From 70d215d2719c2c54b8aa70964ee9d5c251f8dd49 Mon Sep 17 00:00:00 2001 From: Megha Bansal Date: Wed, 26 Nov 2025 11:32:09 +0530 Subject: [PATCH 1/4] Updated exit codes with clearer message. --- action.yml | 36 ++++++++++++++++++++++++++++++++++-- 1 file changed, 34 insertions(+), 2 deletions(-) diff --git a/action.yml b/action.yml index cabafabf..ec1eea85 100644 --- a/action.yml +++ b/action.yml @@ -290,13 +290,16 @@ runs: FAILED=false # Run Gemini CLI with the provided prompt, streaming responses in debug + EXIT_CODE=0 if [[ "${DEBUG}" = true ]]; then echo "::warning::Gemini CLI debug logging is enabled. This will stream responses, which could reveal sensitive information if processed with untrusted inputs." if ! { gemini --yolo --prompt "${PROMPT}" 2> >(tee "${TEMP_STDERR}" >&2) | tee "${TEMP_STDOUT}"; }; then + EXIT_CODE=$? FAILED=true fi else if ! gemini --yolo --prompt "${PROMPT}" 2> "${TEMP_STDERR}" 1> "${TEMP_STDOUT}"; then + EXIT_CODE=$? FAILED=true fi fi @@ -323,10 +326,39 @@ runs: echo "EOF" >> "${GITHUB_OUTPUT}" if [[ "${FAILED}" = true ]]; then + case "${EXIT_CODE}" in + 1) + MSG="General error" + ;; + 41) + MSG="Authentication failure. Please check your credentials (API key or Google Cloud auth)." + ;; + 42) + MSG="Invalid input or configuration. Please check your prompt or CLI arguments." + ;; + 52) + MSG="Configuration error. Failed to save settings." + ;; + 53) + MSG="Turn limit exceeded. The conversation has reached its maximum length." + ;; + 126) + MSG="Command invoked cannot execute" + ;; + 127) + MSG="Command not found" + ;; + 130) + MSG="User cancelled. The operation was interrupted." + ;; + *) + MSG="Unknown error (exit code: ${EXIT_CODE})" + esac + LAST_LINE="$(tail -n1 "${TEMP_STDERR}")" - echo "::error title=Gemini CLI execution failed::${LAST_LINE}" + printf "::error title=Gemini CLI execution failed (%s)::%s\n" "${MSG}" "${LAST_LINE}" echo "See logs for more details" - exit 1 + exit "${EXIT_CODE}" fi env: DEBUG: '${{ fromJSON(inputs.gemini_debug || false) }}' From 5bfdd15fcd1cad77555867d5f9c7089d4d83bfd4 Mon Sep 17 00:00:00 2001 From: Megha Bansal Date: Fri, 28 Nov 2025 12:26:59 +0530 Subject: [PATCH 2/4] Testing --- .github/workflows/gemini-dispatch.yml | 14 -------------- .github/workflows/gemini-invoke.yml | 2 +- .github/workflows/gemini-issue-fixer.yml | 2 +- .github/workflows/gemini-review.yml | 4 ++-- .github/workflows/gemini-scheduled-triage.yml | 2 +- .github/workflows/gemini-triage.yml | 2 +- docs/authentication.md | 2 +- examples/workflows/pr-review/gemini-review.yml | 2 +- scripts/generate-examples.sh | 2 +- 9 files changed, 9 insertions(+), 23 deletions(-) diff --git a/.github/workflows/gemini-dispatch.yml b/.github/workflows/gemini-dispatch.yml index 9f74a7dd..22d0b27a 100644 --- a/.github/workflows/gemini-dispatch.yml +++ b/.github/workflows/gemini-dispatch.yml @@ -103,8 +103,6 @@ jobs: core.setOutput('additional_context', additionalContext); } else if (request.startsWith("@gemini-cli /triage")) { core.setOutput('command', 'triage'); - } else if (request.startsWith("@gemini-cli /fix")) { - core.setOutput('command', 'fix'); } else if (request.startsWith("@gemini-cli")) { const additionalContext = request.replace(/^@gemini-cli/, '').trim(); core.setOutput('command', 'invoke'); @@ -153,18 +151,6 @@ jobs: additional_context: '${{ needs.dispatch.outputs.additional_context }}' secrets: 'inherit' - fix: - needs: 'dispatch' - if: |- - ${{ needs.dispatch.outputs.command == 'fix' }} - uses: './.github/workflows/gemini-issue-fixer.yml' - permissions: - contents: 'write' - id-token: 'write' - issues: 'write' - pull-requests: 'write' - secrets: 'inherit' - invoke: needs: 'dispatch' if: |- diff --git a/.github/workflows/gemini-invoke.yml b/.github/workflows/gemini-invoke.yml index f27e96a1..579be4d6 100644 --- a/.github/workflows/gemini-invoke.yml +++ b/.github/workflows/gemini-invoke.yml @@ -39,7 +39,7 @@ jobs: - name: 'Run Gemini CLI' id: 'run_gemini' - uses: 'google-github-actions/run-gemini-cli@main' # ratchet:exclude + uses: 'megha1188/run-gemini-cli@v0' # ratchet:exclude env: TITLE: '${{ github.event.pull_request.title || github.event.issue.title }}' DESCRIPTION: '${{ github.event.pull_request.body || github.event.issue.body }}' diff --git a/.github/workflows/gemini-issue-fixer.yml b/.github/workflows/gemini-issue-fixer.yml index 0d6aefee..9696dbea 100644 --- a/.github/workflows/gemini-issue-fixer.yml +++ b/.github/workflows/gemini-issue-fixer.yml @@ -39,7 +39,7 @@ jobs: uses: 'actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8' # ratchet:actions/checkout@v5 - name: 'Run Gemini PR Create' - uses: 'google-github-actions/run-gemini-cli@main' # ratchet:exclude + uses: 'megha1188/run-gemini-cli@main' # ratchet:exclude id: 'gemini_pr_create' env: GITHUB_TOKEN: '${{ steps.mint_identity_token.outputs.token || secrets.GITHUB_TOKEN }}' diff --git a/.github/workflows/gemini-review.yml b/.github/workflows/gemini-review.yml index c3ec70d4..881c0584 100644 --- a/.github/workflows/gemini-review.yml +++ b/.github/workflows/gemini-review.yml @@ -42,7 +42,7 @@ jobs: uses: 'actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8' # ratchet:actions/checkout@v5 - name: 'Run Gemini pull request review' - uses: 'google-github-actions/run-gemini-cli@main' # ratchet:exclude + uses: 'megha1188/run-gemini-cli@v0' # ratchet:exclude id: 'gemini_pr_review' env: GITHUB_TOKEN: '${{ steps.mint_identity_token.outputs.token || secrets.GITHUB_TOKEN || github.token }}' @@ -93,7 +93,7 @@ jobs: "submit_pending_pull_request_review" ], "env": { - "GITHUB_PERSONAL_ACCESS_TOKEN": "${GITHUB_TOKEN}" + "GITHUB_PERSONAL_ACCESS_TOKEN": "${GITHUB_TOKEN_1}" } } }, diff --git a/.github/workflows/gemini-scheduled-triage.yml b/.github/workflows/gemini-scheduled-triage.yml index 96d9db07..6ba72607 100644 --- a/.github/workflows/gemini-scheduled-triage.yml +++ b/.github/workflows/gemini-scheduled-triage.yml @@ -89,7 +89,7 @@ jobs: id: 'gemini_issue_analysis' if: |- ${{ steps.find_issues.outputs.issues_to_triage != '[]' }} - uses: 'google-github-actions/run-gemini-cli@main' # ratchet:exclude + uses: 'megha1188/run-gemini-cli@v0' # ratchet:exclude env: GITHUB_TOKEN: '' # Do not pass any auth token here since this runs on untrusted inputs ISSUES_TO_TRIAGE: '${{ steps.find_issues.outputs.issues_to_triage }}' diff --git a/.github/workflows/gemini-triage.yml b/.github/workflows/gemini-triage.yml index c5acc968..d4f2c07d 100644 --- a/.github/workflows/gemini-triage.yml +++ b/.github/workflows/gemini-triage.yml @@ -59,7 +59,7 @@ jobs: id: 'gemini_analysis' if: |- ${{ steps.get_labels.outputs.available_labels != '' }} - uses: 'google-github-actions/run-gemini-cli@main' # ratchet:exclude + uses: 'megha1188/run-gemini-cli@v0' # ratchet:exclude env: GITHUB_TOKEN: '' # Do NOT pass any auth tokens here since this runs on untrusted inputs ISSUE_TITLE: '${{ github.event.issue.title }}' diff --git a/docs/authentication.md b/docs/authentication.md index 0ed6b597..f411c7a1 100644 --- a/docs/authentication.md +++ b/docs/authentication.md @@ -72,7 +72,7 @@ This method is used for quick setup using Vertex AI through Google Cloud Console #### Example ```yaml -- uses: 'google-github-actions/run-gemini-cli@v0' +- uses: 'megha1188/run-gemini-cli@v0' with: prompt: |- Explain this code diff --git a/examples/workflows/pr-review/gemini-review.yml b/examples/workflows/pr-review/gemini-review.yml index d3b43a15..c7486180 100644 --- a/examples/workflows/pr-review/gemini-review.yml +++ b/examples/workflows/pr-review/gemini-review.yml @@ -42,7 +42,7 @@ jobs: uses: 'actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8' # ratchet:actions/checkout@v5 - name: 'Run Gemini pull request review' - uses: 'google-github-actions/run-gemini-cli@v0' # ratchet:exclude + uses: 'megha1188/run-gemini-cli@v0' # ratchet:exclude id: 'gemini_pr_review' env: GITHUB_TOKEN: '${{ steps.mint_identity_token.outputs.token || secrets.GITHUB_TOKEN || github.token }}' diff --git a/scripts/generate-examples.sh b/scripts/generate-examples.sh index bbb5119e..0c355d02 100755 --- a/scripts/generate-examples.sh +++ b/scripts/generate-examples.sh @@ -44,7 +44,7 @@ for workflow_file in "${WORKFLOWS_DIR}"/*.yml; do # Update lines that are different in the /examples/, such as the version of the action sed \ - -e "s|uses: 'google-github-actions/run-gemini-cli@main'|uses: 'google-github-actions/run-gemini-cli@v0'|g" \ + -e "s|uses: 'megha1188/run-gemini-cli@main'|uses: 'megha1188/run-gemini-cli@v0'|g" \ "${workflow_file}" > "${example_file}" done From fce7a40e10bf75dec872a8d3e0cc6ea68f5168a9 Mon Sep 17 00:00:00 2001 From: Megha Bansal Date: Fri, 28 Nov 2025 12:38:53 +0530 Subject: [PATCH 3/4] testing 2 --- .github/workflows/gemini-review.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/gemini-review.yml b/.github/workflows/gemini-review.yml index 881c0584..b1008d75 100644 --- a/.github/workflows/gemini-review.yml +++ b/.github/workflows/gemini-review.yml @@ -45,7 +45,7 @@ jobs: uses: 'megha1188/run-gemini-cli@v0' # ratchet:exclude id: 'gemini_pr_review' env: - GITHUB_TOKEN: '${{ steps.mint_identity_token.outputs.token || secrets.GITHUB_TOKEN || github.token }}' + GITHUB_TOKEN: '${{ steps.mint_identity_token.outputs.token.q || secrets.GITHUB_TOKEN_1 || github.token.q }}' ISSUE_TITLE: '${{ github.event.pull_request.title || github.event.issue.title }}' ISSUE_BODY: '${{ github.event.pull_request.body || github.event.issue.body }}' PULL_REQUEST_NUMBER: '${{ github.event.pull_request.number || github.event.issue.number }}' From 84a14540cb9b12e14e2a09168f5aa3aa8dd6b9c2 Mon Sep 17 00:00:00 2001 From: Megha Bansal Date: Fri, 28 Nov 2025 12:59:13 +0530 Subject: [PATCH 4/4] refer to main --- .github/workflows/gemini-invoke.yml | 2 +- .github/workflows/gemini-review.yml | 2 +- .github/workflows/gemini-scheduled-triage.yml | 2 +- .github/workflows/gemini-triage.yml | 2 +- docs/authentication.md | 8 ++++---- docs/best-practices.md | 2 +- docs/extensions.md | 2 +- docs/observability.md | 8 ++++---- examples/workflows/gemini-assistant/gemini-invoke.yml | 2 +- .../workflows/issue-triage/gemini-scheduled-triage.yml | 2 +- examples/workflows/issue-triage/gemini-triage.yml | 2 +- examples/workflows/pr-review/gemini-review.yml | 2 +- scripts/generate-examples.sh | 2 +- 13 files changed, 19 insertions(+), 19 deletions(-) diff --git a/.github/workflows/gemini-invoke.yml b/.github/workflows/gemini-invoke.yml index 579be4d6..b41c77bc 100644 --- a/.github/workflows/gemini-invoke.yml +++ b/.github/workflows/gemini-invoke.yml @@ -39,7 +39,7 @@ jobs: - name: 'Run Gemini CLI' id: 'run_gemini' - uses: 'megha1188/run-gemini-cli@v0' # ratchet:exclude + uses: 