> ## Documentation Index
> Fetch the complete documentation index at: https://docs.cloudthinker.io/llms.txt
> Use this file to discover all available pages before exploring further.
# Code Review Setup
> Connect your GitHub, GitLab, Bitbucket, or Azure DevOps repositories for automated AI-powered code reviews
New to Code Review? Start with the [Overview](/guide/code-review/overview) to understand how it works before connecting your repositories.
## Prerequisites
* A GitHub, GitLab, Bitbucket, or Azure DevOps account with repository access
* Familiarity with Git workflows and Pull Requests/Merge Requests
* A CloudThinker workspace
***
## Quick Start
Choose your Git provider and authenticate to grant CloudThinker access.
Open a new PR on your connected repository — CloudThinker detects it automatically.
View status in CloudThinker and detailed findings directly on your PR.
***
## Step-by-Step Guide
### Step 1: Connect Repository
Go to **Code Review** from the navigation menu.
Click **Get Started with Code Review** to open the setup wizard.
Select **GitHub**, **GitLab**, **Bitbucket**, or **Azure DevOps** as your Git provider.
Click **Install GitHub App** to begin the GitHub App installation.
You will be redirected to GitHub to select an organization and grant repository access. After authorizing, you are returned to the setup wizard automatically.
Installing CloudThinker to a GitHub Organization requires **Organization Owner** permissions. If you are not an owner, please request an owner to install the app.
GitHub webhooks are registered automatically by the GitHub App — no manual webhook configuration is needed.
Click **Connect to GitLab** to authenticate via OAuth. This is the simplest option for GitLab.com users.
After connecting, you will need to [configure a webhook manually](#webhook-configuration).
Use a **Project Access Token** or **Group Access Token** for self-hosted GitLab instances or if you prefer manual token management.
**Why use Project/Group tokens?**
* Comments appear from a bot user, not your personal account
* Tokens are scoped to specific projects or groups
* Easier to manage and revoke access
**Connection Details:**
1. **GitLab URL**: Enter `https://gitlab.com` for GitLab.com, or your self-hosted instance URL (e.g., `https://gitlab.example.com`)
2. **Token Type**: Select **Project Access Token** (single project) or **Group Access Token** (all projects in a group)
3. **Access Token**: Paste your generated token
**Self-Hosted GitLab Support**: CloudThinker supports GitLab self-hosted instances running **version 12.0 and above**.
1. Go to your project → **Settings** → **Access Tokens**
2. Click **Add new token**
3. Set role to `Developer` or higher
4. Select scope: `api`
5. Set an expiration date (recommended)
6. Copy the generated token
1. Go to your group → **Settings** → **Access Tokens**
2. Click **Add new token**
3. Set role to `Developer` or higher
4. Select scope: `api`
5. Set an expiration date (recommended)
6. Copy the generated token
**Role Requirements**: The token must have **Developer** role or higher to post code review comments. Guest and Reporter roles cannot post comments on merge requests.
After connecting, you will need to [configure a webhook manually](#webhook-configuration).
Click **Connect to Bitbucket** to authenticate via OAuth. You will be redirected to Bitbucket to authorize workspace access.
Bitbucket webhooks are registered automatically — no manual webhook configuration is needed.
Connect using a Bitbucket Access Token. Choose the token type that matches your access level:
| Token Type | Scope | Plan Required |
| --------------------------- | ------------------------------- | ------------- |
| **Workspace Access Token** | All repositories in a workspace | Premium |
| **Project Access Token** | All repositories in a project | Premium |
| **Repository Access Token** | Single repository only | Free |
**Connection Details:**
1. **Token Type**: Select the token scope from the dropdown
2. **Bitbucket Workspace**: Enter your workspace slug (from the URL: `bitbucket.org//repo`)
3. **Repository Slug** (Repository tokens only): Enter the repository slug
4. **Access Token**: Paste your generated token
Click **Validate Token** first to verify access, then click **Connect** to complete.
**Required Token Permissions:**
* Account: Read
* Repositories: Read, Write
* Pull requests: Read, Write
* Webhooks: Read and write
* Pipelines: Read, Write
1. Go to **Workspace** → **Settings** → **Access tokens**
2. Click **Create workspace access token**
3. Enable the required permissions listed above
4. Set an expiration date (recommended)
5. Copy the generated token
1. Go to **Project** → **Project settings** → **Access tokens**
2. Click **Create project access token**
3. Enable the required permissions listed above
4. Set an expiration date (recommended)
5. Copy the generated token
1. Go to **Repository** → **Repository settings** → **Access tokens**
2. Click **Create Repository Access Token**
3. Enable the required permissions listed above
4. Set an expiration date (recommended)
5. Copy the generated token
Bitbucket webhooks are registered automatically — no manual webhook configuration is needed.
