Skip to main content
Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Automated Compliance with OIT Policy using Smart Commits

An integration between GitHub, Jira, and ServiceNow to automate compliance with OIT policy.

The policy

OIT Change Control / Enablement Announcement

Enterprise Change Control Notice No. 2

April 21, 2021

All Office of Information and Technology (OIT) groups must document their production configuration item changes, per National Institute of Standards and Technology (NIST) 800-53 Section CM-3, in the Department of Veterans Affairs (VA) ServiceNow change control module.

The solution

The DOTS Team in conjunction with SMO have engineered custom integrations to promote automated tracking of Change Requests (CR) in ServiceNow. This integration is lightweight while allowing teams to continue their current process and iterate towards CI/CD. Any changes made to production environments need to have traceable documentation on the changes made to the environment. This can be achieved using Smart Commits.

How does it work?

Smart commits allow your team to perform actions on Jira issues from a single commit.

Onboarding consists of using GitHub webhooks to connect a Jira project to a GitHub repository.

  1. Start with an issue in Jira with smart commits
  2. Create a new pull request in GitHub
    1. Use the Jira Issue Key in the title of the Pull Request Branch Name
  3. An Automation will then create the ServiceNow Change Request
  4. Pull Request id approved
  5. Changes are merged to production branch
  6. Automation closes the ServiceNow Change Request

Return to Guides