From 6407412d80f5b33d1fb3f8d686e8a78dc9ebd1dc Mon Sep 17 00:00:00 2001 From: Daniel Gwerzman Date: Thu, 7 Aug 2025 15:50:48 +0100 Subject: [PATCH 1/9] Broken links (#129) Update broken links in the readme pages of Workflows --------- Signed-off-by: Daniel Gwerzman --- examples/workflows/gemini-cli/README.md | 2 +- examples/workflows/issue-triage/README.md | 2 +- examples/workflows/pr-review/README.md | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/examples/workflows/gemini-cli/README.md b/examples/workflows/gemini-cli/README.md index e114a121..c585934f 100644 --- a/examples/workflows/gemini-cli/README.md +++ b/examples/workflows/gemini-cli/README.md @@ -30,7 +30,7 @@ Unlike specialized Gemini CLI workflows for [pull request reviews](../pr-review) ## Setup -For detailed setup instructions, including prerequisites and authentication, please refer to the main [Getting Started](../../README.md#quick-start) section and [Authentication documentation](../../docs/authentication.md). +For detailed setup instructions, including prerequisites and authentication, please refer to the main [Getting Started](../../../README.md#quick-start) section and [Authentication documentation](../../../docs/authentication.md). To use this workflow, you can utilize either of the following methods: 1. Run the `/setup-github` command in Gemini CLI on your terminal to set up workflows for your repository. diff --git a/examples/workflows/issue-triage/README.md b/examples/workflows/issue-triage/README.md index e140b43c..6ccbc358 100644 --- a/examples/workflows/issue-triage/README.md +++ b/examples/workflows/issue-triage/README.md @@ -33,7 +33,7 @@ The Issue Triage workflows provide an automated system for analyzing and categor ## Setup -For detailed setup instructions, including prerequisites and authentication, please refer to the main [Getting Started](../../README.md#quick-start) section and [Authentication documentation](../../docs/authentication.md). +For detailed setup instructions, including prerequisites and authentication, please refer to the main [Getting Started](../../../README.md#quick-start) section and [Authentication documentation](../../../docs/authentication.md). To implement this issue triage system, you can utilize either of the following methods: 1. Run the `/setup-github` command in Gemini CLI on your terminal to set up workflows for your repository. diff --git a/examples/workflows/pr-review/README.md b/examples/workflows/pr-review/README.md index 9010be2b..f26304a7 100644 --- a/examples/workflows/pr-review/README.md +++ b/examples/workflows/pr-review/README.md @@ -42,7 +42,7 @@ The PR Review workflow uses Google's Gemini AI to provide comprehensive code rev ## Setup -For detailed setup instructions, including prerequisites and authentication, please refer to the main [Getting Started](../../README.md#quick-start) section and [Authentication documentation](../../docs/authentication.md). +For detailed setup instructions, including prerequisites and authentication, please refer to the main [Getting Started](../../../README.md#quick-start) section and [Authentication documentation](../../../docs/authentication.md). To use this workflow, you can use either of the following methods: 1. Run the `/setup-github` command in Gemini CLI on your terminal to set up workflows for your repository. From b642fd18d02579a96295666d7042785c5f2148bd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E3=83=9E=E3=83=AB=E3=82=B3=E3=83=A1?= Date: Thu, 7 Aug 2025 23:54:03 +0900 Subject: [PATCH 2/9] chore: mention user to confirm who run (#131) ## Summary Update Gemini CLI workflows to mention the actor when posting acknowledgment comments Enhancements: - Add GITHUB_ACTOR environment variable to workflows - Prefix acknowledgment messages with the @mention of the GitHub actor ## Why? This is to confirm who responded when multiple people called within the organization. This is also useful for checking which users have the authority to perform actions. ## How to verify your codes? I've tested this workflow with issue and pull request comments. image --- .github/workflows/gemini-cli.yml | 3 ++- examples/workflows/gemini-cli/gemini-cli.yml | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/.github/workflows/gemini-cli.yml b/.github/workflows/gemini-cli.yml index 85214540..52acd1d9 100644 --- a/.github/workflows/gemini-cli.yml +++ b/.github/workflows/gemini-cli.yml @@ -162,13 +162,14 @@ jobs: - name: 'Acknowledge request' env: + GITHUB_ACTOR: '${{ github.actor }}' GITHUB_TOKEN: '${{ steps.generate_token.outputs.token || secrets.GITHUB_TOKEN }}' ISSUE_NUMBER: '${{ steps.get_context.outputs.issue_number }}' REPOSITORY: '${{ github.repository }}' REQUEST_TYPE: '${{ steps.get_context.outputs.request_type }}' run: |- set -euo pipefail - MESSAGE="I've received your request and I'm working on it now! 🤖" + MESSAGE="@${GITHUB_ACTOR} I've received your request and I'm working on it now! 🤖" if [[ -n "${MESSAGE}" ]]; then gh issue comment "${ISSUE_NUMBER}" \ --body "${MESSAGE}" \ diff --git a/examples/workflows/gemini-cli/gemini-cli.yml b/examples/workflows/gemini-cli/gemini-cli.yml index 58ab4ed1..ee30ddfb 100644 --- a/examples/workflows/gemini-cli/gemini-cli.yml +++ b/examples/workflows/gemini-cli/gemini-cli.yml @@ -162,13 +162,14 @@ jobs: - name: 'Acknowledge request' env: + GITHUB_ACTOR: '${{ github.actor }}' GITHUB_TOKEN: '${{ steps.generate_token.outputs.token || secrets.GITHUB_TOKEN }}' ISSUE_NUMBER: '${{ steps.get_context.outputs.issue_number }}' REPOSITORY: '${{ github.repository }}' REQUEST_TYPE: '${{ steps.get_context.outputs.request_type }}' run: |- set -euo pipefail - MESSAGE="I've received your request and I'm working on it now! 🤖" + MESSAGE="@${GITHUB_ACTOR} I've received your request and I'm working on it now! 🤖" if [[ -n "${MESSAGE}" ]]; then gh issue comment "${ISSUE_NUMBER}" \ --body "${MESSAGE}" \ From d9b9c17738fc725e36d6116ee7dd7e227c862cf1 Mon Sep 17 00:00:00 2001 From: Lee James <40045512+leehagoodjames@users.noreply.github.com> Date: Thu, 7 Aug 2025 14:31:01 -0400 Subject: [PATCH 3/9] bug(#109): Support triggering PR review with issue comment (#138) Fix PR workflow to be triggered when users comments `@gemini /review` in a PR Fixes #109 --- .github/workflows/gemini-pr-review.yml | 3 +++ examples/workflows/pr-review/gemini-pr-review.yml | 3 +++ 2 files changed, 6 insertions(+) diff --git a/.github/workflows/gemini-pr-review.yml b/.github/workflows/gemini-pr-review.yml index ff3981ac..acc86245 100644 --- a/.github/workflows/gemini-pr-review.yml +++ b/.github/workflows/gemini-pr-review.yml @@ -4,6 +4,9 @@ on: pull_request: types: - 'opened' + issue_comment: + types: + - 'created' pull_request_review_comment: types: - 'created' diff --git a/examples/workflows/pr-review/gemini-pr-review.yml b/examples/workflows/pr-review/gemini-pr-review.yml index 652e355b..682b7e88 100644 --- a/examples/workflows/pr-review/gemini-pr-review.yml +++ b/examples/workflows/pr-review/gemini-pr-review.yml @@ -4,6 +4,9 @@ on: pull_request: types: - 'opened' + issue_comment: + types: + - 'created' pull_request_review_comment: types: - 'created' From fbd9d2f85859e442500bcf1dddd547802d4d63ef Mon Sep 17 00:00:00 2001 From: Lee James <40045512+leehagoodjames@users.noreply.github.com> Date: Thu, 7 Aug 2025 15:41:47 -0400 Subject: [PATCH 4/9] feat(setup): enable setup script to automatically set repository variables (#140) Use `gh` to automatically set repo variables, and default to manual way as a backup --- docs/authentication.md | 1 + scripts/setup_workload_identity.sh | 45 +++++++++++++++++++----------- 2 files changed, 29 insertions(+), 17 deletions(-) diff --git a/docs/authentication.md b/docs/authentication.md index b6a446f9..942f5208 100644 --- a/docs/authentication.md +++ b/docs/authentication.md @@ -80,6 +80,7 @@ Required Tools: - A Google Cloud Project with billing enabled. - The [Google Cloud CLI (`gcloud`)](https://cloud.google.com/sdk/docs/install) installed and authenticated (`gcloud auth login`). +- Optional: The GitHub CLI [gh](https://docs.github.com/en/github-cli/github-cli/quickstart) Your user account needs these permissions in the target GCP project to run the script: diff --git a/scripts/setup_workload_identity.sh b/scripts/setup_workload_identity.sh index fbe047b9..de8ac046 100755 --- a/scripts/setup_workload_identity.sh +++ b/scripts/setup_workload_identity.sh @@ -446,22 +446,33 @@ echo "• roles/cloudaicompanion.user - Use Code Assist for model inference" echo "• roles/iam.serviceAccountTokenCreator" echo "" -print_header "GitHub Environment Variables Configuration" -echo "" -print_warning "Add these variables to your GitHub repository or workflow configuration:" -echo " Repository: https://github.com/${GITHUB_REPO}/settings/variables/actions" -echo "" -echo "🔑 Variable Name: GCP_WIF_PROVIDER" -echo " Variable Value: ${WIF_PROVIDER_FULL}" -echo "" -echo "☁️ Variable Name: GOOGLE_CLOUD_PROJECT" -echo " Variable Value: ${GOOGLE_CLOUD_PROJECT}" -echo "" -echo "☁️ Variable Name: GOOGLE_CLOUD_LOCATION" -echo " Variable Value: ${GOOGLE_CLOUD_LOCATION}" -echo "" -echo "☁️ Variable Name: SERVICE_ACCOUNT_EMAIL" -echo " Variable Value: ${SERVICE_ACCOUNT_EMAIL}" -echo "" + +# Check for `gh` CLI and set variables automatically if available +if command -v gh &> /dev/null; then + print_info "The 'gh' CLI is installed. Setting variables automatically..." + + gh variable set GCP_WIF_PROVIDER --body "${WIF_PROVIDER_FULL}" --repo "${GITHUB_REPO}" + gh variable set GOOGLE_CLOUD_PROJECT --body "${GOOGLE_CLOUD_PROJECT}" --repo "${GITHUB_REPO}" + gh variable set GOOGLE_CLOUD_LOCATION --body "${GOOGLE_CLOUD_LOCATION}" --repo "${GITHUB_REPO}" + gh variable set SERVICE_ACCOUNT_EMAIL --body "${SERVICE_ACCOUNT_EMAIL}" --repo "${GITHUB_REPO}" + + print_success "GitHub variables have been set automatically!" +else + print_warning "The 'gh' CLI was not found. Either install it and rerun this script OR set the below variables manually." + echo " For manual setup, go to https://github.com/${GITHUB_REPO}/settings/variables/actions and add the following repository variables:" + echo "" + echo "🔑 Variable Name: GCP_WIF_PROVIDER" + echo " Variable Value: ${WIF_PROVIDER_FULL}" + echo "" + echo "☁️ Variable Name: GOOGLE_CLOUD_PROJECT" + echo " Variable Value: ${GOOGLE_CLOUD_PROJECT}" + echo "" + echo "☁️ Variable Name: GOOGLE_CLOUD_LOCATION" + echo " Variable Value: ${GOOGLE_CLOUD_LOCATION}" + echo "" + echo "☁️ Variable Name: SERVICE_ACCOUNT_EMAIL" + echo " Variable Value: ${SERVICE_ACCOUNT_EMAIL}" + echo "" +fi print_success "Setup completed successfully! 🚀" From 9fdc17b0bee756ab9c8b2a72bde814ccc318c762 Mon Sep 17 00:00:00 2001 From: Jerop Kipruto Date: Fri, 8 Aug 2025 07:35:20 +0900 Subject: [PATCH 5/9] Add `echo` to core tools for automated issue triage (#143) This will help make sure it can access the issue title and body. Example run needing `echo`: https://github.com/google-github-actions/run-gemini-cli/actions/runs/16816912109/job/47635803167 Note that scheduled triage has `echo` tool already. cc @leehagoodjames --- .github/workflows/gemini-issue-automated-triage.yml | 1 + .../workflows/issue-triage/gemini-issue-automated-triage.yml | 1 + 2 files changed, 2 insertions(+) diff --git a/.github/workflows/gemini-issue-automated-triage.yml b/.github/workflows/gemini-issue-automated-triage.yml index 92f4f0ea..b87677b6 100644 --- a/.github/workflows/gemini-issue-automated-triage.yml +++ b/.github/workflows/gemini-issue-automated-triage.yml @@ -77,6 +77,7 @@ jobs: { "maxSessionTurns": 25, "coreTools": [ + "run_shell_command(echo)", "run_shell_command(gh label list)", "run_shell_command(gh issue edit)" ], diff --git a/examples/workflows/issue-triage/gemini-issue-automated-triage.yml b/examples/workflows/issue-triage/gemini-issue-automated-triage.yml index 9c0014cd..2bdd5d2a 100644 --- a/examples/workflows/issue-triage/gemini-issue-automated-triage.yml +++ b/examples/workflows/issue-triage/gemini-issue-automated-triage.yml @@ -77,6 +77,7 @@ jobs: { "maxSessionTurns": 25, "coreTools": [ + "run_shell_command(echo)", "run_shell_command(gh label list)", "run_shell_command(gh issue edit)" ], From 1bd4856e588fe55cab6d5713508465e2abefcfb2 Mon Sep 17 00:00:00 2001 From: Seth Vargo Date: Thu, 7 Aug 2025 21:51:58 -0400 Subject: [PATCH 6/9] chore: simply GitHub Actions permissions (#144) --- .github/workflows/gemini-cli.yml | 54 +++++-------------- .../gemini-issue-automated-triage.yml | 12 ++--- .github/workflows/gemini-pr-review.yml | 40 ++++++-------- .github/workflows/permissions-debugger.yml | 51 ++++++++++++++++++ 4 files changed, 85 insertions(+), 72 deletions(-) create mode 100644 .github/workflows/permissions-debugger.yml diff --git a/.github/workflows/gemini-cli.yml b/.github/workflows/gemini-cli.yml index 52acd1d9..23179d0f 100644 --- a/.github/workflows/gemini-cli.yml +++ b/.github/workflows/gemini-cli.yml @@ -34,54 +34,26 @@ jobs: ( github.event_name == 'issues' && github.event.action == 'opened' && contains(github.event.issue.body, '@gemini-cli') && - !contains(github.event.issue.body, '/review') && - !contains(github.event.issue.body, '/triage') && - ( - github.event.sender.type == 'User' && ( - github.event.issue.author_association == 'OWNER' || - github.event.issue.author_association == 'MEMBER' || - github.event.issue.author_association == 'COLLABORATOR' - ) - ) + !contains(github.event.issue.body, '@gemini-cli /review') && + !contains(github.event.issue.body, '@gemini-cli /triage') && + contains(fromJSON('["OWNER", "MEMBER", "COLLABORATOR"]'), github.event.issue.author_association) ) || ( - github.event_name == 'issue_comment' && - contains(github.event.comment.body, '@gemini-cli') && - !contains(github.event.comment.body, '/review') && - !contains(github.event.comment.body, '/triage') && ( - github.event.sender.type == 'User' && ( - github.event.comment.author_association == 'OWNER' || - github.event.comment.author_association == 'MEMBER' || - github.event.comment.author_association == 'COLLABORATOR' - ) - ) + github.event_name == 'issue_comment' || + github.event_name == 'pull_request_review_comment' + ) && + contains(github.event.comment.body, '@gemini-cli') && + !contains(github.event.comment.body, '@gemini-cli /review') && + !contains(github.event.comment.body, '@gemini-cli /triage') && + contains(fromJSON('["OWNER", "MEMBER", "COLLABORATOR"]'), github.event.comment.author_association) ) || ( github.event_name == 'pull_request_review' && contains(github.event.review.body, '@gemini-cli') && - !contains(github.event.review.body, '/review') && - !contains(github.event.review.body, '/triage') && - ( - github.event.sender.type == 'User' && ( - github.event.review.author_association == 'OWNER' || - github.event.review.author_association == 'MEMBER' || - github.event.review.author_association == 'COLLABORATOR' - ) - ) - ) || - ( - github.event_name == 'pull_request_review_comment' && - contains(github.event.comment.body, '@gemini-cli') && - !contains(github.event.comment.body, '/review') && - !contains(github.event.comment.body, '/triage') && - ( - github.event.sender.type == 'User' && ( - github.event.comment.author_association == 'OWNER' || - github.event.comment.author_association == 'MEMBER' || - github.event.comment.author_association == 'COLLABORATOR' - ) - ) + !contains(github.event.review.body, '@gemini-cli /review') && + !contains(github.event.review.body, '@gemini-cli /triage') && + contains(fromJSON('["OWNER", "MEMBER", "COLLABORATOR"]'), github.event.review.author_association) ) timeout-minutes: 10 runs-on: 'ubuntu-latest' diff --git a/.github/workflows/gemini-issue-automated-triage.yml b/.github/workflows/gemini-issue-automated-triage.yml index b87677b6..fbef1435 100644 --- a/.github/workflows/gemini-issue-automated-triage.yml +++ b/.github/workflows/gemini-issue-automated-triage.yml @@ -31,14 +31,14 @@ permissions: jobs: triage-issue: - if: > + if: |- github.event_name == 'issues' || github.event_name == 'workflow_dispatch' || - (github.event_name == 'issue_comment' && - contains(github.event.comment.body, '@gemini-cli /triage') && - (github.event.comment.author_association == 'OWNER' || - github.event.comment.author_association == 'MEMBER' || - github.event.comment.author_association == 'COLLABORATOR')) + ( + github.event_name == 'issue_comment' && + contains(github.event.comment.body, '@gemini-cli /triage') && + contains(fromJSON('["OWNER", "MEMBER", "COLLABORATOR"]'), github.event.comment.author_association) + ) timeout-minutes: 5 runs-on: 'ubuntu-latest' diff --git a/.github/workflows/gemini-pr-review.yml b/.github/workflows/gemini-pr-review.yml index acc86245..74fdb08f 100644 --- a/.github/workflows/gemini-pr-review.yml +++ b/.github/workflows/gemini-pr-review.yml @@ -4,6 +4,7 @@ on: pull_request: types: - 'opened' + - 'reopened' issue_comment: types: - 'created' @@ -39,36 +40,25 @@ jobs: review-pr: if: |- github.event_name == 'workflow_dispatch' || - (github.event_name == 'pull_request' && github.event.action == 'opened' && - ( - github.event.pull_request.author_association == 'OWNER' || - github.event.pull_request.author_association == 'MEMBER' || - github.event.pull_request.author_association == 'COLLABORATOR' - ) + ( + github.event_name == 'pull_request' && + contains(fromJSON('["OWNER", "MEMBER", "COLLABORATOR"]'), github.event.pull_request.author_association) ) || - (github.event_name == 'issue_comment' && github.event.issue.pull_request && - contains(github.event.comment.body, '@gemini-cli /review') && + ( ( - github.event.comment.author_association == 'OWNER' || - github.event.comment.author_association == 'MEMBER' || - github.event.comment.author_association == 'COLLABORATOR' - ) - ) || - (github.event_name == 'pull_request_review_comment' && + ( + github.event_name == 'issue_comment' && + github.event.issue.pull_request + ) || + github.event_name == 'pull_request_review_comment' + ) && contains(github.event.comment.body, '@gemini-cli /review') && - ( - github.event.comment.author_association == 'OWNER' || - github.event.comment.author_association == 'MEMBER' || - github.event.comment.author_association == 'COLLABORATOR' - ) + contains(fromJSON('["OWNER", "MEMBER", "COLLABORATOR"]'), github.event.comment.author_association) ) || - (github.event_name == 'pull_request_review' && + ( + github.event_name == 'pull_request_review' && contains(github.event.review.body, '@gemini-cli /review') && - ( - github.event.review.author_association == 'OWNER' || - github.event.review.author_association == 'MEMBER' || - github.event.review.author_association == 'COLLABORATOR' - ) + contains(fromJSON('["OWNER", "MEMBER", "COLLABORATOR"]'), github.event.review.author_association) ) timeout-minutes: 5 runs-on: 'ubuntu-latest' diff --git a/.github/workflows/permissions-debugger.yml b/.github/workflows/permissions-debugger.yml new file mode 100644 index 00000000..6b151eeb --- /dev/null +++ b/.github/workflows/permissions-debugger.yml @@ -0,0 +1,51 @@ +name: 'run' + +on: + pull_request: + types: + - 'opened' + - 'reopened' + pull_request_review: + types: + - 'submitted' + pull_request_review_comment: + types: + - 'created' + issue_comment: + types: + - 'created' + issues: + types: + - 'opened' + - 'reopened' + workflow_dispatch: + + +permissions: + contents: 'read' + +jobs: + debug-permissions: + if: |- + ${{ vars.DEBUG_PERMISSIONS }} + name: 'Run' + runs-on: 'ubuntu-latest' + + steps: + - shell: 'bash' + env: + DEBUG_EVENT_NAME: '${{ github.event_name }}' + DEBUG_EVENT_ACTION: '${{ github.event.action }}' + DEBUG_EVENT_SENDER_TYPE: '${{ github.event.sender.type }}' + DEBUG_PULL_REQUEST_AUTHOR_ASSOCIATION: '${{ github.event.pull_request.author_association }}' + DEBUG_ISSUE_AUTHOR_ASSOCIATION: '${{ github.event.issue.author_association }}' + DEBUG_COMMENT_AUTHOR_ASSOCIATION: '${{ github.event.comment.author_association }}' + DEBUG_REVIEW_AUTHOR_ASSOCIATION: '${{ github.event.review.author_association }}' + run: |- + echo "event_name: ${DEBUG_EVENT_NAME}" + echo "event.action: ${DEBUG_EVENT_ACTION}" + echo "event.sender.type: ${DEBUG_EVENT_SENDER_TYPE}" + echo "event.pull_request.author_association: ${DEBUG_PULL_REQUEST_AUTHOR_ASSOCIATION}" + echo "event.issue.author_association: ${DEBUG_ISSUE_AUTHOR_ASSOCIATION}" + echo "event.comment.author_association: ${DEBUG_COMMENT_AUTHOR_ASSOCIATION}" + echo "event.review.author_association: ${DEBUG_REVIEW_AUTHOR_ASSOCIATION}" From 43a726d3225176f1bdd91c52af20e196cb320157 Mon Sep 17 00:00:00 2001 From: Jerop Kipruto Date: Fri, 8 Aug 2025 11:37:40 +0900 Subject: [PATCH 7/9] Simplify the workflow triggers (#146) Carrying over changes in dogfooding: https://github.com/google-github-actions/run-gemini-cli/pull/144 cc @sethvargo --- examples/workflows/gemini-cli/gemini-cli.yml | 54 +++++-------------- .../gemini-issue-automated-triage.yml | 12 ++--- examples/workflows/pr-review/README.md | 2 +- .../workflows/pr-review/gemini-pr-review.yml | 36 ++++++------- 4 files changed, 36 insertions(+), 68 deletions(-) diff --git a/examples/workflows/gemini-cli/gemini-cli.yml b/examples/workflows/gemini-cli/gemini-cli.yml index ee30ddfb..3fbaedc7 100644 --- a/examples/workflows/gemini-cli/gemini-cli.yml +++ b/examples/workflows/gemini-cli/gemini-cli.yml @@ -34,54 +34,26 @@ jobs: ( github.event_name == 'issues' && github.event.action == 'opened' && contains(github.event.issue.body, '@gemini-cli') && - !contains(github.event.issue.body, '/review') && - !contains(github.event.issue.body, '/triage') && - ( - github.event.sender.type == 'User' && ( - github.event.issue.author_association == 'OWNER' || - github.event.issue.author_association == 'MEMBER' || - github.event.issue.author_association == 'COLLABORATOR' - ) - ) + !contains(github.event.issue.body, '@gemini-cli /review') && + !contains(github.event.issue.body, '@gemini-cli /triage') && + contains(fromJSON('["OWNER", "MEMBER", "COLLABORATOR"]'), github.event.issue.author_association) ) || ( - github.event_name == 'issue_comment' && - contains(github.event.comment.body, '@gemini-cli') && - !contains(github.event.comment.body, '/review') && - !contains(github.event.comment.body, '/triage') && ( - github.event.sender.type == 'User' && ( - github.event.comment.author_association == 'OWNER' || - github.event.comment.author_association == 'MEMBER' || - github.event.comment.author_association == 'COLLABORATOR' - ) - ) + github.event_name == 'issue_comment' || + github.event_name == 'pull_request_review_comment' + ) && + contains(github.event.comment.body, '@gemini-cli') && + !contains(github.event.comment.body, '@gemini-cli /review') && + !contains(github.event.comment.body, '@gemini-cli /triage') && + contains(fromJSON('["OWNER", "MEMBER", "COLLABORATOR"]'), github.event.comment.author_association) ) || ( github.event_name == 'pull_request_review' && contains(github.event.review.body, '@gemini-cli') && - !contains(github.event.review.body, '/review') && - !contains(github.event.review.body, '/triage') && - ( - github.event.sender.type == 'User' && ( - github.event.review.author_association == 'OWNER' || - github.event.review.author_association == 'MEMBER' || - github.event.review.author_association == 'COLLABORATOR' - ) - ) - ) || - ( - github.event_name == 'pull_request_review_comment' && - contains(github.event.comment.body, '@gemini-cli') && - !contains(github.event.comment.body, '/review') && - !contains(github.event.comment.body, '/triage') && - ( - github.event.sender.type == 'User' && ( - github.event.comment.author_association == 'OWNER' || - github.event.comment.author_association == 'MEMBER' || - github.event.comment.author_association == 'COLLABORATOR' - ) - ) + !contains(github.event.review.body, '@gemini-cli /review') && + !contains(github.event.review.body, '@gemini-cli /triage') && + contains(fromJSON('["OWNER", "MEMBER", "COLLABORATOR"]'), github.event.review.author_association) ) timeout-minutes: 10 runs-on: 'ubuntu-latest' diff --git a/examples/workflows/issue-triage/gemini-issue-automated-triage.yml b/examples/workflows/issue-triage/gemini-issue-automated-triage.yml index 2bdd5d2a..8e2ed690 100644 --- a/examples/workflows/issue-triage/gemini-issue-automated-triage.yml +++ b/examples/workflows/issue-triage/gemini-issue-automated-triage.yml @@ -31,14 +31,14 @@ permissions: jobs: triage-issue: - if: > + if: |- github.event_name == 'issues' || github.event_name == 'workflow_dispatch' || - (github.event_name == 'issue_comment' && - contains(github.event.comment.body, '@gemini-cli /triage') && - (github.event.comment.author_association == 'OWNER' || - github.event.comment.author_association == 'MEMBER' || - github.event.comment.author_association == 'COLLABORATOR')) + ( + github.event_name == 'issue_comment' && + contains(github.event.comment.body, '@gemini-cli /triage') && + contains(fromJSON('["OWNER", "MEMBER", "COLLABORATOR"]'), github.event.comment.author_association) + ) timeout-minutes: 5 runs-on: 'ubuntu-latest' diff --git a/examples/workflows/pr-review/README.md b/examples/workflows/pr-review/README.md index f26304a7..75301039 100644 --- a/examples/workflows/pr-review/README.md +++ b/examples/workflows/pr-review/README.md @@ -59,7 +59,7 @@ curl -o .github/workflows/gemini-pr-review.yml https://raw.githubusercontent.com The Gemini PR Review workflow is triggered by: -- **New PRs**: When a pull request is opened +- **New PRs**: When a pull request is opened or reopened - **PR Review Comments**: When a review comment contains `@gemini-cli /review` - **PR Reviews**: When a review body contains `@gemini-cli /review` - **Issue Comments**: When a comment on a PR contains `@gemini-cli /review` diff --git a/examples/workflows/pr-review/gemini-pr-review.yml b/examples/workflows/pr-review/gemini-pr-review.yml index 682b7e88..a1073947 100644 --- a/examples/workflows/pr-review/gemini-pr-review.yml +++ b/examples/workflows/pr-review/gemini-pr-review.yml @@ -4,6 +4,7 @@ on: pull_request: types: - 'opened' + - 'reopened' issue_comment: types: - 'created' @@ -39,30 +40,25 @@ jobs: review-pr: if: |- github.event_name == 'workflow_dispatch' || - (github.event_name == 'pull_request' && github.event.action == 'opened') || - (github.event_name == 'issue_comment' && github.event.issue.pull_request && - contains(github.event.comment.body, '@gemini-cli /review') && - ( - github.event.comment.author_association == 'OWNER' || - github.event.comment.author_association == 'MEMBER' || - github.event.comment.author_association == 'COLLABORATOR' - ) + ( + github.event_name == 'pull_request' && + contains(fromJSON('["OWNER", "MEMBER", "COLLABORATOR"]'), github.event.pull_request.author_association) ) || - (github.event_name == 'pull_request_review_comment' && - contains(github.event.comment.body, '@gemini-cli /review') && + ( ( - github.event.comment.author_association == 'OWNER' || - github.event.comment.author_association == 'MEMBER' || - github.event.comment.author_association == 'COLLABORATOR' - ) + ( + github.event_name == 'issue_comment' && + github.event.issue.pull_request + ) || + github.event_name == 'pull_request_review_comment' + ) && + contains(github.event.comment.body, '@gemini-cli /review') && + contains(fromJSON('["OWNER", "MEMBER", "COLLABORATOR"]'), github.event.comment.author_association) ) || - (github.event_name == 'pull_request_review' && + ( + github.event_name == 'pull_request_review' && contains(github.event.review.body, '@gemini-cli /review') && - ( - github.event.review.author_association == 'OWNER' || - github.event.review.author_association == 'MEMBER' || - github.event.review.author_association == 'COLLABORATOR' - ) + contains(fromJSON('["OWNER", "MEMBER", "COLLABORATOR"]'), github.event.review.author_association) ) timeout-minutes: 5 runs-on: 'ubuntu-latest' From 3371c77f9c1f5598ed60e449e6cee6d87a4363f3 Mon Sep 17 00:00:00 2001 From: Lee James <40045512+leehagoodjames@users.noreply.github.com> Date: Thu, 7 Aug 2025 22:48:33 -0400 Subject: [PATCH 8/9] bug(/review): Fix agent not posting feedback in GitHub (#141) This change modifies the prompt to constrain the agent on how the review must be submitted to GitHub. This aims to improve what is seen in #134 where "more than 50% of the time PR review fails due to tool problems posting the review." Since this is occurring intermittently - this is a probabilistic issue, not a permissions issue, which is why the prompt is being changed. Primary changes: 1. Sometimes the agent made tool calls for a fake repo `owner` to make tool calls. The change instructs the agent to list the repository owner. 1. Surprisingly, even when the agent hallucinated a fake repo `owner` and made tool calls with this, our logs show that these calls were successful (so the agent thought things were working), which is why workflow errors did not surface. I have filed a [bug](https://github.com/github/github-mcp-server/issues/842) with GitHub MCP to ensure they are returning failures, and will ensure that `gemini-cli` logs/telemetry is properly capturing and recording tool call failures. 