--- title: Gating your GitHub Actions Deployments with Datadog Monitors description: >- Learn how to use Datadog monitors to perform quality checks prior to deploying your GitHub applications. breadcrumbs: >- Docs > Monitors > Monitor Guides > Gating your GitHub Actions Deployments with Datadog Monitors --- # Gating your GitHub Actions Deployments with Datadog Monitors {% callout %} # Important note for users on the following Datadog sites: app.ddog-gov.com {% alert level="danger" %} This product is not supported for your selected [Datadog site](https://docs.datadoghq.com/getting_started/site). (). {% /alert %} {% /callout %} ## Overview{% #overview %} Datadog is an integration partner for [GitHub Actions Deployment Protection Rules](https://github.blog/2023-04-20-announcing-github-actions-deployment-protection-rules-now-in-public-beta/), which helps you ensure the delivery of high-quality applications to end customers. You can enforce quality gates on your GitHub Actions deployment workflows using Datadog monitors. These features are available for all Datadog customers on GitHub Enterprise Cloud, and they do not require usage of CI Visibility. ## Enable Deployment Protection Rules{% #enable-deployment-protection-rules %} In order to rely on Datadog for quality checks on application deployments, you must have the Deployment Protection Rules feature enabled for your application. ### Set up a new GitHub application in Datadog{% #set-up-a-new-github-application-in-datadog %} See [these instructions](https://docs.datadoghq.com/integrations/github/#link-a-repository-in-your-organization-or-personal-account) to create a GitHub application that is automatically connected to Datadog. Remember to check the box for **Deployment Protection Rules**. {% image source="https://datadog-docs.imgix.net/images/ci/github_gates_new_app.dfb6307b6410878a044cf0a3fa98f068.png?auto=format" alt="Datadog GitHub pull request comment preview" /%} If you already have a GitHub application set up and connected to Datadog, you can find a link to enable Deployment Protection Rules on the in-app [GitHub integration tile](https://docs.datadoghq.com/integrations/github/). {% image source="https://datadog-docs.imgix.net/images/ci/github_gates_existing_app.a3012fd3f6b01e5fbcaad5bb98d990f3.png?auto=format" alt="Datadog GitHub pull request comment preview" /%} ### Configure Deployment Protection Rules in GitHub{% #configure-deployment-protection-rules-in-github %} 1. Enable read and write permissions for Deployments. 1. Enable read permissions for Actions. 1. Under **Subscribe to events** in an application, click the checkbox for **Deployment protection rule**. 1. In a repository, click **Settings**. Under the **Code and Automation** section, click **Environments**. Under **Deployment Protection Rules**, enable the GitHub application that is linked with the Datadog integration. ## Create monitors to gate your deployments{% #create-monitors-to-gate-your-deployments %} Follow [these instructions](https://docs.datadoghq.com/monitors/configuration/?tab=thresholdalert) to create and configure a Datadog monitor to be used for GitHub Actions deployment gating. You can use multiple separate monitors for quality checks, but Datadog recommends using [composite monitors](https://docs.datadoghq.com/monitors/types/composite/) because they allow you to gate deployments based on two or more signals with one monitor. For more information, see [Monitor Types](https://docs.datadoghq.com/monitors/types/). Any monitors you plan to use for quality gating must be tagged properly with the following tags: - `git_env` - `git_repo` The `git_repo` tag must contain the repository owner name in the format `/`, such as `Datadog/my-repo`. When you run a workflow, GitHub Actions send a request to your Datadog monitor. Based on one of the evaluation results of the monitor listed below, Datadog sends a comment back to GitHub, which can be seen in GitHub under the **Comment** section for the associated event and environment within your workflow run. - If all monitors associated with your deployment (through environment and repo tags) are in the `OK` state, Datadog approves the deployment. - If any monitor associated with your deployment is not in `OK` state (in `ALERT`, `WARN`, or `NODATA`), Datadog rejects the deployment. ## Example quality checks{% #example-quality-checks %} ### Application performance{% #application-performance %} To ensure that your application's error rate and/or average latency are below certain thresholds prior to deployment, you can use [APM monitors](https://docs.datadoghq.com/monitors/types/apm/?tab=apmmetrics). ### Environment infrastructure health{% #environment-infrastructure-health %} To check your application or service's CPU and/or memory usage prior to deployment, use [integration](https://docs.datadoghq.com/monitors/types/integration/?tab=checkalert) and [metric monitors](https://docs.datadoghq.com/monitors/types/metric/?tab=threshold). ## Further reading{% #further-reading %} - [Monitor your GitHub Actions workflows with Datadog CI Visibility](https://www.datadoghq.com/blog/datadog-github-actions-ci-visibility/) - [Learn about the GitHub integration](https://docs.datadoghq.com/integrations/guide/source-code-integration) - [Enable test summaries on your GitHub pull requests](https://docs.datadoghq.com/continuous_integration/guides/pull_request_comments/) - [Detect failed quality checks with GitHub Deployment Protection Rules and Datadog](https://www.datadoghq.com/blog/datadog-github-deployment-protection-rules/)