Skip to main content
Follow the steps below to enable and configure Code Writer so agents and Glean Assistant can propose code changes and open draft pull requests in GitHub.

Before you begin

Prerequisites
  • The GitHub connector is set up and crawling the repositories where Code Writer will propose changes.
  • You or a GitHub admin must have permissions to install the Glean GitHub App in the relevant organization(s).
  • For Glean‑billed customers, Code Writer uses the same Vertex AI configuration as Assistant. For bring‑your‑own keys, Code Writer works only with a compatible Bedrock instance in the same project where Glean runs. Third‑party Anthropic keys are not used for Code Writer.
  • If you plan to use Code Writer from Slack, ensure Glean in Slack is installed and configured for your workspace.
  • Code writer is available both on GCP and AWS.

Install the Glean GitHub App

Code Writer uses a central GitHub App to read and write code. If you have not already done so, you must install the Glean GitHub App in your GitHub organization.
  1. In GitHub, open your organization settings.
  2. Install the Glean GitHub App for the organization that hosts your repositories.
  3. Grant read and write access to the repositories where Code Writer should be allowed to open pull requests.
You can limit installation to a subset of repositories if you want to restrict where Code Writer can run.

Configure the Code Writer action pack

Code Writer is configured as a code generation action in the Admin console.
  1. Open the Admin console.
  2. Go to Actions.
  3. Select the + Add button in the upper right corner.
  4. Select the Code generation action template.

Enter configuration details

Enter the requested configuration details:
  • Instance name – give this configuration a clear name.
  • Datasource instance – choose the GitHub data source instance to use.

Choose authentication mode

In the Authenticate step, decide how Code Writer runs against GitHub:
  • User OAuth (recommended)
    • Each teammate connects their own GitHub account the first time they use Code Writer.
    • Tokens refresh automatically after first use.
    • Actions run under the user’s identity and permissions.
  • Central OAuth
    • Uses the default OAuth app for a shared service identity.
    • Suitable for narrow, well‑scoped use cases where a single service account owns changes.
Most organizations should start with User OAuth for clearer auditability and least‑privilege access.

(Optional) Configure GPG commit signing

If you want commits from Code Writer to appear as verified in GitHub:
  1. In the Code generation / Code Writer configuration, find GPG commit signing (optional).
  2. Upload the GPG private key you want Code Writer to use.
  3. Confirm that the UI shows Commits will be signed.

Control who can use Code Writer

In the Enable actions section:
  1. Choose which teammates or groups can access Code Writer:
    • All teammates
    • Specific groups or departments
    • Pilot groups for initial rollout
  2. Save your changes.
These access controls apply across:
  • Glean Assistant (engineers asking Assistant to create draft PRs).
  • Agents that include Code Writer action steps.
  • Glean in Slack using Code Writer from channels.

Security and governance

To help security and compliance teams evaluate Code Writer:
  • Scope
    • Code Writer can only access repositories:
      • Included in the GitHub connector, and
      • Granted to the Glean GitHub App during installation.
  • Identity
    • With User OAuth, actions run as the signed‑in GitHub user.
    • With Central OAuth, actions run as the configured service identity.
  • Audit trail
    • All changes land in GitHub branches and pull requests.
    • Your existing GitHub reviewers, branch protection rules, and CI pipelines remain in control.