# Gitea Token Setup for AI Code Reviewer

## Required Token Permissions

| Permission | Level | Reason |
|---|---|---|
| **repository** | Read and Write | Read PR details, branches, diff; post review comments |
| **issue** | Read and Write | Create and delete progress comments on PRs (Gitea treats PR comments as issues internally) |
| **user** | Read | Fetch current bot user info to verify reviewer assignment |

All other permissions (`activitypub`, `misc`, `notification`, `organization`, `package`) should be set to **No Access**.

## How to Generate the Token

1. Log in to Gitea as the **bot account** that will be assigned as a reviewer
2. Go to **Settings** → **Applications** (top right avatar → Settings → Applications)
3. Under **Manage Access Tokens** click **Generate Token**
4. Fill in:
   - **Token Name**: `ai-code-reviewer` (or any descriptive name)
   - **Expiration**: set according to your security policy
5. Set permissions as described in the table above
6. Click **Generate Token**
7. **Copy the token immediately** — it will not be shown again

## Adding the Token to Your Repository

1. Go to your repository → **Settings** → **Secrets**
2. Click **Add Secret**
3. Set:
   - **Name**: `CC_GITEATOKEN`
   - **Value**: paste the token generated above
4. Click **Save**

## Important Notes

- The token must belong to the account that is **assigned as a reviewer** on pull requests — this is how the reviewer verification check works
- Treat the token as a password — never commit it to the repository