feat: support separate Gitea MCP runtime profiles via env config (#19) #22
Reference in New Issue
Block a user
Delete Branch "feature/19-gitea-runtime-profiles-env"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Closes #19
Roadmap parent: #10
Summary
Lets the same
mcp_server.pyrun as separate MCP entries, each configured with its own token and profile name via environment variables — so roles stay task-scoped (the profile is the role, not the LLM). One token + one profile per process.gitea_auth.get_profile()— readsGITEA_PROFILE_NAME,GITEA_ALLOWED_OPERATIONS(comma → list), andGITEA_BASE_URLas non-secret metadata. Defaults togitea-default/[]/None. Never reads, returns, or logsGITEA_TOKENor any credential.gitea_whoami— now surfaces safe profile metadata (profile_name+allowed_operations) alongside identity, so a workflow can see which runtime it is talking to. Token still never exposed; fail-closed behavior unchanged..env.example— placeholder-only template for one runtime profile..gitignore— adds!.env.exampleso the template is tracked while real.env*files stay ignored.gitea-tools-reviewer,gitea-tools-merger) + env field table.whoamisurfaces profile without leaking token.Files changed (6, +175/-1)
gitea_auth.pyget_profile()(+32)mcp_server.pywhoamireturnsprofile(+11/-1 docstring).env.example.gitignore!.env.examplenegation (+1)README.mdtests/test_mcp_server.pyTestRuntimeProfile(+56)Validation
git diff --check→ clean.python3 -m py_compile mcp_server.py tests/test_mcp_server.py gitea_auth.py→ OK.pytest tests/test_mcp_server.py→ 34 passed (was 30; +4 new).git check-ignore .env.example→ not ignored (trackable);.env.personal→ still ignored.replace-with-token/super-secret-tokenare placeholders/test synthetics; the latter is asserted absent from output).Explicit statements
.env.exampleand tests use placeholders only; real.env*stays gitignored.gitea_whoami(#13 remains separate).whoamichange is additive).Scoped to #19 only. Does not touch #13–#18. Do not merge — awaiting independent review.
Content, scope, and validation passed. Confirmed runtime profiles are safe metadata only, no multi-token switching, and all tests pass (34 passed). Exactly 6 expected files changed. PR is approved.
All checks passed. Verified head
e316120, correct file scope, and 34 passing tests. Merging.