feat: add read-only gitea_get_profile discovery tool (#13) #23
Reference in New Issue
Block a user
Delete Branch "feature/13-gitea-profile-discovery"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Closes #13
Roadmap parent: #10
Summary
Adds a read-only MCP tool
gitea_get_profilethat reports the active runtime execution profile, so an LLM can inspect what the current process is configured to do before deciding whether an action should be attempted later.Returned safe metadata:
profile_nameallowed_operations,forbidden_operationsaudit_labeltoken_source_name— a name only (e.g.GITEA_TOKEN), never a valuebase_url,remote, resolvedserverauthenticated_username(optional, read-only lookup)identity_status—verified/unknown/unavailable/not_resolvedBehavior:
nullandidentity_statusmarks it, but the profile config is still returned (inspectable). Unknown remote is markedunknownwith aremote_error, not raised.Supporting change:
gitea_auth.get_profile()extended to read three new non-secret env fields —GITEA_FORBIDDEN_OPERATIONS,GITEA_AUDIT_LABEL,GITEA_TOKEN_SOURCE(name only).gitea_whoamioutput is unchanged.Files changed (5, +195/-8)
mcp_server.pygitea_get_profiletool (+70)gitea_auth.pyget_profile()gainsforbidden_operations,audit_label,token_source_name.env.exampleREADME.mdtests/test_mcp_server.pyTestProfileDiscovery(7 tests) + adjusted one #19 assertion (see note)Validation
git diff --check→ clean.python3 -m py_compile mcp_server.py tests/test_mcp_server.py gitea_auth.py→ OK.pytest tests/test_mcp_server.py→ 41 passed.super-secret-token, asserted absent from output).Explicit statements
.env.example/tests use placeholders; real.env*stays gitignored.Note on the adjusted #19 test
get_profile()now legitimately returns atoken_source_namefield (a non-secret name). The old #19 test asserted the substring"token"never appears in the dict repr — too broad now that a non-secret field name contains it. Updated to assert the token value never appears and thattoken_source_nameisNonewhen unset. Intent (token value never leaks) is preserved and strengthened.Scoped to #13 only. Does not touch #14–#18. Do not merge — awaiting independent review.
Independent review for issue #13 is held due reviewer eligibility.
Validation performed:
master.jcwalker3, which matches the PR author, so I cannot approve this PR from this account.38c96d5..env.example,README.md,gitea_auth.py,mcp_server.py,tests/test_mcp_server.py.git fetch --all --prunecompleted.git diff --check prgs/master...38c96d5passed.git diff --name-only prgs/master...38c96d5returned only the expected files.python3 -m py_compile mcp_server.py tests/test_mcp_server.py gitea_auth.pypassed.pytest tests/test_mcp_server.pypassed: 41 passed.git check-ignore .env.personal || trueconfirmed.env.personalis ignored.git check-ignore .env.example || truereturned no output, as expected for the tracked example file.Manual review notes:
gitea_get_profileis read-only and only attempts a GET to/api/v1/userfor optional identity resolution; it does not create/update/delete/comment/approve/merge/label/push/deploy/rollback/restart/migrate anything.identity_status: "unavailable"; README/tool docs describe profile metadata as descriptive/inspectable and do not present unavailable identity as eligible for mutation.token_source_nameis operator-declared metadata only; no automatic secret path discovery or token value exposure found.token_source_name..env.exampleuses placeholders/example-invalid values only.Blocker: reviewer is ineligible from the current authenticated Gitea account (
jcwalker3). A different reviewer account is required to approve.All checks passed. Verified head
38c96d5, correct file scope, and 41 passing tests. Merging.