GitHub integration with DevOps Change Velocity

  • Release version: Yokohama
  • Updated July 31, 2025
  • 3 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of GitHub integration with DevOps Change Velocity

    DevOps Change Velocity integrates with both GitHub and GitHub Enterprise to enhance Plan (Plans), Code (Repository), and Orchestration (Actions) capabilities. This integration enables discovery of repositories, plans, and pipeline definitions, along with real-time notifications to support change traceability and automation.

    Show full answer Show less

    Key Features

    • Connection and Discovery: Connect your GitHub instance to discover repositories, plans, and pipeline definitions automatically.
    • Configuration and Notifications: Configure Webhooks (push, issues, workflowjob) automatically in GitHub to receive real-time notifications for commits, work items, and pipelines, enabling effective change policies.
    • Permissions Requirements:
      • Read permission is required for repository discovery.
      • Admin permission is required to configure repositories and Webhooks.
      • Only selected repositories by organization owners can be discovered, even if public.
      • Repositories cannot be configured in more than one tool simultaneously to avoid conflicts.
    • Authentication Methods:
      • Basic Authentication: Allows use of GitHub marketplace custom actions but does not support GitHub environments.
      • OAuth 2.0 Credentials: Supports Authorization Code and GitHub Apps (JWT) methods, enabling use of custom actions, creation of secrets for workflows, and deployment to GitHub environments.
      • Only one GitHub organization can be installed per tool; multiple organizations require separate tools and apps.
      • OAuth methods require a MID server for GitHub and GitHub Enterprise.
    • Custom Actions and Secrets: ServiceNow provides custom actions available in the GitHub Marketplace that integrate with DevOps Change Velocity workflows, allowing control over workflows and pushing information from GitHub Actions. Secrets must be configured in GitHub to capture workflow data.

    Onboarding Options

    You can onboard GitHub to DevOps Change Velocity using one of three methods:

    • Workspace: Use the DevOps Change Workspace playbook for a guided experience to connect, discover, configure, and import repositories, plans, and pipelines.
    • Service Catalog: Utilize the ServiceNow Service Catalog to create, connect, discover, and configure your GitHub instance.
    • Classic Experience: Connect your GitHub instance manually to discover, configure, and import repositories, plans, and pipelines.

    Practical Benefits for ServiceNow Customers

    • Automates discovery and configuration of GitHub repositories and pipelines for DevOps processes.
    • Improves traceability of changes through real-time notifications tied to commits, issues, and workflows.
    • Supports integration flexibility with multiple authentication methods to suit security needs.
    • Provides seamless orchestration by leveraging GitHub Actions custom actions within DevOps Change Velocity.
    • Ensures controlled repository management by enforcing permission and configuration rules.

    Connect to your GitHub instance to discover repositories, plans, pipeline definitions and configure real-time notifications or polling to enable change traceability and automation.

    GitHub integration overview

    DevOps Change Velocity supports Plan (Plans), Code (Repository) and Orchestration (Actions) capabilities for the GitHub tool.

    Both GitHub and GitHub Enterprise are supported.

    The following operations are performed as part of integrating GitHub:
    • Connect: Discover repositories, plans, and pipeline definitions by connecting your GitHub instances to DevOps Change Velocity.
    • Configure: Enable sending real-time notifications for commits, work items, and pipelines by automatically creating a Webhook (push, issues, and workflow_job) in GitHub so that this data can be used to create change policies.
    Repositories under an organization can also be discovered and configured if you have the following base permissions for the organization (member privileges):
    • Discover: Base permission of Read.
    • Configure: Base permission of Admin.
    If Base permissions is specified as No permission for an organization, repositories under that organization can’t be discovered even if they’re public. The owner of an organization can either select all repositories or specific repositories for an organization and only the selected repositories are discovered. Even if a repository is public, it can’t be discovered unless the owner selects it for an organization.

    For repositories under an organization, you must not have the same repository configured in more than one tool on an instance. If the same repository is configured for multiple tools, then data is associated with a random tool as part of notifications events. If you want to configure the same repository in a different tool, you must delete the webhooks created from the first tool, untrack the repository under that tool, and then configure the same repository in the different tool.

    Authentication methods

    You can connect to GitHub using one of the following authentication methods:
    • Basic authentication

      If you connect your GitHub instance with basic auth, you can use the custom actions from the GitHub marketplace. GitHub environments aren’t supported for basic auth connection.

    • OAuth 2.0 credentials
      • If you connect your GitHub instance with OAuth 2.0 credentials for Authorization code, you can use the custom actions from the GitHub marketplace and create secrets to use in workflows. For more information, see OAuth 2.0 credentials for GitHub Apps - Authorization Code.
      • If you connect your GitHub instance with OAuth 2.0 credentials for GitHub Apps - JWT, you can use the custom actions from the GitHub marketplace, create secrets to use in workflows, and GitHub environments to deploy to an environment. For more information, see OAuth 2.0 credentials for GitHub Apps - JWT. For GitHub repositories under an organization, only one organization can be installed per tool (i.e - One GitHub App can be installed with One GitHub Org and with One GitHub tool). If you want to add more organizations, you can create separate tools and apps.
    Note:
    The OAuth Authorization Code & JWT grant types are supported for GitHub & GitHub Enterprise with MID server.

    Custom actions by ServiceNow are available in GitHub Marketplace for the orchestration capability, to push information from Actions (workflows) and to pause or resume workflows from DevOps Change Velocity. For more information on custom actions, see ServiceNow DevOps custom actions from GitHub marketplace.

    To capture the workflow data in DevOps Change Velocity, you must configure Secrets in your GitHub tool. For more information, see GitHub Actions configurations.

    There are a few limitations for GitHub Actions support, see GitHub Actions configurations.

    Get started

    Use one of the following options to onboard GitHub. For a guided experience, use the workspace to onboard a tool. Alternatively, you can use the Service Catalog or Classic experience.