37 lines
1.5 KiB
Markdown
37 lines
1.5 KiB
Markdown
# Gitea Token Setup for AI Code Reviewer
|
|
|
|
## Required Token Permissions
|
|
|
|
| Permission | Level | Reason |
|
|
|---|---|---|
|
|
| **repository** | Read and Write | Read PR details, branches, diff; post review comments |
|
|
| **issue** | Read and Write | Create and delete progress comments on PRs (Gitea treats PR comments as issues internally) |
|
|
| **user** | Read | Fetch current bot user info to verify reviewer assignment |
|
|
|
|
All other permissions (`activitypub`, `misc`, `notification`, `organization`, `package`) should be set to **No Access**.
|
|
|
|
## How to Generate the Token
|
|
|
|
1. Log in to Gitea as the **bot account** that will be assigned as a reviewer
|
|
2. Go to **Settings** → **Applications** (top right avatar → Settings → Applications)
|
|
3. Under **Manage Access Tokens** click **Generate Token**
|
|
4. Fill in:
|
|
- **Token Name**: `ai-code-reviewer` (or any descriptive name)
|
|
- **Expiration**: set according to your security policy
|
|
5. Set permissions as described in the table above
|
|
6. Click **Generate Token**
|
|
7. **Copy the token immediately** — it will not be shown again
|
|
|
|
## Adding the Token to Your Repository
|
|
|
|
1. Go to your repository → **Settings** → **Secrets**
|
|
2. Click **Add Secret**
|
|
3. Set:
|
|
- **Name**: `CC_GITEATOKEN`
|
|
- **Value**: paste the token generated above
|
|
4. Click **Save**
|
|
|
|
## Important Notes
|
|
|
|
- The token must belong to the account that is **assigned as a reviewer** on pull requests — this is how the reviewer verification check works
|
|
- Treat the token as a password — never commit it to the repository |