feat: add read-only gitea_get_profile discovery tool (#13)
Add a read-only MCP tool that reports the active runtime execution profile so an LLM can inspect what the current process is configured to do before deciding whether to attempt an action later. - gitea_get_profile: returns profile_name, allowed/forbidden operation categories, audit_label, token_source_name (a NAME, never a value), base_url, remote, resolved server, and — optionally — the verified authenticated username. Identity resolution fails soft and marks identity_status (verified/unknown/unavailable/not_resolved); the profile config is always returned. Never mutates Gitea. - gitea_auth.get_profile(): extended with forbidden_operations, audit_label, token_source_name from env (non-secret metadata). - .env.example / README: document the new optional metadata vars and the discovery tool. - tests: metadata parsing, verified/unavailable/unknown identity paths, skip-identity, and secret-redaction. Read-only. No token exposure. No multi-token switching. No PR eligibility, review, or merge workflow. No Jenkins/Ops/GlitchTip/ Release/deploy behavior. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -22,3 +22,14 @@ GITEA_PROFILE_NAME=gitea-reviewer
|
||||
# Optional, comma-separated operation categories this profile is intended for
|
||||
# (descriptive only in this issue; enforcement is a later roadmap item).
|
||||
GITEA_ALLOWED_OPERATIONS=read,review,approve
|
||||
|
||||
# Optional, comma-separated operation categories this profile must NOT perform
|
||||
# (descriptive metadata; surfaced by gitea_get_profile).
|
||||
GITEA_FORBIDDEN_OPERATIONS=merge,branch.push
|
||||
|
||||
# Optional short label attached to this runtime for audit purposes.
|
||||
GITEA_AUDIT_LABEL=reviewer-runtime
|
||||
|
||||
# Optional NAME of the token's source (e.g. an env var name). This is a name
|
||||
# only — never the token value. Surfaced by gitea_get_profile.
|
||||
GITEA_TOKEN_SOURCE=GITEA_TOKEN
|
||||
|
||||
Reference in New Issue
Block a user