Enabling and configuring Automation Action Issue sensor

The Automation Action issue sensor supports the Managing automation. You can use this sensor to empower the Instana agent to run GitHub Issue, GitLab Issue, and Jira Task actions.

The sensor is automatically deployed and installed after you install the Instana agent. This sensor uses the Ticket automation connector to connect to the GitHub, GitLab, and Jira.

Prerequisites

Before you enable the sensor, ensure that the following prerequisites are met:

  • Review the information in Securely using the automation framework.
  • Cloud environment: For issue sensor version 1.0.58 or older, a container management engine, such as Docker or Podman, is available on the Instana agent as the sensor uses an issue automation connector image.
  • Self-hosted (on-premises) environment: The automation feature flag is enabled.

Enabling the sensor

The Automation Action Issue sensor is disabled by default. To enable the sensor, update the agent configuration file ( /etc/instana/configuration.yaml) as shown in the following example: 

com.instana.plugin.action.issue:
  enabled: true # by default is false

Configuring the automation connector (required for issue sensor version 1.0.58 or older)

The sensor uses an automation connector image to connect to GitHub, GitLab, and Jira that performs the wanted operation. The automation connector image is pulled from the icr.io/instana/actions registry when the sensor is activated.

If the agent machine does not have access to the icr.io image registry, set offline=true in the sensor configuration and load the automation connector image to the local registry on the agent system.

To configure the automation connector, update the agent configuration file as shown in the following example:

com.instana.plugin.action.issue:
  enabled: true
  connector: # connector and its child attributes are required for issue sensor version 1.0.58 or older
    container_mgmt_engine: docker|podman # the container management engine
    host_port: 9080 # the port on the host to bind the connector container to
    ready_timeout: 60 # optional, default timeout is 300 seconds
    offline: false|true # optional, default is false

Configuring GitHub

To configure the sensor to run GitHub Issue actions, update the agent configuration file as shown in the following example. Use the vault for accessToken as shown in the example to secure your access token:

com.instana.plugin.action.issue:
  enabled: true
  github:
    baseUrl: <github_url> # i.e. https://api.github.com
    accessToken:
      configuration_from:
        type: vault
        secret_key:
          path: <secret_path>
          key: <secret_key>
  connector: # connector and its child attributes are required for issue sensor version 1.0.58 or older
    container_mgmt_engine: docker|podman # the container management engine
    host_port: 9080 # the port on the host to bind the connector container to
    ready_timeout: 60 # optional, default timeout is 300 seconds

Do not use a plain text token as it is insecure. The following example shows the use of plain text token in the configuration and is for reference purpose only.

com.instana.plugin.action.issue:
  enabled: true
  github:
    baseUrl: <github_url> # i.e. https://api.github.com
    accessToken: <github_access_token>
  connector: # connector and its child attributes are required for issue sensor version 1.0.58 or older
    container_mgmt_engine: docker|podman # the container management engine
    host_port: 9080 # the port on the host to bind the connector container to
    ready_timeout: 60 # optional, default timeout is 300 seconds

Configuring GitLab

To configure the sensor to run GitLab Issue actions, update the agent configuration file as shown in the following example. You can use the vault for accessToken as shown in the following example. The use of vault for accessToken is secure and preferred.

com.instana.plugin.action.issue:
  enabled: true
  gitlab:
    baseUrl: <gitlab_url>
    accessToken:
      configuration_from:
        type: vault
        secret_key:
          path: <secret_path>
          key: <secret_key>
  connector: # connector and its child attributes are required for issue sensor version 1.0.58 or older
    container_mgmt_engine: docker|podman # the container management engine
    host_port: 9080 # the port on the host to bind the connector container to
    ready_timeout: 60 # optional, default timeout is 300 seconds

Do not use a plain text token as it is insecure. The following example shows the use of plain text token in the configuration and is for reference purpose only.

com.instana.plugin.action.issue:
  enabled: true
  gitlab:
    baseUrl: <gitlab_url>
    accessToken: <gitlab_access_token>
  connector: # connector and its child attributes are required for issue sensor version 1.0.58 or older
    container_mgmt_engine: docker|podman # the container management engine
    host_port: 9080 # the port on the host to bind the connector container to
    ready_timeout: 60 # optional, default timeout is 300 seconds

Configuring Jira

To configure the sensor to run Jira Task actions, update the agent configuration file as shown in the following example: You can use the vault for apiToken as shown in the following example. The use of vault for apiToken is secure and preferred.

com.instana.plugin.action.issue:
  enabled: true
  jira:
    baseUrl: <jira_url>
    username: <username>
    apiToken:
      configuration_from:
        type: vault
        secret_key:
          path: <secret_path>
          key: <secret_key>
  connector: # connector and its child attributes are required for issue sensor version 1.0.58 or older
    container_mgmt_engine: docker|podman # the container management engine
    host_port: 9080 # the port on the host to bind the connector container to
    ready_timeout: 60 # optional, default timeout is 300 seconds

Do not use a plain text token as it is insecure. The following example shows the use of plain text token in the configuration and is for reference purpose only.

com.instana.plugin.action.issue:
  enabled: true
  jira:
    baseUrl: <jira_url>
    username: <username>
    apiToken: <jira_api_token>
  connector: # connector and its child attributes are required for issue sensor version 1.0.58 or older
    container_mgmt_engine: docker|podman # the container management engine
    host_port: 9080 # the port on the host to bind the connector container to
    ready_timeout: 60 # optional, default timeout is 300 seconds

Loading automation connector image to the local registry (required for issue sensor 1.0.58 or later)

If the agent machine does not have access to the icr.io image registry, then load the image to the local image registry on the agent system.

To load the image to the local image registry on the agent system, complete the following steps:

  1. On a machine with internet access, download the latest Ansible automation connector image:

    docker pull icr.io/instana/actions/ticket:latest

  2. Save the image to an archive file:

    docker save <image_id> > /tmp/ticket.tar

  3. Copy the archive to the agent machine and then load the image to the local image registry:

    docker load < /tmp/ticket.tar

  4. Tag the image:

    docker tag <image_id> icr.io/instana/actions/ticket:latest

Integrating a secret manager

If the GitHub Issue, GitLab Issue, and Jira Task actions in your action catalog uses Vault parameters, you must integrate the host agent with a secret manager.