GitHub Repository

Out-of-the-box Source Code Repository Connection

Introduction

The LeanIX VSM GitHub Repository integration offers the automated out-of-the-box creation and updating of LeanIX Software Artifact Fact Sheets. In this way, we provide repository information that can be linked to Software Artifacts to understand which Software Artifact are owned by which Teams. The integration also provides Software Artifact portfolio view that allows everyone in the organization to find the right Software Artifacts and know what Teams are owning them. VSM is focused on the high-level information of Repos.

Integrate with GitHub to:

  • bring in repo data as Software Artifacts
  • augment your Software Artifacts with relations to owning teams and also used technologies

Setup

The GitHub repository connector works with Integration Hub to scan the GitHub organisation data, process it to LDIF and automatically trigger an inbound Integration API processor.

📘

Activating the integration

Please reach out to your CSE/M to have the integration activated in your workspace.

Installation

This integration doesn't require any installation of a plugin-in, as the Integration Hub handles the entire integration.

Configuration

  1. In your VSM workspace go to 'Administration > Integration Hub'
  2. Create a new data source by clicking on 'New Data source'
  3. Enter the following details:
    i. Connector Name: 'vsm-github-connector'
    ii. Data source name: any name to identify the data source.
  1. Enter the following attributes in the connector template:

orgName” - The name of the organization in GitHub. Repositories of this organization are scoped for scanning.
To see the names of your managed organizations, follow these instructions:
github.com - your organization dashboard

  1. ghToken” - Personal access token should be generated with the following permissions:

(For more information on GitHub Tokens, use this link: docs.github.com - Creating a personal access token)

📘

Authorizing for Single Sign On

If your Github Organization requires Single-Sign-On, then you will also need to authorize the token for single-sign-on

Authorizing for organizations with SSOAuthorizing for organizations with SSO

Authorizing for organizations with SSO

  1. "repoNamesExcludeList" - Array of repositories (supports regex match) to identify repositories names whichshould not be included in the scanning result. (e.g.: ["allThatIncludeThisSubstring", "^start-with", "end-with$"])

  2. Your configuration should look like the image below. Click "Run" to start

📘

Sync Logging

Open "Sync Logging" tab to get understand the progress of your current integration run. Sync Logging also provides information on previous integration runs

Scheduling your integration

The connector runs on a daily schedule by default. You can set a different schedule for the integration to run on if needed. Following steps are required:

  1. In the connector configuration window click on 'Schedule'and select from the below options:
  1. The connector JSON should now contain an attribute 'scheduling' and look similar to:
{
    "connectorConfiguration": {
        "orgName": "leanix",
        "repoNamesExcludeList": ["ansible"]
    },
    "secretsConfiguration": {
        "ghToken": "********"
    },
    "bindingKey": {
        "connectorType": "leanix-vsm-connector",
        "connectorId": "leanix-github-repository-connector",
        "connectorVersion": "1.0.0",
        "processingDirection": "inbound",
        "processingMode": "full",
        "lxVersion": "1.0.0"
    },
    "scheduling": {
        "active": false,
        "cronPattern": "0 0 23 * * *"
    }
}

Synchronized Data

Below you find how objects fetched from Github are translated into LeanIX Factsheets and attributes on them.

Github Data Object

LeanIX VSM

Repository name

Software Artifact Fact Sheet under Microservice category
(name = external Id reference)

Top 3 (based on frequency of commits in the last 30 days) source code contributors are added as 'Responsible' subscriptions to the respective Software Artifact Fact Sheet.

Team entity

Team Fact Sheet
(name = external Id reference)

Team entity added to a repository

Relation between Software Artifact and Team Fact Sheet.

Languages of a repository

Technology Fact Sheet
(name of language = external Id reference)

Technology Fact Sheet is related to the Software Artifacts where the language is used. Ex: Java, C++, JS etc..

The size of code (in kilo bytes) written in the respective language are mapped on the relation.

Topics

All topics are mapped as LeanIX tags of the tag group GitHub Topics by default.

📘

Topics

Topics are a great way to pass custom data to your VSM workspace. We will add more mapping functionality based on topics to this connector. Today you can already use topics to map your data into VSM by leveraging the integration API and custom data mappings. Find out more in the section below on customization.

Customization

Integration also supports Integration API execution groups via Integration Hub to enable users to add custom processors. To process the data correctly, you need to add a custom processor set.

Sample data source configuration with execution groupSample data source configuration with execution group

Sample data source configuration with execution group

Unique execution group name for the integration is vsmGitHubInbound

The integration API will pick up your processors and merge them with the base processors at execution time. Make sure to set the Integration API run number accordingly.

For more information on the execution groups visit: https://docs.leanix.net/docs/integration-api#section-grouped-execution-of-multiple-integration-api-configurations


Did this page help you?