Complete Guide to GitHub Integration with Mesrai
Setting up Mesrai’s GitHub integration is the first step to automating your code reviews and accelerating your development workflow. In this comprehensive guide, we’ll walk you through every step of the process, from installation to advanced configuration.
Why Integrate Mesrai with GitHub?
GitHub integration with Mesrai brings powerful automation to your development workflow:
- Automatic PR Reviews: Every pull request gets reviewed by AI within seconds
- Inline Comments: Get contextual feedback directly on your code
- Real-time Notifications: Stay informed about code quality issues
- Seamless Workflow: No disruption to your existing GitHub workflow
- Team Collaboration: Share insights and track team performance
Prerequisites
Before you begin, ensure you have:
- GitHub Account: Admin access to the repositories you want to review
- Mesrai Account: Sign up at mesrai.com if you haven’t already
- Repository Access: Permissions to install GitHub Apps
- Active Plan: Free tier or paid subscription
Step 1: Install the Mesrai GitHub App
Installation Process
-
Navigate to GitHub Marketplace
- Go to GitHub Marketplace
- Search for “Mesrai” or visit directly
-
Choose Installation Type
- All Repositories: Install on all current and future repos
- Selected Repositories: Choose specific repos to monitor
-
Grant Permissions The Mesrai GitHub App requires:
- Read access to repository code
- Write access for PR comments
- Webhook access for event notifications
- Read access to pull requests
-
Authorize the App
- Click “Install” to authorize Mesrai
- Authenticate with your GitHub credentials
- Confirm the installation
What Happens After Installation?
Once installed, Mesrai:
- Configures webhooks automatically
- Starts monitoring new pull requests
- Syncs existing open PRs (optional)
- Sends a confirmation email
Step 2: Configure Repository Settings
After installation, configure your repository settings for optimal performance:
1. Review Triggers
Configure when Mesrai should review code:
# .mesrai/config.yml
triggers:
on_pull_request:
opened: true
synchronize: true
reopened: true
on_push:
enabled: false
auto_review: true2. Branch Protection Rules
Set up branch protection to enforce reviews:
protected_branches:
- main
- develop
- release/*
require_review_approval: true
min_approvals: 13. File Exclusions
Exclude certain files from review:
exclude_patterns:
- "*.md"
- "package-lock.json"
- "yarn.lock"
- "dist/**"
- "build/**"Step 3: Test Your Integration
Create a Test Pull Request
- Create a New Branch
git checkout -b test/mesrai-integration- Make a Simple Change
// Add a simple function
function greet(name) {
return `Hello, ${name}!`
}- Push and Create PR
git add .
git commit -m "Test Mesrai integration"
git push origin test/mesrai-integration- Open Pull Request
- Go to your repository on GitHub
- Click “New Pull Request”
- Select your test branch
- Create the PR
Verify the Review
Within 30-60 seconds, you should see:
- ✅ Mesrai bot comment on your PR
- ✅ Review status check
- ✅ Inline suggestions (if applicable)
- ✅ Overall quality score
Advanced Configuration
Custom Review Rules
Create custom rules for your team’s coding standards:
# .mesrai/rules.yml
rules:
complexity:
max_cyclomatic_complexity: 10
max_function_length: 50
naming:
enforce_camel_case: true
min_identifier_length: 3
security:
check_sql_injection: true
check_xss: true
check_hardcoded_secrets: trueWebhook Configuration
For advanced use cases, configure custom webhooks:
- Go to Repository Settings → Webhooks
- Find Mesrai Webhook (installed automatically)
- Verify Events:
- ✅ Pull requests
- ✅ Push
- ✅ Pull request reviews
Environment-Specific Settings
Configure different rules for different branches:
environments:
production:
branch: main
strictness: high
require_tests: true
staging:
branch: develop
strictness: medium
require_tests: true
development:
branch: feature/*
strictness: low
require_tests: falseTroubleshooting Common Issues
Issue 1: Mesrai Not Commenting on PRs
Possible Causes:
- GitHub App not installed correctly
- Insufficient permissions
- Repository not selected during installation
- Webhooks not configured
Solutions:
- Verify installation in GitHub Settings
- Check repository access
- Reinstall the GitHub App
- Review webhook delivery logs
Issue 2: Delayed Reviews
Possible Causes:
- Large pull request (1000+ lines)
- High system load
- Rate limiting
Solutions:
- Break large PRs into smaller chunks
- Check your plan’s rate limits
- Upgrade to higher tier for priority processing
Issue 3: Missing Inline Comments
Possible Causes:
- File type not supported
- No issues detected
- Comments disabled in settings
Solutions:
- Check supported file types
- Verify configuration settings
- Review exclusion patterns
Issue 4: Permission Errors
Possible Causes:
- Insufficient GitHub permissions
- Organization restrictions
- Repository access revoked
Solutions:
- Verify GitHub App permissions
- Check organization settings
- Contact your GitHub admin
Best Practices
1. Start Small
Begin with a few repositories to:
- Test the integration
- Train your team
- Fine-tune settings
- Gather feedback
2. Configure Thoughtfully
- Set appropriate strictness levels
- Exclude generated files
- Define clear review thresholds
- Document your configuration
3. Monitor Performance
Track key metrics:
- Average review time
- Issues detected per PR
- False positive rate
- Team adoption rate
4. Iterate and Improve
- Review feedback regularly
- Adjust rules based on learnings
- Update exclusion patterns
- Refine custom rules
5. Team Training
Ensure your team:
- Understands how to interpret reviews
- Knows how to request re-reviews
- Can configure repository settings
- Follows established workflows
Security Considerations
Data Privacy
Mesrai takes security seriously:
- No Permanent Storage: Source code is never stored permanently
- Encryption in Transit: All data encrypted via TLS 1.3
- Isolated Processing: Each review runs in isolated containers
- Compliance: SOC 2 Type II certified
Access Control
Configure proper access control:
- Limit app installation to authorized users
- Use organization-level settings
- Review audit logs regularly
- Implement principle of least privilege
Secret Detection
Enable secret scanning to prevent:
- API key leaks
- Password exposure
- Token commits
- Credential leaks
Integration with CI/CD
GitHub Actions Integration
Combine Mesrai with GitHub Actions:
name: Code Review Workflow
on: [pull_request]
jobs:
mesrai-review:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Wait for Mesrai Review
run: |
# Wait for Mesrai to complete review
sleep 30
- name: Check Review Status
run: |
# Verify review passed
gh pr checks ${{ github.event.pull_request.number }}Jenkins Integration
For Jenkins pipelines:
pipeline {
stage('Code Review') {
steps {
script {
// Trigger Mesrai review
sh 'curl -X POST https://api.mesrai.com/review'
// Wait for completion
timeout(time: 5, unit: 'MINUTES') {
waitUntil {
def status = sh(
script: 'curl https://api.mesrai.com/status',
returnStdout: true
)
return status.contains('completed')
}
}
}
}
}
}Next Steps
Now that your GitHub integration is set up:
- Explore Features: Check out Organizations and Teams
- Configure Billing: Set up billing and subscriptions
- Review Analytics: Monitor team performance
- API Access: Explore the API reference
Conclusion
GitHub integration is the foundation of Mesrai’s automated code review system. By following this guide, you’ve set up a powerful workflow that will help your team ship code faster while maintaining high quality standards.
Need help? Check our FAQ or contact support at support@mesrai.com.
Related Articles: