Skip to main content

Documentation Index

Fetch the complete documentation index at: https://metoro.io/docs/llms.txt

Use this file to discover all available pages before exploring further.

GitHub Integration

Metoro integrates with GitHub through a GitHub App. This gives Guardian code context for deployment verification, production investigations, and proposed code fixes without requiring personal access tokens.
Connecting GitHub does not mean Guardian reads all of your source code all the time. It gives Metoro permission to retrieve relevant repository context when a Guardian workflow needs it.

How Guardian Uses Your GitHub Data

Guardian uses GitHub code context in three main workflows:

Deployment Verification

When a change is released in an environment, Guardian can inspect the associated code change to understand what may have changed and which post-deploy signals are most important to verify.

Production Investigations

When Metoro sees a production problem, Guardian can cross-reference telemetry with relevant code to produce a more accurate root cause. For example, if a log error references a specific line of code, Guardian might analyze that code to understand the issue.

Code Fixes

When evidence points to faulty application code, Guardian can generate a proposed fix and create a pull request for your team to review.
In practice, this means Guardian may read source files, configuration files, commit or branch information, and repository metadata that are relevant to the service or issue being investigated.

Setting Up GitHub Integration

To set up GitHub integration:
  1. Navigate to Settings > Integrations in the Metoro UI. Take me there
  2. Find the GitHub section and click Connect GitHub
  3. You’ll be redirected to GitHub to authorize the Metoro GitHub App
  4. Select your organization or personal account
  5. Choose repository access:
    • All repositories - Recommended for full coverage
    • Selected repositories - Choose specific repos to grant access
  6. Review the requested permissions and click Install & Authorize
  7. You’ll be redirected back to Metoro with GitHub successfully connected
The Metoro GitHub App requires read access to repository contents, metadata, and write access to pull requests and issues. No personal access tokens are required.

Managing the Integration

Once configured, you can:
  • View the status of your GitHub integration in the Integrations tab
  • Disconnect the integration by clicking the “Disconnect” button. You can reconnect at any time.
  • Modify repository access by visiting the GitHub App settings in your GitHub account

Linking Services to Source Code

You can link your Kubernetes services to their source code repositories in two ways: Add annotations to your Deployment, DaemonSet, or StatefulSet to automatically link the service to its source code. This is the recommended approach as it follows GitOps principles and keeps your source code configuration in version control. Available Annotations:
AnnotationDescriptionRequired
metoro.io/source-repositoryFull URL to the GitHub repository (e.g., https://github.com/org/repo)Yes
metoro.io/source-pathPath within the repository for monorepos (e.g., /services/api)No
metoro.io/source-branchDevelopment branch name (e.g., develop). Defaults to repository’s default branch.No
Example: 
apiVersion: apps/v1
kind: Deployment
metadata:
  name: my-service
  annotations:
    metoro.io/source-repository: "https://github.com/myorg/myrepo"
    metoro.io/source-path: "/services/my-service"
    metoro.io/source-branch: "develop"
spec:
  # ... rest of deployment spec
When using annotations, the source code linking cannot be edited through the Metoro UI. To change the configuration, update the annotations in your Kubernetes manifests.
Base64 Encoding: For special characters or long URLs, you can use base64-encoded versions:
  • metoro.io/source-repository-base64
  • metoro.io/source-path-base64
  • metoro.io/source-branch-base64
Legacy annotation keys are still supported for backward compatibility: metoro.source.repository, metoro.source.path, and metoro.source.branch. For encoded values, both -base64 and historical .base64 suffixes are accepted during compatibility, but new configurations should use -base64.

Option 2: Manual UI Configuration

You can also link services manually through the Metoro UI:
  1. Navigate to the Service page for the service you want to link
  2. Click the Source Code button in the header
  3. Click Link Source Code
  4. Select the repository, optional path, and branch
  5. Click Save
If a service has source code annotations on its Kubernetes resource, the annotations take precedence and the UI will not allow manual edits. Remove the annotations first if you want to manage the linking through the UI.

Security

What Happens After You Connect GitHub?

After installation, Metoro stores the GitHub App installation ID for your organization and uses it to request short-lived installation access from GitHub when needed. Metoro uses GitHub access to:
  • List the repositories and branches available to the GitHub App so you can map services to source code.
  • Save service-to-repository mappings, including optional repository paths and branch names.
  • Retrieve relevant code context during Guardian workflows.
  • Create GitHub issues or pull requests when you use workflows that request them.
Metoro does not continuously sync every repository into Metoro as a persistent mirror.
When you disconnect GitHub integration from Metoro -> Settings > Integrations > Third-Party Integrations > GitHub > Disconnect, Metoro will remove the stored GitHub App installation ID from your organization. You can reconnect at any time.

