ServiceNow
Overview
ServiceNow is an enterprise IT Service Management (ITSM) platform that provides change management, incident tracking, problem management, and approval workflows. When integrated with CI/CD pipelines, ServiceNow automates change request creation, approval gates, and deployment tracking while maintaining compliance and comprehensive audit trails.
What is ServiceNow?
ServiceNow is a cloud-based platform that helps organizations manage digital workflows for enterprise operations. In the DevOps context, ServiceNowβs Change Management module enables:
- Automated Change Requests: Create change records directly from CI/CD pipelines
- Approval Workflows: Gate deployments with multi-level approval processes
- Risk Assessment: Automated risk scoring for changes
- Configuration Management Database (CMDB): Track relationships between applications, infrastructure, and changes
- Incident Integration: Correlate deployments with incidents and problems
- Audit & Compliance: Complete audit trails for regulatory requirements
Why ServiceNow in DevOps?
The Traditional Problem
Manual Change Management:
- Developer manually creates change ticket
- Waits hours/days for CAB approval
- Manually updates ticket after deployment
- Limited visibility into what was actually deployed
- Error-prone documentation
Impact: Slow deployments, bottlenecks, frustrated teams
The Automated Solution
DevOps-Integrated Change Management:
- Pipeline automatically creates change request with all deployment details
- Approval workflows triggered automatically
- Deployment gates ensure approvals before production
- Automatic ticket updates post-deployment
- Complete audit trail from commit to production
Impact: Fast deployments with compliance, no manual overhead
Key Capabilities
1. Change Management Automation
βββββββββββββββ
β Git Push to β
β main β
ββββββββ¬βββββββ
β
βΌ
βββββββββββββββββββββββββββββββββββ
β CI/CD Pipeline β
β ββββββββ ββββββββ βββββββββ β
β βBuild ββββ Test ββββ Stage β β
β ββββββββ ββββββββ βββββ¬ββββ β
βββββββββββββββββββββββββββΌββββββββ
β
βΌ
ββββββββββββββββββββββββββββββββββββββββ
β ServiceNow Change Request β
β β’ Auto-created with deployment info β
β β’ Risk assessment: Low β
β β’ Requires: Manager approval β
βββββββββββββββ¬βββββββββββββββββββββββββ
β
βΌ
ββββββββββββββββββββββββ
β Approval Workflow β
β Manager gets notif. β
β Approves via mobile β
βββββββββββ¬βββββββββββββ
β
βΌ
βββββββββββββββββββββββ
β Pipeline Resumes β
β Deploy to Prod β
β Update ticket β
βββββββββββββββββββββββ
2. CI/CD Integration Methods
Native Integrations:
- GitHub Actions: Official ServiceNow GitHub Actions
- GitLab CI/CD: REST API and webhook integration
- Azure DevOps: Official Azure DevOps extension
- Jenkins: ServiceNow plugin for Jenkins
Integration Technologies:
- REST API (Table API, Import Sets API)
- Integration Hub with pre-built spokes
- Flow Designer for custom workflows
- Webhooks for event-driven automation
3. Change Types
ServiceNow supports different change types with varying approval requirements:
| Change Type | Approval | Use Case |
|---|---|---|
| Standard | Pre-approved | Low-risk, repeatable deployments |
| Normal | CAB approval | Medium-risk changes requiring review |
| Emergency | Expedited | Critical fixes, security patches |
Use Cases in DevOps
Use Case 1: Regulated Financial Services
Scenario: Bank deploying microservices 20+ times per day, SOX compliance required
Requirements:
- All production changes must have change tickets
- Changes require manager approval
- Complete audit trail for regulators
- No manual ticket creation (bottleneck)
Solution:
Pipeline β Auto-create ServiceNow change β Manager approves via Slack β Deploy β Update ticket
Benefits:
- Deploy 20x/day with full compliance
- Zero manual ticket creation
- Complete audit trails
- Fast approval via notifications
Use Case 2: Healthcare SaaS Platform
Scenario: HIPAA-compliant healthcare application with frequent updates
Requirements:
- Document all changes affecting patient data
- Track database schema changes
- Emergency patch process for security issues
- Link deployments to security scans
Solution:
- Standard changes for application code (pre-approved)
- Normal changes for database migrations (approval required)
- Emergency changes for security patches (expedited approval)
- ServiceNow stores security scan results as attachments
Use Case 3: Global Enterprise
Scenario: 50+ development teams deploying to shared infrastructure
Requirements:
- Prevent conflicting changes
- Schedule maintenance windows
- Coordinate releases across teams
- Track which team deployed what
Solution:
- ServiceNow CMDB tracks infrastructure dependencies
- Change calendar prevents conflicts
- Automated change scheduling
- Team attribution via ServiceNow groups
Architecture Patterns
Pattern 1: API-Based Integration
Direct REST API calls from pipeline:
CI/CD Pipeline
β
βΌ
ServiceNow REST API
β
βββ Create Change Request
βββ Poll for Approval
βββ Update Change Status
βββ Close Change