1. Sometimes the agent didn't attempt to make tool calls. The prompt was made to be more explicit that this is a necessity. Fixes #134 --- .github/workflows/gemini-pr-review.yml | 29 ++++++++++++------- .../workflows/pr-review/gemini-pr-review.yml | 29 ++++++++++++------- 2 files changed, 38 insertions(+), 20 deletions(-) diff --git a/.github/workflows/gemini-pr-review.yml b/.github/workflows/gemini-pr-review.yml index 74fdb08f..0ab9e649 100644 --- a/.github/workflows/gemini-pr-review.yml +++ b/.github/workflows/gemini-pr-review.yml @@ -201,22 +201,27 @@ jobs: ## Role You are an expert code reviewer. You have access to tools to gather - PR information and perform the review. Use the available tools to + PR information and perform the review on GitHub. Use the available tools to gather information; do not ask for information to be provided. + ## Requirements + 1. All feedback must be left on GitHub. + 2. Any output that is not left in GitHub will not be seen. + ## Steps Start by running these commands to gather the required data: - 1. Run: echo "${PR_DATA}" to get PR details (JSON format) - 2. Run: echo "${CHANGED_FILES}" to get the list of changed files - 3. Run: echo "${PR_NUMBER}" to get the PR number - 4. Run: echo "${ADDITIONAL_INSTRUCTIONS}" to see any specific review + 1. Run: echo $"{REPOSITORY}" to get the github repository in / format + 2. Run: echo "${PR_DATA}" to get PR details (JSON format) + 3. Run: echo "${CHANGED_FILES}" to get the list of changed files + 4. Run: echo "${PR_NUMBER}" to get the PR number + 5. Run: echo "${ADDITIONAL_INSTRUCTIONS}" to see any specific review instructions from the user - 5. Run: gh pr diff "${PR_NUMBER}" to see the full diff and reference + 6. Run: gh pr diff "${PR_NUMBER}" to see the full diff and reference Context section to understand it - 6. For any specific files, use: cat filename, head -50 filename, or + 7. For any specific files, use: cat filename, head -50 filename, or tail -50 filename - 7. If ADDITIONAL_INSTRUCTIONS contains text, prioritize those + 8. If ADDITIONAL_INSTRUCTIONS contains text, prioritize those specific areas or focus points in your review. Common instruction examples: "focus on security", "check performance", "review error handling", "check for breaking changes" @@ -376,11 +381,11 @@ jobs: ## Review - Once you have the information, provide a comprehensive code review by: + Once you have the information and are ready to leave a review on GitHub, post the review to GitHub using the GitHub MCP tool by: 1. Creating a pending review: Use the mcp__github__create_pending_pull_request_review to create a Pending Pull Request Review. 2. Adding review comments: - 2.1 Use the mcp__github__add_comment_to_pending_review to add comments to the Pending Pull Request Review. Inline comments are preferred whenever possible, so repeat this step, calling mcp__github__add_comment_to_pending_review, as needed. All comments about specific lines of code should use inline comments. It is preferred to use code suggestions when possible, which include a code block that is labeled "suggestion", which contains what the new code should be. All comments should also have a severity. They syntax is: + 2.1 Use the mcp__github__add_comment_to_pending_review to add comments to the Pending Pull Request Review. Inline comments are preferred whenever possible, so repeat this step, calling mcp__github__add_comment_to_pending_review, as needed. All comments about specific lines of code should use inline comments. It is preferred to use code suggestions when possible, which include a code block that is labeled "suggestion", which contains what the new code should be. All comments should also have a severity. The syntax is: Normal Comment Syntax: {{SEVERITY}} {{COMMENT_TEXT}} @@ -431,6 +436,10 @@ jobs: - Highlight positive aspects of the implementation - Note any recurring themes across files + ## Final Instructions + + Remember, you are running in a VM and no one reviewing your output. Your review must be posted to GitHub using the MCP tools to create a pending review, add comments to the pending review, and submit the pending review. + - name: 'Post PR review failure comment' if: |- diff --git a/examples/workflows/pr-review/gemini-pr-review.yml b/examples/workflows/pr-review/gemini-pr-review.yml index a1073947..49fb26b1 100644 --- a/examples/workflows/pr-review/gemini-pr-review.yml +++ b/examples/workflows/pr-review/gemini-pr-review.yml @@ -201,22 +201,27 @@ jobs: ## Role You are an expert code reviewer. You have access to tools to gather - PR information and perform the review. Use the available tools to + PR information and perform the review on GitHub. Use the available tools to gather information; do not ask for information to be provided. + ## Requirements + 1. All feedback must be left on GitHub. + 2. Any output that is not left in GitHub will not be seen. + ## Steps Start by running these commands to gather the required data: - 1. Run: echo "${PR_DATA}" to get PR details (JSON format) - 2. Run: echo "${CHANGED_FILES}" to get the list of changed files - 3. Run: echo "${PR_NUMBER}" to get the PR number - 4. Run: echo "${ADDITIONAL_INSTRUCTIONS}" to see any specific review + 1. Run: echo $"{REPOSITORY}" to get the github repository in / format + 2. Run: echo "${PR_DATA}" to get PR details (JSON format) + 3. Run: echo "${CHANGED_FILES}" to get the list of changed files + 4. Run: echo "${PR_NUMBER}" to get the PR number + 5. Run: echo "${ADDITIONAL_INSTRUCTIONS}" to see any specific review