> ## Documentation Index
> Fetch the complete documentation index at: https://docs.chronosphere.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Send GitHub events to Observability Platform

export const source_0 = "GitHub"

export const MyTenant = () => <>
    Replace <em><code>TENANT</code></em> with the name of your Observability Platform tenant.
  </>;

To send GitHub events to Chronosphere Observability Platform, create a webhook
within GitHub and include a secret token to authenticate with Observability Platform.
For more information, refer to
[webhook events and payloads](https://docs.github.com/en/webhooks/webhook-events-and-payloads)
in the GitHub documentation.

## Obtain an API token

Before sending events from {source_0}, contact [Chronosphere Support](/support) to
obtain an API token to authenticate with Observability Platform.

<Note>
  This API token differs from an API token that's generated when you create
  a [service account](/administer/accounts-teams/service-accounts).
</Note>

## Create a GitHub webhook

To send GitHub events to Observability Platform:

{/* vale PANW.FirstPerson = NO */}

1. In GitHub, open the repository you want to configure a webhook for.

2. Click **Settings**.

3. Under **Code and automation**, click **Webhooks**.

4. In the **Add webhook** window, in the **Payload URL** field, enter:

   ```text /TENANT/ theme={null}
   https://TENANT.chronosphere.io/api/v1/data/events/receiver/github
   ```

   <MyTenant />

5. Select **application/json** as the **Content type**.

6. In the **Secret** field, enter the API token you obtained from Chronosphere
   Support.

7. Choose **Let me select individual events**, and then select **Deployment** and
   **Deployment Status** as the events to trigger the webhook.

8. Save your webhook.

{/* vale PANW.WordList = YES */}

## Map GitHub events to Observability Platform events

After creating a GitHub webhook to send events to Observability Platform,
Observability Platform automatically maps the GitHub payload to change events.
You can't customize how the payload maps to change events. If you want to modify
how the GitHub payload gets mapped, contact [Chronosphere Support](/support).

The following table indicates the fields and values that Observability Platform
produces from a GitHub webhook event:

| Field         | Value           |
| ------------- | --------------- |
| `category`    | `deploys`       |
| `type`        | `deploy_ACTION` |
| `source`      | `github`        |
| `happened_at` | `TIMESTAMP`     |
| `title`       | `TITLE`         |

Replace the following:

* *`ACTION`*: For `deployment` events, the type is always `deploy_start`. For
  `deployment_status` events, the type is `deploy_` followed by the GitHub
  deployment status state, such as `deploy_in_progress`, `deploy_success`, or
  `deploy_failure`.
* *`TIMESTAMP`*: The time the event occurred, taken from the deployment's
  `created_at` field. Must be within seven days of the current time.
* *`TITLE`*: A description generated from the repository name and environment,
  such as "Deployment for my-repo in environment production started".

Observability Platform maps the following labels by default:

| Label                | Source                    | Event types                       |
| -------------------- | ------------------------- | --------------------------------- |
| `environment`        | Deployment environment    | `deployment`, `deployment_status` |
| `deployment.sha`     | Deployment commit SHA     | `deployment`, `deployment_status` |
| `deployment.log_url` | Deployment status log URL | `deployment_status` only          |

This snippet illustrates how to set a `shell` variable `PAYLOAD` to a JSON string
that mimics a GitHub deployment webhook payload. The resulting `$SIGNATURE` is used
in the `X-Hub-Signature: sha1=$SIGNATURE` header of the following `curl` request. The
receiver validates authenticity by recomputing this same Hash-based Message
Authentication Code (HMAC) against the stored secret token and comparing it to the
header value, which is the same mechanism GitHub uses when delivering real webhooks.

```shell wrap /TENANT/ /SECRET_TOKEN/ theme={null}
# Generate the HMAC-SHA1 signature for the payload
PAYLOAD='{"deployment":{"created_at":"2024-07-24T14:15:22Z","environment":"staging","sha":"abc123def456","url":"https://api.github.com/repos/my-org/my-repo/deployments/1"},"repository":{"name":"my-repo"}}'
SIGNATURE=$(echo -n "$PAYLOAD" | openssl dgst -sha1 -hmac "$SECRET_TOKEN" | awk '{print $2}')
```

The following sample request simulates a GitHub `deployment` webhook. Replace
the following:

* *`TENANT`*: Your organization name from your Observability Platform tenant.
* *`SECRET_TOKEN`*: The secret token configured in your GitHub webhook and
  registered with Observability Platform.

```shell theme={null}
curl --request POST \
  --url https://TENANT.chronosphere.io/api/v1/data/events/receiver/github \
  --header "Content-Type: application/json" \
  --header "X-Github-Event: deployment" \
  --header "X-Hub-Signature: sha1=$SIGNATURE" \
  --data "$PAYLOAD"
```

This request produces a change event with the following values:

| Field            | Value                                                   |
| ---------------- | ------------------------------------------------------- |
| `category`       | `deploys`                                               |
| `type`           | `deploy_start`                                          |
| `source`         | `github`                                                |
| `title`          | `Deployment for my-repo in environment staging started` |
| `environment`    | `staging`                                               |
| `deployment.sha` | `abc123def456`                                          |