Azure DevOps uses a **Personal Access Token (PAT)** for authentication.
**Connection Details:**
1. **Organization URL**: Enter your Azure DevOps organization URL (e.g., `https://dev.azure.com/your-org` or `https://your-org.visualstudio.com`)
2. **Project**: Enter the project name containing your repositories
3. **Personal Access Token**: Paste your generated PAT
Click **Validate PAT** first to verify access, then click **Connect** to complete.
**Required PAT Scopes:**
* `Build` — Read
* `Code` — Read & Write
* `Pull Request Threads` — Read & Write
1. Go to **Azure DevOps** → **User Settings** (top-right) → **Personal Access Tokens**
2. Click **New Token**
3. Set the organization and expiration date
4. Select the scopes listed above
5. Click **Create** and copy the generated token
PATs expire based on the expiration date you set during creation. Set a reminder to rotate your PAT before it expires to avoid disrupting code reviews.
After connecting, you will need to [configure webhooks manually](#webhook-configuration).
Select the repositories you want to enable for code review and click **Complete** to finish setup.
**Setup Successful!** Once you see your repositories listed, CloudThinker is now monitoring your Pull Requests and Merge Requests.
***
### Webhook Configuration
Some providers require manual webhook configuration. GitHub and Bitbucket register webhooks automatically — no action is needed.
After connecting your GitLab account, configure a webhook in your GitLab project or group:
1. Go to your project/group → **Settings** → **Webhooks**
2. Paste the webhook URL shown in the setup wizard
3. Enter the secret token provided
4. Enable these triggers:
* **Merge request events**
* **Comments**
* **Pipeline events**
5. Click **Add webhook**
After connecting your Azure DevOps project, create **4 separate service hooks** in Azure DevOps:
1. Go to **Project Settings** → **Service hooks**
2. Click **Create subscription** and select **Web Hooks**
3. Create one hook for each of these events:
* **Pull request created**
* **Pull request updated**
* **Pull request commented on**
* **Build completed**
4. For each hook, paste the webhook URL shown in the setup wizard
5. Use **Basic authentication** with the secret token as the password (leave username empty)
***
### Step 2: Create Pull Request
Navigate to your connected repository on GitHub, GitLab, Bitbucket, or Azure DevOps.
Create a new Pull Request with your code changes. CloudThinker will automatically detect the PR and start the AI-powered review.
***
### Step 3: View Results
View the review status for all your Pull Requests in the CloudThinker dashboard.
Open your Pull Request to see the AI-generated summary and in-line code comments with detailed recommendations.
***
## Review modes
CloudThinker offers two review modes that you can configure per repository:
| Mode | Description |
| ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
| **Fast** | Quick analysis, lower cost. Ideal for small PRs and rapid feedback. |
| **Advanced** | Deep analysis with specialists. The review is split across specialist agents for security, performance, correctness, and patterns. Best for critical repositories. |
You can switch between modes in your repository settings at any time.
***
## Pipeline monitoring
CloudThinker can monitor your CI/CD pipelines for failures and automatically analyze failed job logs.
When a pipeline fails, CloudThinker:
1. Detects the failed pipeline run
2. Fetches and analyzes the failed job logs with AI
3. Posts findings and suggested fixes directly on the PR
Pipeline monitoring can be toggled on or off per workspace. It is **enabled by default**.
For Azure DevOps, CloudThinker monitors `build.complete` events alongside pull request events (`git.pullrequest.created`, `git.pullrequest.updated`) to detect failures and analyze logs automatically.
***
## Filter configuration
Control which MRs/PRs CloudThinker reviews using label, author, and branch filters. Filters are configured per-repository in your repository settings after setup is complete.
* **Label filters**: Include or exclude PRs with specific labels
* **Author filters**: Include or exclude specific authors from reviews
* **Branch filters**: Include or exclude branches matching specific patterns (filters by target branch — the branch being merged into)
**Exclude** filters are checked first. **Include** filters must all pass. PRs that match an exclude filter are marked as **FILTERED** and skipped entirely.
***
## Incremental reviews
When you push new commits to an open PR, CloudThinker performs an **incremental review** — only the new changes are analyzed, not the entire PR. This keeps reviews fast and focused on what actually changed.
***
## What's Next
Track team review activity and measure code quality improvements over time
Auto-create Jira tickets for critical findings and pull Confluence context into reviews
Configure where code review findings are delivered
See a full end-to-end example: SQL injection found, Jira ticket created automatically