Integrate with GitHub to perform checks against your repositories and define services through config-as-code with opslevel.yml.
OpsLevel supports two methods to authenticate our GitHub integration:
- OpsLevel's GitHub App (recommended for SaaS GitHub)
- Personal Access Tokens (recommended when OpsLevel or GitHub is Self-Hosted)
Where possible, we recommend using our GitHub App integration for its simplicity and built-in rotation of secrets. Integrating with a Personal Access Token still provides a secure way to access valuable GitHub information in OpsLevel and works best when OpsLevel's GitHub App is unavailable in your GitHub distribution or you are using a Self-Hosted OpsLevel account.
Authenticating with OpsLevel's GitHub App
Add a GitHub integration in OpsLevel
Integrating with OpsLevel's GitHub App does not require any direct setup within GitHub. To get started, follow these steps:
- In the OpsLevel app, click Integrations in the left sidebar.
- Click on the + New Integration button.
- Click the GitHub integration card.
- In the modal, choose the GitHub App option
- Follow the instructions within GitHub to install the OpsLevel GitHub App.
Integrating Multiple Organizations: If you have already integrated an organization for your GitHub instance and want to integrate another one, follow the steps above to add the integration in OpsLevel. Each integration is associated with a separate organization and GitHub will track which organizations have already been connected.
Authenticating with a Personal Access Token
Set up a Personal Access Token in GitHub
In order to integrate GitHub with OpsLevel using a Personal Access Token, you'll need to configure a Personal Access Token within GitHub.
Note: OpsLevel expects classic GitHub Personal Access Tokens, rather than Fine-grained tokens.
- Enter a Note for your Personal Access Token, such as "OpsLevel Integration"
- Choose the Expiration period that is right for your use case.
Note: OpsLevel will allow you to replace the token in the Integration configuration after the integration is created.
- The integration requires several scopes (refer to the screenshots below for more details):
- Once the scopes and expiration are configured, save the configuration and copy the token for use later.
Note: the token will not be recoverable, so ensure that you store it in a lasting, secure location.
- Ensure that the user that owns the Personal Access Token has
adminaccess for each repository that you want OpsLevel to work with. This is because OpsLevel maintains webhooks for each repository.
Using PATs with GitHub Organizations that require SAML Single Sign-On
To use a personal access token (classic) with an organization that uses SAML single sign-on (SSO), you must first authorize the token. For instructions, view GitHub's guide to Authorizing a personal access token for use with SAML single sign-on.
Add a GitHub integration in OpsLevel
Once you have the PAT from GitHub, you will be able to integrate your OpsLevel account with your GitHub instance by:
- In the OpsLevel app, clicking Integrations in the left sidebar.
- Clicking on the + New Integration button.
- Clicking the GitHub integration card.
- In the modal, choose the Personal Access Token option
- When prompted, enter the Access Token from the PAT that was created in GitHub and the publicly routable URL to your GitHub instance for the Base URL.
- Press the Next button.
- You will then be prompted to choose a GitHub organization or group of personal repositories to integrate into OpsLevel.
- Select one and press Submit
Integrating Multiple Organizations: If you have already integrated an organization for your GitHub instance and want to integrate another one, follow the steps above to add the integration in OpsLevel. Each integration is associated with a separate organization and OpsLevel will track which organizations have already been integrated.
If you have any questions or feedback, let us know at [email protected].
Updated 7 days ago