space/gitea-codex
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

first commit

Browse Source
This commit is contained in:
Space-Banane
2026-05-22 19:25:47 +02:00
commit 673f70b32a
1 changed files with 80 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

80
README.md Normal file
View File

@@ -0,0 +1,80 @@
# Gitea Codex Review Bot
Webhook-driven PR review bot for Gitea.
## Features
- Handles `issue_comment` and `pull_request_comment` events.
- Verifies `X-Gitea-Signature` HMAC (`sha256`).
- Triggers on `@codex review`, `@codex rerun`, `@codex explain`, `@codex fix`, `@codex ignore`.
- Ignores bot-authored comments.
- Enforces strict repository allowlist (`ALLOWED_REPOS`).
- Deduplicates webhook deliveries/comments in DB.
- Enforces PR cooldown for review requests.
- Uses MariaDB + SQLAlchemy + Alembic.
- Runs review jobs through ephemeral runner containers (with local fallback if Docker runtime is unavailable).
- Posts/updates one persistent PR summary comment.
- Supports repository config via `.codex-review.yml`.
## Endpoints
- `POST /webhook/gitea`
- `GET /healthz`
## Webhook Setup Model
This bot is designed for self-hosted deployment:
1. You host this service yourself.
2. A Gitea admin points webhook events to your hosted endpoint:
- `https://your-bot-domain/webhook/gitea`
3. Gitea sends `issue_comment` and `pull_request_comment` events to that endpoint.
Webhook configuration is manual by design.
## Environment
Use `.env.example` as template.
Required:
- `GITEA_BASE_URL`
- `GITEA_TOKEN`
- `GITEA_BOT_USERNAME`
- `GITEA_WEBHOOK_SECRET`
- `OPENAI_API_KEY`
- `ALLOWED_REPOS`
- `DB_HOST`, `DB_PORT`, `DB_NAME`, `DB_USER`, `DB_PASSWORD`
Optional:
- `OPENAI_PROJECT_ID`
- `OPENAI_ORG_ID`
- `DATABASE_URL` (overrides composed DB URL)
## Local Run
```bash
python -m pip install -e .[dev]
alembic upgrade head
uvicorn gitea_codex_bot.main:app --host 0.0.0.0 --port 8000
```
## Docker Compose
```bash
docker compose up --build
```
## CI
The workflow in `.gitea/workflows/ci.yml`:
1. starts MariaDB service,
2. runs Alembic migrations + tests,
3. builds and pushes image tags to `gitea.reversed.dev/space/gitea-codex` on push.
Expected secrets for publish job:
- `REGISTRY_USERNAME`
- `REGISTRY_PASSWORD`