GitHub Connections
Note: Codebase Search currently does not handle large numbers of repositories well. Improving this integration is on our roadmap.
GitHub connections enable agents to access your repositories for codebase context during investigations, and ingest GitHub events (pushes, pull requests, workflow runs, etc.).
Recommended: Create and manage connections via the web UI at https://ui.cloud.firetiger.com/settings/connections
Installation
- Navigate to Settings > Connections in the Firetiger UI
- Click New Connection
- Select GitHub as the connection type
- Click Connect GitHub
- You will be redirected to GitHub to authorize the Firetiger GitHub App
- Select the GitHub organization or user account where you want to install the app
- Choose which repositories to grant access to (all repositories or select specific ones)
- Confirm the installation
The connection will be created automatically with your GitHub account details. GitHub will automatically send webhook events to Firetiger for the selected repositories.
What Gets Created
When you install the GitHub app, Firetiger automatically creates a connection with:
| Field | Value |
|---|---|
connection_id |
github-{installation_id} |
display_name |
Your GitHub organization or user name |
description |
GitHub: {account_name} |
Permissions
The Firetiger GitHub App requests the following permissions:
| Permission | Access | Purpose |
|---|---|---|
| Repository contents | Read | Access code for context during investigations |
| Metadata | Read | Basic repository information |
| Pull requests | Read | PR details and status |
| Actions | Read | Workflow and job information |
Updating Repository Access
To add or remove repositories from your GitHub connection:
- Navigate to the Firetiger GitHub App page
- Click Configure
- Select your GitHub organization or user account
- Under Repository access, choose:
- All repositories - Grant access to all current and future repositories
- Only select repositories - Choose specific repositories to grant access to
- Click Save
Changes take effect immediately. Firetiger will automatically update the available repositories for codebase search.
Re-authorization
To reconnect or fix authentication issues:
- Navigate to Settings > Connections in the Firetiger UI
- Find your GitHub connection
- Click Reconnect or delete and recreate the connection
Capabilities
GitHub connections enable:
- Codebase context - Agents can search and read repository code during investigations
- Event ingestion - Automatic ingestion of GitHub events (pushes, PRs, workflow runs)
- Repository insights - Activity tracking and change history
Connection Settings
The GitHub connection exposes webhook-driven settings on its edit form:
| Setting | Proto field (GithubConnectionDetails) |
Default | Effect |
|---|---|---|---|
| Auto-Create Deployments | auto_create_deployments |
Enabled | When GitHub sends a deployment webhook event, Firetiger creates a matching Deployment and tracks its status. Disable if your GitHub deployments don’t represent production releases. |
| Auto-Monitor Opened Pull Requests | auto_monitor_pull_requests |
Disabled (opt-in) | When a PR is opened on a repository covered by the installation, Firetiger creates a deploy-monitoring agent and a dormant MonitoringPlan keyed to the PR. The plan activates once the PR merges and rolls out, then the agent watches the affected service for regressions. |
| Filter | auto_monitor_pr_filter |
Empty (monitor all) | Optional free-text filter applied when Auto-Monitor is enabled. Firetiger runs a single fast LLM call per opened PR judging title, body, labels, base branch, and author against the filter. PRs that don’t match get a skip comment explaining why, instead of a monitoring plan. Leave blank to monitor every opened PR. |
All settings are per-connection: a single tenant can have multiple GitHub installations with different auto-monitor behavior.
Filtering which PRs get auto-monitored
When auto-monitoring is on, the default is “every opened PR on every repo covered by the GitHub App installation”. That’s usually too broad — most teams only care about PRs that touch production-meaningful surfaces.
Set Filter to a natural-language description of the PRs you want monitored, for example:
PRs that touch the checkout, billing, or auth services. Skip docs, tests, and CI-only changes.
On each pull_request.opened webhook, Firetiger sends the PR title, body, labels, and base branch to a light LLM (Haiku) along with your filter. If the model decides the PR matches, a monitoring plan is created as usual. If not, no plan is created — instead, Firetiger posts a comment on the PR that looks like:
Firetiger deploy monitoring skipped
This PR didn’t match the auto-monitor filter configured on your GitHub connection:
PRs that touch the checkout, billing, or auth services. Skip docs, tests, and CI-only changes.
Reason: Only edits README.md.
To monitor this PR anyway, reply with
@firetiger monitor this.
Manual override. The skip comment tells the PR author how to opt in: reply with @firetiger monitor this. That mention flows through the existing @firetiger pipeline and creates a monitoring plan for the PR on the spot — no connection-level change required.
Fail-open behavior. If the LLM call errors (network, provider outage, rate limit), Firetiger falls back to creating a monitoring plan. This is deliberate: occasional over-monitoring is preferable to silently dropping coverage on a PR the operator expected to be watched.
Description Field
The description field helps agents understand which repositories and use cases this connection covers.
Example:
Production infrastructure repositories.
Key repositories:
- firetiger-inc/core - Main application code
- firetiger-inc/infra - Terraform and deployment configs
- firetiger-inc/docs - Documentation
Use for investigating deployment issues, code changes, and CI/CD failures.
Best Practices
- Limit repository access - Only grant access to repositories that agents need for investigations
- Use descriptive names - Helps agents select the right connection when multiple GitHub accounts are connected
- Document repository purposes - Include which repositories are relevant for different investigation types
GitHub App Page
The Firetiger GitHub App is available at: https://github.com/apps/firetiger-agent
Related Documentation
- GitHub Webhook Ingestion - Details on GitHub event ingestion
- GitHub Apps Documentation