> ## Documentation Index
> Fetch the complete documentation index at: https://metoro.io/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Code Fixes

> Use Guardian to generate reviewed pull requests for production issues and deployment regressions

## Overview

Code fixes help your team move from root cause to a reviewable patch without leaving Metoro.

When Guardian determines that a production problem or deployment regression is likely caused by application code, it can inspect the mapped source repository, propose a fix, and prepare a pull request for your team to review.

<CardGroup cols={3}>
  <Card title="Find the Faulty Code" icon="magnifying-glass">
    Guardian uses telemetry, deployment context, logs, traces, and source code mappings to identify the code most likely related to the issue.
  </Card>

  <Card title="Generate a Patch" icon="code">
    Guardian runs a coding subagent against a temporary repository workspace and produces a generated code diff.
  </Card>

  <Card title="Review Before Merge" icon="git-pull-request">
    Metoro can create a pull request from the generated diff, but your team reviews, approves, and merges it.
  </Card>
</CardGroup>

## How Code Fixes Work

<Steps>
  <Step title="Guardian investigates an issue">
    Guardian starts from a production issue, firing alert, assisted debugging session, or deployment verification result. It gathers the relevant runtime evidence before deciding whether source code context is needed.
  </Step>

  <Step title="Guardian finds the matching source code">
    Metoro uses source code mappings to connect Kubernetes services to the repositories, paths, and branches that contain their code.
  </Step>

  <Step title="Guardian analyzes a temporary repository workspace">
    When a code fix is needed, Guardian launches a short-lived coding subagent. The subagent receives the Guardian task, relevant observability context, and the mapped repository contents.
  </Step>

  <Step title="Guardian saves a generated diff">
    If the subagent makes a change, Metoro computes the diff between the base branch and the temporary branch, then stores the generated diff with the related investigation or issue.
  </Step>

  <Step title="Your team creates and reviews the pull request">
    A user can create a pull request from the generated diff. Metoro does not merge pull requests automatically.
  </Step>
</Steps>

## Supported Source Code Integration

GitHub is the currently supported source code repository integration for code fixes.

Connect GitHub when you want Guardian to:

* Read relevant repository contents during investigations
* Correlate deployment changes with production behavior
* Generate code diffs for likely application bugs
* Create pull requests for generated fixes

<Note>
  GitHub is the supported repository integration for code fixes today. If you disconnect GitHub or remove repository access from the GitHub App, Guardian can still investigate runtime telemetry, but it will not be able to inspect private repository contents or generate repository-specific code fixes.
</Note>

For the full GitHub setup, permissions, storage, and security details, see [GitHub Integration](/integrations/github).

## Setting Up GitHub for Code Fixes During Onboarding

If you are onboarding AI SRE for the first time, you can connect GitHub directly from the onboarding flow. You can also connect it later from the **Settings** -> **Integrations** page in Metoro.

<Steps>
  <Step title="Go to the Source Code Mapping step">
    Complete the onboarding flow up to the **Source Code Mapping** step.
  </Step>

  <Step title="Connect GitHub">
    In the onboarding flow, click **Connect GitHub Account**.

    If GitHub is already connected, you can skip this step and continue to source code mapping.
  </Step>

  <Step title="Authorize in GitHub">
    You'll be redirected to GitHub to authorize the Metoro app:

    1. Select your organization or personal account
    2. Choose repository access:
       * **All repositories** - Recommended for full coverage
       * **Selected repositories** - Choose specific repos to grant access
    3. Review requested permissions
    4. Click **Install & Authorize**

    After authorization, you'll be redirected back to Metoro with GitHub successfully connected.
  </Step>

  <Step title="Map source code">
    After GitHub is connected, map your services to their corresponding repositories. This can be done in the **Source Code Mapping** step in the onboarding flow or later from the Service Catalog by selecting a service and clicking **Link Source Code**.
  </Step>
</Steps>

<Warning>
  **Required permissions**: The Metoro GitHub App requires read access to repository contents and metadata, and write access to pull requests and issues.

  Metoro can raise pull requests to fix detected issues, but it will never merge them automatically. You must review and merge any PRs yourself.
</Warning>

### Verify the Connection

After installation, verify the connection:

1. Return to **Settings** -> **Integrations** -> **Third-Party Integrations** -> **GitHub**
2. Confirm that GitHub is connected. (The button will turn to **Disconnect** when GitHub is connected)

## Source Code Mapping

Source code mapping tells Guardian which repository belongs to each Kubernetes service.

During the onboarding flow, Metoro includes a **Source Code Mapping** step. This feature checks the services running in your cluster and tries to match them to repositories that Metoro can see from your connected GitHub account. It can also match services to public GitHub repositories when enough repository information is available.

You can review and adjust the suggested mappings before using them. For each service, a mapping can include:

* Repository URL
* Optional repository path for monorepos
* Optional branch name for environment-specific code

You can also update mappings later from the service page by selecting **Link Source Code**.

## Repository Mapping

Repository mapping links your Metoro services to their corresponding GitHub repositories, enabling Metoro to analyze the right code for each service.

Each service in your system can be mapped to its source code repository:

* **One-to-one**: A single service maps to a single repository.
* **Monorepo**: Multiple services map to the same repository with different paths.

### Access Repository Mapping

1. Navigate to **AI SRE** -> **Onboarding** -> **Source Code Mapping**
2. Review the services detected in your cluster
3. Accept, edit, or add mappings for each service

### Map Services to Repositories

For each service, configure its repository mapping:

<Tabs>
  <Tab title="Simple Mapping">
    **Standard repository mapping**

    For services with dedicated repositories:

    1. Find your service in the list, such as `payment-service`
    2. Click **Map Repository**
    3. Select the repository, such as `org/payment-service`
    4. Leave **Repository Path** empty to use the repository root
    5. Click **Save Mapping**

    Example:

    * Service: `payment-service`
    * Repository: `metoro-org/payment-service`
    * Path: `/`
  </Tab>

  <Tab title="Monorepo Mapping">
    **Monorepo path mapping**

    For services in a monorepo:

    1. Find your service, such as `api-gateway`
    2. Click **Map Repository**
    3. Select the monorepo, such as `org/monorepo`
    4. Enter **Repository Path**, such as `/services/api-gateway`
    5. Click **Save Mapping**

    Example:

    * Service: `api-gateway`
    * Repository: `metoro-org/platform`
    * Path: `/services/api-gateway`
  </Tab>
</Tabs>

## Advanced Configuration

### Branch Selection

Configure which branch Metoro should analyze:

<Tabs>
  <Tab title="Default Branch">
    Metoro uses the repository's default branch, usually `main` or `master`.

    No configuration is needed for this behavior.
  </Tab>

  <Tab title="Specific Branch">
    To use a specific branch:

    1. Open the repository mapping settings
    2. Set **Branch** to the branch name, such as `production` or `release`
    3. Save changes
  </Tab>

  <Tab title="Environment-Based">
    Map different environments to different branches:

    1. Open the repository mapping settings
    2. Select the environment, such as `staging` or `production`
    3. Find the service and set the corresponding branch and repository for that environment and service pair
  </Tab>
</Tabs>

## Reviewing Generated Code Fixes

After Guardian generates a code fix, you can review and create a pull request from **Guardian** -> **Code Fixes** page. [Take me there](https://us-east.metoro.io/guardian/fixes)

## What Metoro Can and Cannot Do

Metoro can:

* Analyze mapped source code when a Guardian workflow needs repository context
* Generate a proposed code diff for a likely application issue
* Create a pull request when a user chooses to create one from the generated diff
* Link generated fixes back to the related investigation or issue

Metoro does not:

* Continuously read every repository
* Store a persistent mirror of your source code
* Automatically merge pull requests
* Modify repositories outside the permissions granted to the GitHub App

For more information about how Metoro uses GitHub for code fixes, see [GitHub Integration](/integrations/github).

## FAQ

<AccordionGroup>
  <Accordion title="Can Metoro modify my code?">
    Metoro can generate code diffs and create pull requests when a user chooses to create one. It does not merge pull requests automatically.
  </Accordion>

  <Accordion title="Do I need to map every service manually?">
    No. During onboarding, Source Code Mapping can suggest mappings by comparing services running in your cluster with repositories visible through your GitHub integration or public GitHub repositories. You can review and edit those suggestions.
  </Accordion>

  <Accordion title="What if my service is in a monorepo?">
    Map the service to the repository and set the repository path for that service, such as `/services/api`. Guardian uses that path to focus code analysis on the relevant part of the repository.
  </Accordion>

  <Accordion title="What if my repository structure changes?">
    Update the repository mappings when you restructure code. Metoro will use the updated repository, path, and branch information for future investigations and code fixes.
  </Accordion>

  <Accordion title="How does Metoro handle private repositories?">
    The GitHub App authorization grants access only to the private repositories you select. Metoro respects the repository access granted to the GitHub App.
  </Accordion>

  <Accordion title="Where can I read more about GitHub permissions?">
    See [GitHub Integration](/integrations/github) for the detailed GitHub permissions, storage, source-code access, and cleanup model.
  </Accordion>
</AccordionGroup>

## Next Steps

<CardGroup cols={2}>
  <Card title="GitHub Integration" icon="code" href="/integrations/github">
    Review GitHub setup, permissions, and source-code handling details
  </Card>

  <Card title="Issues" icon="circle-exclamation" href="/ai-sre/issues">
    Track production issues and related generated fixes
  </Card>

  <Card title="Deployment Verification" icon="rocket" href="/ai-sre/deployment-verification">
    Verify deployments and catch regressions automatically
  </Card>

  <Card title="Assisted Debugging" icon="brain" href="/ai-sre/assisted-debugging">
    Ask Guardian to investigate production behavior directly
  </Card>
</CardGroup>
