How to Integrate Deepwiki with Private Repositories for Automated Code Documentation

Integrating Deepwiki with private repositories requires configuring a GitHub Personal Access Token (PAT) with read access, enabling the Deepwiki service to pull source code via the GitHub API and generate documentation through automated CI/CD pipelines or direct API calls to the /v1/generate endpoint.

The cyfyifanchen/one-person-company repository identifies Deepwiki as an AI-powered documentation engine capable of automatically generating technical documentation and understanding project structures. According to the curated tool list in README.md (lines 333-359), Deepwiki specifically supports private repository integration, making it suitable for automating documentation in closed-source projects without exposing proprietary code.

Architecture Overview for Private Repository Integration

To integrate Deepwiki with a private GitHub repository, you must implement a five-component architecture that handles authentication, code retrieval, and documentation storage securely.

The workflow involves:

1. Source Repository (GitHub) – Hosts the private codebase requiring documentation.
2. Deepwiki Service – Executes a background worker that pulls repository data via the GitHub API, parses the file tree, and processes source files through a large language model (LLM) for documentation generation.
3. Authentication Layer – Utilizes a GitHub Personal Access Token (PAT) or OAuth application token stored in GitHub Secrets, granting Deepwiki read-only access to the private repository.
4. Documentation Store – Receives generated markdown files either committed to a dedicated docs/ folder within the same repository or pushed to external storage (S3, GCS, etc.).
5. CI/CD Hook (Optional) – A GitHub Actions workflow triggers Deepwiki on push events, pull requests, or scheduled intervals to ensure documentation remains synchronized with code changes.

GitHub (private repo) ──► Deepwiki Worker
      ▲                         │
      │  (PAT / OAuth)          ▼
      └─────► Docs Store (repo/docs or cloud)

Setting Up Authentication for Private Repositories

Before Deepwiki can access your private repository, you must configure secure authentication credentials that grant read-only permissions without exposing sensitive tokens in your codebase.

Generating a Personal Access Token

Create a GitHub Personal Access Token (PAT) with the minimum required scopes:

1. Navigate to GitHub Settings > Developer settings > Personal access tokens > Tokens (classic) or Fine-grained tokens.
2. Select repo scope for classic tokens, or grant Read access to code and metadata for fine-grained tokens specific to the cyfyifanchen/one-person-company repository.
3. Copy the generated token immediately, as it will not be displayed again.

Configuring GitHub Secrets

Store the PAT securely within your repository settings:

1. In the GitHub repository, navigate to Settings > Secrets and variables > Actions.
2. Click New repository secret.
3. Name the secret DEEPWIKI_GITHUB_TOKEN and paste your PAT value.
4. If using Deepwiki's hosted service, also add DEEPWIKI_API_KEY containing your Deepwiki service token.

Implementation Methods

Once authentication is configured, you can implement Deepwiki integration through either automated CI/CD pipelines or direct API programming.

Automated CI/CD with GitHub Actions

Create a workflow file at .github/workflows/deepwiki-docs.yml to trigger documentation generation automatically:

name: Auto‑doc with Deepwiki
on:
  push:
    branches: [ main ]
  schedule:
    - cron: '0 2 * * *'   # daily at 02:00 UTC

jobs:
  generate-docs:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout repository
        uses: actions/checkout@v4
        with:
          token: ${{ secrets.DEEPWIKI_GITHUB_TOKEN }}
      
      - name: Run Deepwiki CLI
        env:
          DEEPWIKI_TOKEN: ${{ secrets.DEEPWIKI_API_KEY }}
        run: |
          # Install Deepwiki (assumes a npm package or binary is available)

          npm i -g deepwiki-cli
          # Generate docs into ./docs

          deepwiki generate --repo ${{ github.repository }} \
                             --out ./docs \
                             --token $DEEPWIKI_TOKEN
      
      - name: Commit and push docs
        run: |
          git config user.name "deepwiki-bot"
          git config user.email "[email protected]"
          git add docs/
          git diff --cached --quiet || git commit -m "🤖 Deepwiki: update docs"
          git push origin HEAD:deepwiki/docs

This workflow executes on every push to main and daily at 02:00 UTC, using DEEPWIKI_GITHUB_TOKEN to checkout the private repository and DEEPWIKI_API_KEY to authenticate with the Deepwiki service.

