ReaperCI Documentation

ReaperCI documentation

Agent-assisted build triage

ReaperCI gives an agent structured failure context without granting production approval or a general shell.

Create the identity

In Settings > Team, create a service account with only repository read, build read/control, deployment request, server read, and audit read scopes needed for the workflow. Set an expiry and copy the token once.

printf '%s' "$REAPERCI_TOKEN" | reaperci login \
  --url https://ci.example.com \
  --context agent \
  --token-stdin

Triage one failure

REAPERCI_CONTEXT=agent reaperci builds triage 42

The JSON response includes the failed step and exit code, the last 100 log lines, the immutable pipeline and commit, the last green build, and the diff from that build when repository data is available. The agent should cite those fields and separate user-code failure from infrastructure failure before suggesting a retry.

Use reaperci mcp serve for an MCP client. The equivalent tool is reaperci_build_triage. Repository, build, deployment, server, preview, cache, environment, and audit tools use the same public API and service-account identity.

Approval boundary

An agent may request or promote a deployment. If the target is protected, the result stays pending_approval. reaperci_deployment_approve and the REST approval endpoint reject service-account identities even when the token has a general approval scope. A signed-in human owner, admin, or operator must inspect and approve the release.

After the session, verify reaperci audit list --actor-type service_account shows every retry, request, promotion, preview close, or other mutation. Rotate or revoke the service-account token when the automation is retired.