, and date in Notebooks.

Links to Git
  1. Navigate to Notebooks > New Notebook.
  2. Add a Text cell and mention an issue or pull request on GitHub in the Edit field, for example: https://github.com/project/repository/pull/#.
  3. Click Done, then the GitHub icon appears next to your linked issue or pull request.
  4. Click Connect to Preview and Authorize.
  5. Hover over the linked issue or pull request to see the description preview.

Audit Logs

Audit logs encompass all activities and events across a GitHub organization. Upon an application’s installation, allow for Organization Administration permissions to have read access. This enables the application to begin collecting GitHub’s audit stream as logs on behalf of the GitHub organization.

To opt-out of collecting Audit Logs, find the corresponding organization in the Telemetery tab on the GitHub integration tile, click the toggle for Audit Log collection, and click Update Account.

For more information about Audit Logs, see the GitHub documentation for Audit log actions and Setting up streaming to Datadog.

Data Collected

Metrics

The GitHub integration collects Code Scan Alert and Secret Scan Alert metrics. These metrics provide an overview of the organization’s Alert state by categorizing their state, repo, and secret type. They also provide long-term insights on Alert trends and their general progress.

github.code_scan_alert
(gauge)		Github Code Scan Alerts
Shown as alert
github.secret_scan_alert
(gauge)		Github Secret Scan Alerts
Shown as alert

To start collecting these metrics, select the respective permissions for read access upon the application’s installation. To opt-out of Code Scan or Secret Scan metrics, find the corresponding organization in the Telemetery tab on the integration tile, click the toggle for the respective sections, and click Update Account.

Events

Follow these instructions to configure webhooks in GitHub and Datadog, allowing events to appear in the Events Explorer.

Add a webhook in GitHub

  1. In your GitHub project, navigate to Settings > Webhooks.

  2. Click Add webhook.

  3. Add the following URL in the Payload URL field: https:///intake/webhook/github?api_key=<DATADOG_API_KEY>. Don’t forget to replace <DATADOG_API_KEY> with your Datadog API Key.

  4. Select application/json in the Content type dropdown menu.

  5. Optionally, add a secret in the Secret field.

  6. In the Which events would you like to trigger this webhook? section, click Let me select individual events. and select from the following supported options to send events to Datadog:

    Event Name
    Pushes
    Branch or tag creation
    Pull requests
    Issues
    Issue comments
    Commit comments
    Pull request review comments
    Repositories
    Security and analyses
    Team adds

  7. Select Active to receive event details when the hook is triggered.

  8. Click Add webhook to save the webhook.

Add a webhook in Datadog

  1. In the GitHub integration tile, navigate to the Webhooks tab.

  2. Specify the repositories and branches you want to monitor for each repository. To add all repositories for a user or organization, use wildcards (*). You can use wildcards on branch names. For example, dev-* includes all branches starting with dev-.

    To gather all events related to the master branch of the DataDog/documentation GitHub repository, you can enter DataDog/documentation in the Repository field and master in the Branches field.

    If you wanted to gather all events related to all master branches from the DataDog organization, enter DataDog/* in the Repository field and master in the Branches field.

  3. Click the checkboxes for Commits and Issues to be alerted of these events.

  4. Click Update Configuration to save the webhook configuration.

Once you have added webhooks in the Webhooks tab on the integration tile, events in the GitHub repositories you specified above start to appear in the Events Explorer. For more information, see the Events Explorer documentation.

To filter events coming from GitHub, select Github in the Source facet menu under Core, or enter source:github in the search query. The bar chart of events automatically updates as you edit the search query.

Service Checks

The GitHub integration does not include any service checks.

Troubleshooting

Need help? Contact Datadog support.

Further Reading

Additional helpful documentation, links, and articles:

Collect GitHub audit logs and scanning alerts with DatadogBLOG more more Use Datadog's GitHub and source code integrations to streamline troubleshootingBLOG more more Learn about the Datadog Source Code IntegrationDOCUMENTATION more more Learn how to use the GitHub integration in the Service CatalogDOCUMENTATION more more Learn how to use the GitHub integration in Serverless MonitoringDOCUMENTATION more more