Direct API Integration

For custom automation outside of GitHub Actions, interact directly with Deepwiki's HTTP API and GitHub's REST API:

import os, requests, base64, json

# ----- Configuration -----

repo   = "cyfyifanchen/one-person-company"
branch = "main"
token  = os.getenv("DEEPWIKI_GITHUB_TOKEN")   # GitHub PAT

api_key = os.getenv("DEEPWIKI_API_KEY")       # Deepwiki service key

# -------------------------

# 1️⃣ Get repository file list (simplified)

headers = {"Authorization": f"token {token}"}
tree_url = f"https://api.github.com/repos/{repo}/git/trees/{branch}?recursive=1"
tree = requests.get(tree_url, headers=headers).json()["tree"]

# 2️⃣ Pull source files and feed Deepwiki

docs = {}
for entry in tree:
    if entry["type"] == "blob" and entry["path"].endswith(('.py', '.js', '.ts')):
        raw_url = f"https://raw.githubusercontent.com/{repo}/{branch}/{entry['path']}"
        src = requests.get(raw_url).text
        # Call Deepwiki

        resp = requests.post(
            "https://api.deepwiki.com/v1/generate",
            headers={"Authorization": f"Bearer {api_key}"},
            json={"filepath": entry["path"], "code": src}
        )
        docs[entry["path"] + ".md"] = resp.json()["markdown"]

# 3️⃣ Push generated markdown back to a new branch

commit_msg = "🤖 Deepwiki: auto‑generated docs"

# (use GitHub API to create a new branch, blobs, tree, and commit – omitted for brevity)

print("Documentation generated for", len(docs), "files")

This script authenticates to GitHub using the PAT (DEEPWIKI_GITHUB_TOKEN), retrieves the repository file tree via GET /repos/{owner}/{repo}/git/trees, filters for source files, and submits them to Deepwiki's /v1/generate endpoint using the DEEPWIKI_API_KEY.

Summary

• Deepwiki provides AI-powered documentation generation for private repositories by integrating with the GitHub API using a Personal Access Token stored in GitHub Secrets.
• The integration architecture requires five components: the source repository, Deepwiki service, authentication layer, documentation store, and optional CI/CD hooks.
• GitHub Actions automation uses the DEEPWIKI_GITHUB_TOKEN and DEEPWIKI_API_KEY secrets to checkout private code, run the Deepwiki CLI, and commit generated docs to a deepwiki/docs branch.
• Direct API integration enables custom scripts to call https://api.deepwiki.com/v1/generate after retrieving source files via GET /repos/{owner}/{repo}/git/trees.
• Security best practices mandate storing all tokens in environment variables or GitHub Secrets rather than hard-coding them in source files or workflow definitions.

Frequently Asked Questions

What permissions does Deepwiki need for private repositories?

Deepwiki requires read-only access to code and metadata within your private repository. When configuring your GitHub Personal Access Token, select the repo scope for classic tokens, or grant Read access to code and metadata for fine-grained tokens specific to the cyfyifanchen/one-person-company repository. Deepwiki does not require write permissions to the source code itself, only to the documentation output location if committing directly to the repository.

How does Deepwiki handle code security when processing private repositories?

Deepwiki processes source code through secure API endpoints, authenticating via the DEEPWIKI_GITHUB_TOKEN for GitHub API access and DEEPWIKI_API_KEY for the Deepwiki service. The service retrieves files via the GitHub REST API (GET /repos/{owner}/{repo}/git/trees) and processes them in memory, ensuring that private repository contents are not exposed in logs or stored persistently by the documentation engine without explicit configuration of the documentation store.

Can Deepwiki generate documentation for specific file types only?

Yes, you can configure Deepwiki to target specific file types by filtering the repository file tree before sending content to the generation API. When implementing direct API integration, modify the file filter logic to process only specific extensions such as .py, .js, or .ts files. For example, the Python integration script checks entry["path"].endswith(('.py', '.js', '.ts')) before retrieving raw content and submitting it to the Deepwiki endpoint, allowing you to customize which source files generate documentation based on your project's specific needs.

Is it possible to customize the output format of Deepwiki-generated documentation?

Deepwiki generates structured markdown output through its LLM processing layer, returning content via the API response field resp.json()["markdown"]. While the internal prompt templates that control formatting are part of Deepwiki's proprietary code, you can post-process the generated markdown before committing it to your documentation store. For instance, the GitHub Actions workflow can apply additional transformations using tools like Prettier or custom scripts after the deepwiki generate command completes and before the git commit step, allowing you to enforce specific formatting standards or inject custom headers into the final documentation output.

{
  "mcpServers": {
    "instagit": {
      "command": "npx",
      "args": ["-y", "instagit@latest"]
    }
  }
}