Skip to main content

GitHub Integration

The GitHub integration enables Cloud ex Machina to automatically create issues and pull requests in your GitHub repositories with infrastructure as code (IaC) improvements and cost optimization recommendations.

Organization-Level Integration

GitHub uses a GitHub App installation model, meaning the integration is tied to your GitHub organization, not to any individual user. The integration continues working even if the person who installed it leaves the company, and all activity is clearly attributed to the Cloud ex Machina app in audit logs.

Prerequisites

  • GitHub: Owner or Admin permissions in your GitHub organization
  • Cloud ex Machina: Admin access to your tenant

Installing the GitHub App

Step 1: Connect in Cloud ex Machina

  1. Sign in to your Cloud ex Machina tenant
  2. Navigate to Settings > Integrations
  3. Find GitHub AI Agent in the list of available integrations
  4. Click Connect

GitHub Integration Card

Step 2: Authorize on GitHub

When you click Connect, you'll be redirected to GitHub:

  1. Select your organization where you want to install the app

  2. Choose repository access:

    • All repositories: Grant access to all current and future repositories
    • Only select repositories: Choose specific repositories (recommended)
    GitHub Repository Selection GitHub Repository Selection
  3. Review permissions and click Install & Authorize

    • Read access: Repository metadata, code, issues
    • Write access: Issues, pull requests

Step 3: Configure in Cloud ex Machina

After authorization, you'll be redirected back to Cloud ex Machina:

  1. Configure settings:

    • Default Repository: Primary repository for issues and pull requests
    • Issue Labels: Default labels for automatically created issues
    • Pull Request Settings: Reviewer assignments, draft mode, etc.

    CXM GitHub Configuration

  2. Click Update Configuration to save and activate the integration

Managing Repository Access

To update which repositories Cloud ex Machina can access:

  1. In GitHub, go to Settings > GitHub Apps > Cloud ex Machina
  2. Click Configure
  3. Add or remove repositories
  4. Click Save

Changes take effect immediately.

How the AI Agent Uses GitHub

Once configured, the Cloud ex Machina AI agent can:

  1. Create issues for cost optimization opportunities with detailed descriptions, expected savings, and recommended actions

  2. Generate pull requests that implement cost optimizations in your IaC code with clear commit messages and impact descriptions

    CXM GitHub Configuration

  3. Analyze pull requests to identify potential cost impacts of infrastructure changes before they're merged

Revoking Access

To uninstall the GitHub App:

  1. Navigate to your GitHub organization's Settings > GitHub Apps
  2. Click Configure next to Cloud ex Machina
  3. Scroll to the bottom and click Uninstall
warning

Uninstalling immediately revokes all access and stops automated issue/PR creation. This can be reversed by reinstalling.

Troubleshooting

AI Agent Can't Create Pull Requests

  • Verify the app has write access to the target repository in Settings > GitHub Apps > Configure
  • Check that branch protection rules allow the app to create branches
  • Confirm the default branch in Cloud ex Machina settings matches your repository

Issues Not Being Created

  • Verify the target repository is in the app's access list (Settings > GitHub Apps > Configure)
  • Check integration settings in Cloud ex Machina to ensure issue creation is enabled
  • Ensure the app has "Issues: Write" permission

App Installation Failed

  • Verify you have Owner or Admin permissions in the GitHub organization
  • Check that your organization allows third-party app installations in Settings > Third-party application access policy

Security Best Practices

  1. Limit repository access to only repositories where Cloud ex Machina needs to operate
  2. Enable branch protection on critical branches to require review for all PRs, including AI-generated ones
  3. Review generated pull requests carefully before merging
  4. Monitor app activity through GitHub's audit logs (Settings > Audit log)
  5. Document the integration so other organization admins understand why it's installed

Next Steps