instructions from the user - 5. Run: gh pr diff "${PR_NUMBER}" to see the full diff and reference + 6. Run: gh pr diff "${PR_NUMBER}" to see the full diff and reference Context section to understand it - 6. For any specific files, use: cat filename, head -50 filename, or + 7. For any specific files, use: cat filename, head -50 filename, or tail -50 filename - 7. If ADDITIONAL_INSTRUCTIONS contains text, prioritize those + 8. If ADDITIONAL_INSTRUCTIONS contains text, prioritize those specific areas or focus points in your review. Common instruction examples: "focus on security", "check performance", "review error handling", "check for breaking changes" @@ -376,11 +381,11 @@ jobs: ## Review - Once you have the information, provide a comprehensive code review by: + Once you have the information and are ready to leave a review on GitHub, post the review to GitHub using the GitHub MCP tool by: 1. Creating a pending review: Use the mcp__github__create_pending_pull_request_review to create a Pending Pull Request Review. 2. Adding review comments: - 2.1 Use the mcp__github__add_comment_to_pending_review to add comments to the Pending Pull Request Review. Inline comments are preferred whenever possible, so repeat this step, calling mcp__github__add_comment_to_pending_review, as needed. All comments about specific lines of code should use inline comments. It is preferred to use code suggestions when possible, which include a code block that is labeled "suggestion", which contains what the new code should be. All comments should also have a severity. They syntax is: + 2.1 Use the mcp__github__add_comment_to_pending_review to add comments to the Pending Pull Request Review. Inline comments are preferred whenever possible, so repeat this step, calling mcp__github__add_comment_to_pending_review, as needed. All comments about specific lines of code should use inline comments. It is preferred to use code suggestions when possible, which include a code block that is labeled "suggestion", which contains what the new code should be. All comments should also have a severity. The syntax is: Normal Comment Syntax: {{SEVERITY}} {{COMMENT_TEXT}} @@ -431,6 +436,10 @@ jobs: - Highlight positive aspects of the implementation - Note any recurring themes across files + ## Final Instructions + + Remember, you are running in a VM and no one reviewing your output. Your review must be posted to GitHub using the MCP tools to create a pending review, add comments to the pending review, and submit the pending review. + - name: 'Post PR review failure comment' if: |- From e05c1e104f0327e46a7a3f4832edf66bcabc5a32 Mon Sep 17 00:00:00 2001 From: Google GitHub Actions Bot <72759630+google-github-actions-bot@users.noreply.github.com> Date: Thu, 7 Aug 2025 23:08:14 -0400 Subject: [PATCH 9/9] Release: v0.1.7 (#147) ## What's Changed * Broken links by @kulaone in https://github.com/google-github-actions/run-gemini-cli/pull/129 * chore: mention user to confirm who run by @Marukome0743 in https://github.com/google-github-actions/run-gemini-cli/pull/131 * bug(#109): Support triggering PR review with issue comment by @leehagoodjames in https://github.com/google-github-actions/run-gemini-cli/pull/138 * feat(setup): enable setup script to automatically set repository variables by @leehagoodjames in https://github.com/google-github-actions/run-gemini-cli/pull/140 * Add `echo` to core tools for automated issue triage by @jerop in https://github.com/google-github-actions/run-gemini-cli/pull/143 * chore: simply GitHub Actions permissions by @sethvargo in https://github.com/google-github-actions/run-gemini-cli/pull/144 * Simplify the workflow triggers by @jerop in https://github.com/google-github-actions/run-gemini-cli/pull/146 * bug(/review): Fix agent not posting feedback in GitHub by @leehagoodjames in https://github.com/google-github-actions/run-gemini-cli/pull/141 ## New Contributors * @kulaone made their first contribution in https://github.com/google-github-actions/run-gemini-cli/pull/129 **Full Changelog**: https://github.com/google-github-actions/run-gemini-cli/compare/v0.1.6...v0.1.7 --- package-lock.json | 4 ++-- package.json | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/package-lock.json b/package-lock.json index 8dd20749..178a2384 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "run-gemini-cli", - "version": "0.1.6", + "version": "0.1.7", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "run-gemini-cli", - "version": "0.1.6", + "version": "0.1.7", "license": "Apache-2.0", "devDependencies": { "@google-github-actions/actions-utils": "^0.8.8" diff --git a/package.json b/package.json index 3f41df82..c5598fae 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "run-gemini-cli", - "version": "0.1.6", + "version": "0.1.7", "description": "This works with our versioning tools, this is NOT an NPM repo", "scripts": { "build": "echo \"No build required for composite action\"",