Document Gitea token status checks

2026-05-03 02:08:36 +02:00
parent ae40f41c31
commit 28fbaf37d4
5 changed files with 23 additions and 0 deletions
--- a/README.md
+++ b/README.md
@@ -76,6 +76,21 @@ AUDIT_COMMAND

 If a placeholder does not apply, remove it instead of inventing fake information.

+## Gitea API Token
+
+When working with private repositories on `git.wilkensxl.de`, Codex agents may find a local `GITEA_TOKEN` environment variable on the machine.
+
+Use `GITEA_TOKEN` only for read-oriented Gitea API checks unless the user explicitly asks for a write action. Typical safe checks include repository metadata, workflow run status, and package-read visibility. Never print the token, commit it, or copy it into workflow files.
+
+Example status endpoint:
+
+```text
+GET https://git.wilkensxl.de/api/v1/repos/REPOSITORY_OWNER/REPOSITORY_NAME/actions/runs
+Authorization: token GITEA_TOKEN
+```
+
+`REGISTRY_TOKEN` is still the intended secret name for CI package publishing inside `.gitea/workflows/build.yml`.
+
 ## Agent Prompt For A New Repo

 ```text