Data flow

To provide full transparency, we will explain how data is moved through our solution and how we make sure critical data is never stored.

1. Webhooks

FirstMate will wake up on webhook calls received from the git provider. The Api-Gateway microservice is responsible to handle all incoming traffic between Git providers and FirstMate. When a webhook is received, the api gateway will parse these request and publish a message on the service bus. The api gateway will also record statistics of received actions that can be displayed in the platform through the backend api.

Following webhooks will trigger an action:

• Pull request created/updated
• Pull request comment
• Pipeline run finished
• Pull request closed
• Pull request merged

2. Agent

The agent lifespans and messages on the service bus are orchestrated by the queue manager. Every message of your organisation on the service bus will be processed by an agent in a dedicated docker container of your organisation. This ensures that data of different organisations is always processed separately. The agent does not have any disks attached (code is never stored on persistent disks). After 30 minutes of inactivity, the queue manager will permanently destroy your organisation container together with your cloned code and the calculated data in the agent.

3. Private LLM

The agent will only share code with an Azure private LLM. Neither FirstMate nor the LLMs provider(s) share any data collected during the code review process with third parties.

4. Git manager

The git manager provides authenticated and secure calls to git providers. To perform authenticated requests, credentials are kept in a safe and secure keyvault. The management of these secrets and the rotation of these credentials is the responsibility of the FirstMate team. The git manager will also store calculated insights and statistics based on your code in the persistent database. This will provide you valuable insights in your organisation and repo's.