Setup

New to Code Review? Start with the Overview to understand how it works before connecting your repositories.

Prerequisites

A GitHub, GitLab, Bitbucket, or Azure DevOps account with repository access
Familiarity with Git workflows and Pull Requests/Merge Requests
A CloudThinker workspace

Quick Start

Connect Repository

Choose your Git provider and authenticate to grant CloudThinker access.

Create Pull Request

Open a new PR on your connected repository — CloudThinker detects it automatically.

Review Findings

View status in CloudThinker and detailed findings directly on your PR.

Step-by-Step Guide

Step 1: Connect Repository

Open Code Review

Go to Code Review from the navigation menu.

Start setup

Click Get Started with Code Review to open the setup wizard.

Choose provider

Select GitHub, GitLab, Bitbucket, or Azure DevOps as your Git provider.

Authenticate

Click Install GitHub App to begin the GitHub App installation.You will be redirected to GitHub to select an organization and grant repository access. After authorizing, you are returned to the setup wizard automatically.

Installing CloudThinker to a GitHub Organization requires Organization Owner permissions. If you are not an owner, please request an owner to install the app.

GitHub webhooks are registered automatically by the GitHub App — no manual webhook configuration is needed.

Use a Project Access Token or Group Access Token for self-hosted GitLab instances or if you prefer manual token management.Why use Project/Group tokens?

Comments appear from a bot user, not your personal account
Tokens are scoped to specific projects or groups
Easier to manage and revoke access

Connection Details:

GitLab URL: Enter https://gitlab.com for GitLab.com, or your self-hosted instance URL (e.g., https://gitlab.example.com)
Token Type: Select Project Access Token (single project) or Group Access Token (all projects in a group)
Access Token: Paste your generated token

Self-Hosted GitLab Support: CloudThinker supports GitLab self-hosted instances running version 12.0 and above.

How to create a Project Access Token

Go to your project → Settings → Access Tokens
Click Add new token
Set role to Developer or higher
Select scope: api
Set an expiration date (recommended)
Copy the generated token

How to create a Group Access Token

Go to your group → Settings → Access Tokens
Click Add new token
Set role to Developer or higher
Select scope: api
Set an expiration date (recommended)
Copy the generated token

Role Requirements: The token must have Developer role or higher to post code review comments. Guest and Reporter roles cannot post comments on merge requests.

After connecting, you will need to configure a webhook manually.

Connect using a Bitbucket Access Token. Choose the token type that matches your access level:

Token Type	Scope	Plan Required
Workspace Access Token	All repositories in a workspace	Premium
Project Access Token	All repositories in a project	Premium
Repository Access Token	Single repository only	Free

Connection Details:

Token Type: Select the token scope from the dropdown
Bitbucket Workspace: Enter your workspace slug (from the URL: bitbucket.org/<workspace>/repo)
Repository Slug (Repository tokens only): Enter the repository slug
Access Token: Paste your generated token

Click Validate Token first to verify access, then click Connect to complete.Required Token Permissions:

Account: Read
Repositories: Read, Write
Pull requests: Read, Write
Webhooks: Read and write
Pipelines: Read, Write

How to create a Workspace Access Token

Go to Workspace → Settings → Access tokens
Click Create workspace access token
Enable the required permissions listed above
Set an expiration date (recommended)
Copy the generated token

How to create a Project Access Token

Go to Project → Project settings → Access tokens
Click Create project access token
Enable the required permissions listed above
Set an expiration date (recommended)
Copy the generated token

How to create a Repository Access Token

Go to Repository → Repository settings → Access tokens
Click Create Repository Access Token
Enable the required permissions listed above
Set an expiration date (recommended)
Copy the generated token

Bitbucket webhooks are registered automatically — no manual webhook configuration is needed.

Azure DevOps uses a Personal Access Token (PAT) for authentication.Connection Details:

Organization URL: Enter your Azure DevOps organization URL (e.g., https://dev.azure.com/your-org or https://your-org.visualstudio.com)
Project: Enter the project name containing your repositories
Personal Access Token: Paste your generated PAT

Click Validate PAT first to verify access, then click Connect to complete.Required PAT Scopes:

Build — Read
Code — Read & Write
Pull Request Threads — Read & Write

How to create a PAT

Go to Azure DevOps → User Settings (top-right) → Personal Access Tokens
Click New Token
Set the organization and expiration date
Select the scopes listed above
Click Create and copy the generated token

PATs expire based on the expiration date you set during creation. Set a reminder to rotate your PAT before it expires to avoid disrupting code reviews.

After connecting, you will need to configure webhooks manually.

Select repositories

Select the repositories you want to enable for code review and click Complete to finish setup.

Setup Successful! Once you see your repositories listed, CloudThinker is now monitoring your Pull Requests and Merge Requests.

Webhook Configuration

Some providers require manual webhook configuration. GitHub and Bitbucket register webhooks automatically — no action is needed.

GitLab
Azure DevOps

After connecting your GitLab account, configure a webhook in your GitLab project or group:

Go to your project/group → Settings → Webhooks
Paste the webhook URL shown in the setup wizard
Enter the secret token provided
Enable these triggers:
- Merge request events
- Comments
- Pipeline events
Click Add webhook

Step 2: Create Pull Request

Open your repository

Navigate to your connected repository on GitHub, GitLab, Bitbucket, or Azure DevOps.

Create a Pull Request

Create a new Pull Request with your code changes. CloudThinker will automatically detect the PR and start the AI-powered review.

Step 3: View Results

Check status in CloudThinker

View the review status for all your Pull Requests in the CloudThinker dashboard.

View findings on your Git provider

Open your Pull Request to see the AI-generated summary and in-line code comments with detailed recommendations.

Review modes

CloudThinker offers two review modes that you can configure per repository:

Mode	Description
Fast	Quick analysis, lower cost. Ideal for small PRs and rapid feedback.
Advanced	Deep analysis with specialists. The review is split across specialist agents for security, performance, correctness, and patterns. Best for critical repositories.

You can switch between modes in your repository settings at any time.

Pipeline monitoring

CloudThinker can monitor your CI/CD pipelines for failures and automatically analyze failed job logs. When a pipeline fails, CloudThinker:

Detects the failed pipeline run
Fetches and analyzes the failed job logs with AI
Posts findings and suggested fixes directly on the PR

Pipeline monitoring can be toggled on or off per workspace. It is enabled by default. For Azure DevOps, CloudThinker monitors build.complete events alongside pull request events (git.pullrequest.created, git.pullrequest.updated) to detect failures and analyze logs automatically.

Filter configuration

Control which PRs CloudThinker reviews using author and branch filters. Filters are configured per-repository in your repository settings after setup is complete.

Author filters: Include or exclude specific authors from reviews (whitelist/blacklist)
Branch filters: Include or exclude branches matching specific patterns

PRs that match an exclude filter are marked as FILTERED and skipped entirely.

Incremental reviews

When you push new commits to an open PR, CloudThinker performs an incremental review — only the new changes are analyzed, not the entire PR. This keeps reviews fast and focused on what actually changed.

What’s Next

Leaderboard

Track team review activity and measure code quality improvements over time

Atlassian Integration

Auto-create Jira tickets for critical findings and pull Confluence context into reviews

Notifications

Configure where code review findings are delivered

Code Review Automation

See a full end-to-end example: SQL injection found, Jira ticket created automatically

Code Review

Infrastructure

Cost Optimization

Incident

Skills

Prerequisites

Quick Start