GitHub App integration
Install Exlogare via the GitHub App for org-policy-friendly, fine-grained access to your repositories.
The Exlogare GitHub App is one of two ways to connect a GitHub account or organization to Exlogare. Following CircleCI’s model, both options live side-by-side; pick the one that matches your organization’s policies.
TL;DR: OAuth (the other guide) is the recommended path because it’s a one-click “Sign in with GitHub” for individual users. Pick the GitHub App when your org disallows OAuth Apps, requires fine-grained permissions, or wants a single install that covers all team members.
When to pick the GitHub App
| Symptom | Use OAuth | Use GitHub App |
|---|---|---|
| Personal repos / small team | yes, simpler onboarding | overkill |
| Org policy: “third-party OAuth Apps are disabled” | will be blocked at consent | required path |
| You want one install to cover the whole team | every member must authorize separately | single install by an org admin |
| Need fine-grained per-repo permissions audited inside GitHub | OAuth scopes are coarser | per-permission consent with audit log |
| Want to revoke quickly | per-user “Authorized OAuth Apps” | one click in .../settings/installations |
You can install both on the same Exlogare account — the OAuth
connection covers your personal repos while the GitHub App covers an
org you don’t own personally. There’s no migration; both are just
separate Connection rows.
Permissions requested
| Scope | Permission | Why |
|---|---|---|
| Repository / Actions | Read | Download workflow run logs after a failure. |
| Repository / Checks | Read & write | Publish the AI verdict as a Check Run on the PR. |
| Repository / Contents | Read | Resolve file paths in stack traces back to source. |
| Repository / Metadata | Read | Required by GitHub for any installation (project metadata). |
| Repository / Pull requests | Read & write | Optional: post the suggested fix as a PR comment (toggle in onboarding). |
| Repository / Workflows | Read | Match workflow_run events to the underlying YAML. |
| Account / Email addresses | Read | Magic-link sign-in if the install came from an anonymous Marketplace click. |
We do not request Code write, Administration, or any
organization-level mutating scopes.
Installation
There are two entry points.
From inside Exlogare (recommended for existing users)
- Sign in to app.exlogare.net.
- Open Settings → Integrations (or the GitHub card on the onboarding wizard).
- Click Install GitHub App next to the OAuth controls.
- On GitHub, pick the org/account and either “All repositories” or a curated subset.
- Click Install. GitHub redirects you back to Exlogare and the repos appear immediately.
From GitHub Marketplace (for new users)
- Open the Exlogare listing on Marketplace.
- Click Install it for free.
- Pick org/account, select repos, click Install.
- GitHub redirects you to
app.exlogare.net/onboarding/github-app.- If you already have an Exlogare session, the install is linked to your tenant immediately.
- If you don’t, you’ll be asked for an email; we send a magic link, and after one click you’re in.
What happens next
The first time a workflow on an installed repo finishes with
conclusion: failure:
- GitHub posts a
workflow_run.completedwebhook tohttps://api.exlogare.net/webhooks/github_app. - Exlogare downloads the run logs using an installation token (no PAT, no OAuth) and runs the AI root-cause pipeline.
- The verdict shows up as a Check Run on the related PR within ~30 seconds. Optionally, a PR comment with the suggested fix is posted (toggle in Settings → Notifications).
You can verify the wiring without waiting for a real failure by opening Settings → Integrations → GitHub and clicking Run a test analysis on any repo.
Uninstalling
- On GitHub: Org settings → GitHub Apps → Exlogare → Uninstall.
- Inside Exlogare: open Settings → Integrations → GitHub and click the trash icon on the GitHub App row. This is a soft-delete that stops processing webhooks; the underlying installation remains on GitHub until you also uninstall there.
We respond to GitHub’s installation.deleted webhook by disabling
the connection automatically, so a one-sided uninstall on GitHub is
also safe.
FAQ
Can I use both OAuth and the GitHub App? Yes. Each becomes a separate Connection. We deduplicate watched repos so the same repo is never analyzed twice.
Does Exlogare need GitHub Enterprise? GitHub.com is supported
out of the box. GHES requires deploying Exlogare with a custom
GITHUB_API_BASE_URL; reach out via contacts for
on-premises.
Is anything stored at GitHub’s side? No. Exlogare uses GitHub
for auth + log fetch only; analyses, dashboards, and PR comments
all originate from api.exlogare.net.
What about the GitHub Action?
Different tool. The Action is an uses: step in your workflow that
pushes a single log file to Exlogare from any runner. The GitHub
App is server-side and watches workflow_run events automatically
without modifying your workflow YAML. Pick the App for full
coverage; pick the Action for ad-hoc / cross-runner pushes.