Skip to content

Secrets and Variables Analysis#

This document outlines the secrets and variables used in the metagit-detect project, their sources, and their roles in the application's runtime and CI/CD workflows.

Runtime Secrets and Variables#

These secrets and variables are sourced from .env files and are used by the application at runtime. The .env.example file provides a template for these variables.

  • GITHUB_TOKEN:

    • Description: A GitHub Personal Access Token (PAT) used to authenticate with the GitHub API. This is required for analyzing repositories, fetching metadata, and other interactions with GitHub.
    • Source: .env file.
    • Usage: Used by the github provider in the application.

  • GITLAB_TOKEN:

    • Description: A GitLab Personal Access Token (PAT) used to authenticate with the GitLab API. This is necessary for interacting with GitLab repositories.
    • Source: .env file.
    • Usage: Used by the gitlab provider in the application.

  • METAGIT_LLM_TOKEN:

    • Description: The API token for the configured Large Language Model (LLM) provider. This is used for features that leverage LLMs.
    • Source: .env file.
    • Usage: Used by the LLM client in the application.

  • OPENROUTER_API_KEY:

    • Description: The API key for the OpenRouter service. This is used when openrouter is configured as the LLM provider.
    • Source: .env file.
    • Usage: Used by the LLM client when the provider is set to openrouter.

CI/CD Secrets and Variables#

These secrets are configured in the GitHub repository's secrets and are used in the CI/CD workflows.

  • secrets.GITHUB_TOKEN:

    • Description: A GitHub token that is automatically generated by GitHub Actions. It is used to authenticate with the GitHub API for various tasks within the CI/CD pipelines.
    • Source: GitHub repository secrets.
    • Usage:
      • Publishing Docker images to the GitHub Container Registry (ghcr.io).
      • Creating and managing GitHub releases.

  • secrets.PYPI_API_TOKEN:

    • Description: An API token for PyPI, used to authenticate and publish the Python package to the Python Package Index.
    • Source: GitHub repository secrets, configured as a trusted publisher.
    • Usage: Publishing the package to PyPI in the release.yaml workflow.