Skip to main content

Overview

For self-hosted Relvy deployments, you’ll need to create a custom GitHub App and configure it in your Kubernetes cluster. This gives you complete control over the integration and ensures all code analysis happens within your infrastructure.

Prerequisites

Before starting, ensure you have:
  • The ability to create and install apps for your GitHub organization. For example: the App-Manager role from GitHub’s pre-defined roles
  • Access to your Relvy Kubernetes cluster
  • kubectl configured to access your cluster
  • Helm (for Relvy configuration updates)

Step 1: Create a GitHub App

  1. Create a new GitHub app for your organization / enterprise
    • For GitHub Enterprise, this is usually via Settings > GitHub Apps
    • Your URL will look something like https://github.com/enterprises/YOUR-ENTERPRISE-SLUG/settings/app/new
    • For GitHub organizations, the URL will look something like https://github.com/organizations/YOUR-ORG-SLUG/settings/apps/new
  2. Fill in the app details:
    • GitHub App name: Choose a descriptive name (e.g., “Relvy Code Analysis”)
    • Homepage URL: Your Relvy instance URL (e.g., https://relvy.yourcompany.com)
    • Callback URL: Leavy empty
    • Setup URL: https://YOUR-RELVY_DOMAIN/github/setup/redirect
      • Also check “Redirect on Update”
    • Webhook: Disable webhook (uncheck “Active”)
  3. Set the following permissions:
    • Repository permissions:
      • Contents: Read-only (for reading source code)
      • Metadata: Read-only (for repository information)
  4. Choose where the app can be installed:
    • Only enterprise organizations: Use this if you are on GitHub enterprise. This ensures that only organizations in your enterprise can install the app
    • Only on this account: For personal/organization repositories
    • Any account: If you need to install across multiple organizations
  5. Click Create GitHub App

Step 2: Generate and Save Credentials

After creating the app:
  1. Note down the Client ID (you’ll need this for configuration)
  2. Generate a Private Key:
    • Scroll down to the “Private keys” section
    • Click Generate a private key
    • A .pem file will be downloaded to your computer
    • Store this file securely

Step 3: Install the GitHub App

  1. From your GitHub App settings page, click Install App
  2. Select the account/organization where you want to install it
  3. Choose which repositories to grant access to:
    • All repositories: Grant access to all current and future repositories
    • Only select repositories: Choose specific repositories (recommended)
  4. Complete the installation
  5. Important: After installation, note down the Installation ID from the URL
    • The URL will look like: https://github.com/settings/installations/12345678
    • The Installation ID in this example is 12345678

Step 4: Configure Kubernetes Secrets

Now you’ll configure your Relvy Kubernetes cluster with the GitHub App credentials: 
# Encode the private key
ENCODED_KEY=$(cat /path/to/your/github-app-private-key.pem | base64 -w 0)

# Create the Kubernetes secret
kubectl create secret generic relvy-github-secret \
  --from-literal=private_key="$ENCODED_KEY" \
  --from-literal=client_id="your-github-app-client-id"
Replace:
  • /path/to/your/github-app-private-key.pem with the actual path to your downloaded private key
  • your-github-app-client-id with your GitHub App’s Client ID

Step 5: Update Relvy Deployment

Update your Relvy Helm deployment to apply the latest configuration: 
# Update the Helm repository
helm repo update

# Upgrade Relvy with the new configuration
helm upgrade relvy relvy/relvy --version=0.3.9 -f my-values.yaml
The Helm chart already includes GitHub integration support, so no additional configuration changes are needed.

Step 6: Configure GitHub in Relvy

  1. Log in to your Relvy instance
  2. Navigate to the GitHub section under your Organization settings
  3. Enter the following information:
    • Installation ID: The Installation ID you noted in Step 3
    • Base URL: Leave as api.github.com (or enter your GitHub Enterprise URL if different)
  4. Click Save
GitHub Installation ID Configuration

Step 7: Test the Connection

After saving your configuration:
  1. Click the Test button to verify the connection
  2. You should see a success message indicating Relvy can communicate with GitHub
  3. If the test fails, verify your Installation ID and ensure the Kubernetes secret is correctly configured

Configuring Repositories

Once GitHub is connected, configure which repositories your team will use:
  1. Navigate to Settings > Data Sources in your Relvy workspace
  2. Locate the “Configure Code Repositories” section
  3. Click Add Repository
  4. Select a repository from your authorized list
  5. Verify the Default Branch (typically main or master)
  6. Click Save
  7. Repeat for all repositories relevant to your team’s incident debugging

Security Considerations

Data Privacy

  • All code analysis happens within your infrastructure
  • No code leaves your environment
  • You control all GitHub App credentials
  • Code is never used to train AI models

Access Control

  • Only repositories you explicitly authorize are accessible
  • Read-only permissions ensure code cannot be modified
  • You can revoke access at any time by uninstalling the GitHub App

Revoking Access

To remove Relvy’s access to GitHub:
  1. Go to GitHub Settings > Applications > Installed GitHub Apps
  2. Find your custom Relvy app
  3. Click Uninstall to remove the app
  4. Remove the Kubernetes secret: kubectl delete secret relvy-github-secret --namespace=relvy

Next Steps

Now that GitHub is connected for your self-hosted deployment: For support or questions, contact us at support@relvy.com.
I