Pros: Simple, direct control, no middleware Cons: Pipeline handles all logic, retry handling needed
Pattern 2: Integration Hub Spoke
ServiceNow Integration Hub orchestrates:
CI/CD Pipeline
β
βΌ
Integration Hub Spoke
β
βββ Change Management
βββ Approval Engine
βββ CMDB Updates
βββ Notification Service
Pros: Robust, reusable, built-in error handling Cons: Requires ServiceNow Integration Hub license
Pattern 3: Event-Driven with Webhooks
Webhooks trigger ServiceNow workflows:
CI/CD Event β Webhook β ServiceNow Flow β Create/Update Change
Pros: Loosely coupled, scalable, event-driven Cons: More complex setup, debugging challenges
Integration Components
Required Information
When creating a ServiceNow change from CI/CD, include:
Essential:
- Short Description: What is being deployed
- Assignment Group: Team responsible
- CMDB CI: Configuration item being changed (application, service)
- Type: Standard, Normal, or Emergency
- Priority: Based on change risk
Recommended:
- Implementation Plan: Deployment steps
- Backout Plan: Rollback procedure
- Test Plan: Testing performed
- Risk Assessment: Automated or manual risk score
- Attachments: Test results, security scans, release notes
Authentication
ServiceNow authentication options:
- Basic Authentication: Username + password (not recommended for production)
- OAuth 2.0: Client credentials flow (recommended)
- API Key: ServiceNow API token
- Mutual TLS: Certificate-based authentication (enterprise)
Store credentials securely:
- GitHub: Repository secrets
- GitLab: CI/CD variables (masked)
- Azure DevOps: Variable groups (secret)
ServiceNow APIs for DevOps
Table API
Create, read, update change requests:
# Create change request
POST /api/now/table/change_request
# Get change request
GET /api/now/table/change_request/{sys_id}
# Update change request
PATCH /api/now/table/change_request/{sys_id}
Import Set API
Bulk import deployment data:
POST /api/now/import/{tableName}
Attachment API
Attach test results, scan reports:
POST /api/now/attachment/file?table_name=change_request&table_sys_id={sys_id}
Real-World Example: Financial Services
Organization: Major European bank with 200+ microservices
Challenge:
- SOX compliance requires change tickets for all production deployments
- Previous manual process: 2-4 hour approval delay per deployment
- 50+ deployments per week created bottleneck
- Audit finding: incomplete change documentation
Solution:
- Integrated GitLab CI/CD with ServiceNow REST API
- Pipeline automatically creates standard change for approved services
- Normal change for high-risk deployments (database, infrastructure)
- Manager approval via ServiceNow mobile app
- Automatic ticket closure with deployment evidence
Results:
- Approval time reduced from 2-4 hours to 15 minutes
- Zero manual ticket creation
- 100% change ticket compliance
- Audit findings resolved
- Team satisfaction increased significantly
Best Practices
Doβs
β Use Standard Changes for Low-Risk Deployments: Pre-approve common, repeatable deployments β Automate Change Creation: Never create tickets manually for automated deployments β Include Deployment Details: Link to pipeline run, commit SHA, test results β Update Tickets Automatically: Pipeline should update status throughout deployment β Store Evidence: Attach test results, security scans as change attachments β Link to CMDB: Associate changes with correct configuration items β Use Meaningful Descriptions: Include service name, version, environment β Implement Retry Logic: Handle ServiceNow API failures gracefully β Monitor Change Status: Alert when changes are stuck in approval
Donβts
β Donβt Create Changes for Non-Production: Development/test environments typically donβt need change tickets β Donβt Gate All Deployments: Use approval gates only where required by policy β Donβt Ignore Change Conflicts: Check ServiceNow change calendar for conflicts β Donβt Hardcode Credentials: Use secrets management for ServiceNow credentials β Donβt Skip Rollback Documentation: Always include backout plan β Donβt Create Duplicate Changes: Check if change exists before creating β Donβt Block on Approval Indefinitely: Implement timeouts for approval gates
Integration Guides
Choose your CI/CD platform to get started:
- GitLab Integration β - GitLab CI/CD with ServiceNow REST API and webhooks
- GitHub Actions Integration β - GitHub Actions with official ServiceNow actions
- Azure DevOps Integration β - Azure Pipelines with ServiceNow extension
- CI/CD Integration Overview β - General patterns and concepts
Additional Resources
ServiceNow Documentation
Related Pages
Next Steps
- Review your requirements: Understand which changes need ServiceNow tracking
- Choose integration method: API, Integration Hub, or platform-specific plugin
- Set up authentication: Configure secure ServiceNow API access
- Start with non-production: Test integration in development environment
- Implement standard changes: Pre-approve common deployment patterns
- Add approval gates: Implement where required by policy
- Monitor and optimize: Track change creation time and approval delays