What Metoro Stores

Metoro will store:
  • The GitHub App installation ID for your organization.
  • Service-to-repository mappings in the following format: {service-name}: {repository-url} {optional-path} {optional-branch}
  • Relevant code context returned during a Guardian chat or investigation. For example, Guardian might return code snippets or references specific lines of code/files while answering your questions or investigating issues. The resulting markdown will be stored in Metoro for future reference.
  • Generated code diffs, pull request URLs, and pull request status for Guardian-generated code fixes.
Metoro does not store long-lived GitHub access tokens. Installation access tokens are generated on demand and expire quickly. Metoro does not store source code repository contents.

What Metoro Can Write

The GitHub App can be granted write access for issues and pull requests so Guardian can create issues and open pull requests for code fixes. Metoro does not automatically open pull requests for the code fixes generated by Guardian. Instead, the user can manually create a pull request from the generated code diff. Metoro does not merge pull requests.

What Metoro Can Read

Metoro can read source code repository contents, configuration files, commit or branch information, and repository metadata that are relevant to the service or issue being investigated.

How Guardian Reads your Source Code and Raises Code Fixes

When Guardian needs to analyze your source code, it launches a short-lived coding subagent for that specific Guardian workflow. Repository clones only live inside the ephemeral short-lived container for that workflow, and the container and cloned repository contents are entirely deleted after the Guardian action completes. This coding subagent will do the following:
  1. Start an isolated job: Guardian starts a temporary job in Metoro’s infrastructure for the specific deployment verification, production investigation, or code-fix workflow.
  2. Request short-lived GitHub access: Metoro uses your GitHub App installation to request a short-lived installation access token from GitHub. Metoro does not use personal access tokens and does not store long-lived GitHub access tokens.
  3. Clone only the relevant repositories: The job clones the repository or repositories needed for the workflow into its temporary workspace. If a branch has been configured, Guardian uses that branch; otherwise it uses the repository’s default branch. For code-fix workflows, Guardian works on a temporary branch in the cloned workspace.
  4. Remove GitHub credentials from the clone environment: After cloning the repository, the job removes the temporary GitHub credential from the git environment used for the clone.
  5. Block network access before code analysis begins: Before the coding subagent runs, Metoro blocks network access for the job. The subagent analyzes the temporary workspace without outbound network access.
  6. Run the coding subagent against the temporary workspace: The subagent receives the Guardian task, relevant observability context, and the checked-out repository contents. Depending on the workflow, it may read source files, inspect configuration, review recent code changes, explain likely root cause, or make a proposed code change in the temporary workspace.
  7. Write a structured result: The subagent writes a structured result for Guardian, including a title, description, investigation or fix details, and whether it made a code change.
  8. Save the Guardian result in Metoro: Metoro stores the resulting Guardian output so it can be shown in the investigation, deployment verification, or code-fix UI.
  9. Save generated diffs only when a code change was made: If the subagent changed code, Metoro computes the diff between the base branch and the temporary branch and stores that generated diff. The diff can then be used to create a pull request for your team to review.
  10. Delete the temporary job resources: After the workflow completes, Metoro deletes the temporary job resources created for that run. This includes the ephemeral short-lived container, its temporary workspace, and any locally cloned repositories.
The coding subagent does not continuously monitor repositories, does not create a persistent mirror of your source code, and does not merge code. A pull request is only created when a user explicitly chooses to create one from a generated code diff.

Which AI Models Are Used

Guardian uses different AI models for different parts of the workflow:
  • Top-level investigation agents use OpenAI GPT models through Azure OpenAI to reason over observability data, deployment context, and investigation state. These agents decide what context is relevant and when source code context is needed.
  • Coding subagents use Anthropic Claude Opus directly when Guardian needs to inspect a repository workspace or propose a code change. This is the part of the workflow that operates directly against the temporary cloned repository.
The specific models and versions may change over time as Metoro updates Guardian.

Security Summary

  • Metoro uses a GitHub App for authentication, which provides fine-grained permissions and does not require personal access tokens.
  • The GitHub App only has access to repositories you explicitly grant during installation.
  • You can choose Selected repositories during installation if you do not want to grant access to every repository in a GitHub organization.
  • Only the GitHub App installation ID is stored per organization; no long-lived GitHub access token is stored.
  • Installation access tokens are generated on demand and expire quickly.
  • You can revoke access at any time from your GitHub account’s Settings > Applications > Installed GitHub Apps.
  • You can delete the stored installation ID from Metoro at any time from the Settings > Integrations page -> GitHub Disconnect button.