'megha1188/run-gemini-cli@main' # ratchet:exclude env: TITLE: '${{ github.event.pull_request.title || github.event.issue.title }}' DESCRIPTION: '${{ github.event.pull_request.body || github.event.issue.body }}' diff --git a/.github/workflows/gemini-review.yml b/.github/workflows/gemini-review.yml index b1008d75..d1a9bdb0 100644 --- a/.github/workflows/gemini-review.yml +++ b/.github/workflows/gemini-review.yml @@ -42,7 +42,7 @@ jobs: uses: 'actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8' # ratchet:actions/checkout@v5 - name: 'Run Gemini pull request review' - uses: 'megha1188/run-gemini-cli@v0' # ratchet:exclude + uses: 'megha1188/run-gemini-cli@main' # ratchet:exclude id: 'gemini_pr_review' env: GITHUB_TOKEN: '${{ steps.mint_identity_token.outputs.token.q || secrets.GITHUB_TOKEN_1 || github.token.q }}' diff --git a/.github/workflows/gemini-scheduled-triage.yml b/.github/workflows/gemini-scheduled-triage.yml index 6ba72607..3d94c84f 100644 --- a/.github/workflows/gemini-scheduled-triage.yml +++ b/.github/workflows/gemini-scheduled-triage.yml @@ -89,7 +89,7 @@ jobs: id: 'gemini_issue_analysis' if: |- ${{ steps.find_issues.outputs.issues_to_triage != '[]' }} - uses: 'megha1188/run-gemini-cli@v0' # ratchet:exclude + uses: 'megha1188/run-gemini-cli@main' # ratchet:exclude env: GITHUB_TOKEN: '' # Do not pass any auth token here since this runs on untrusted inputs ISSUES_TO_TRIAGE: '${{ steps.find_issues.outputs.issues_to_triage }}' diff --git a/.github/workflows/gemini-triage.yml b/.github/workflows/gemini-triage.yml index d4f2c07d..832b7391 100644 --- a/.github/workflows/gemini-triage.yml +++ b/.github/workflows/gemini-triage.yml @@ -59,7 +59,7 @@ jobs: id: 'gemini_analysis' if: |- ${{ steps.get_labels.outputs.available_labels != '' }} - uses: 'megha1188/run-gemini-cli@v0' # ratchet:exclude + uses: 'megha1188/run-gemini-cli@main' # ratchet:exclude env: GITHUB_TOKEN: '' # Do NOT pass any auth tokens here since this runs on untrusted inputs ISSUE_TITLE: '${{ github.event.issue.title }}' diff --git a/docs/authentication.md b/docs/authentication.md index f411c7a1..602a2c92 100644 --- a/docs/authentication.md +++ b/docs/authentication.md @@ -49,7 +49,7 @@ This is the simplest method and is suitable for projects that do not require Goo #### Example ```yaml -- uses: 'google-github-actions/run-gemini-cli@v0' +- uses: 'google-github-actions/run-gemini-cli@main' with: prompt: |- Explain this code @@ -72,7 +72,7 @@ This method is used for quick setup using Vertex AI through Google Cloud Console #### Example ```yaml -- uses: 'megha1188/run-gemini-cli@v0' +- uses: 'megha1188/run-gemini-cli@main' with: prompt: |- Explain this code @@ -185,7 +185,7 @@ After running the `setup_workload_identity.sh` script, add the following variabl **Example** ```yaml -- uses: 'google-github-actions/run-gemini-cli@v0' +- uses: 'google-github-actions/run-gemini-cli@main' with: gcp_workload_identity_provider: '${{ vars.GCP_WIF_PROVIDER }}' gcp_service_account: '${{ vars.SERVICE_ACCOUNT_EMAIL }}' @@ -222,7 +222,7 @@ After running the `setup_workload_identity.sh` script, add the following variabl **Example** ```yaml -- uses: 'google-github-actions/run-gemini-cli@v0' +- uses: 'google-github-actions/run-gemini-cli@main' with: gcp_workload_identity_provider: '${{ vars.GCP_WIF_PROVIDER }}' gcp_service_account: '${{ vars.SERVICE_ACCOUNT_EMAIL }}' diff --git a/docs/best-practices.md b/docs/best-practices.md index 83b1938c..e414f33d 100644 --- a/docs/best-practices.md +++ b/docs/best-practices.md @@ -54,7 +54,7 @@ Never hardcode secrets (e.g., API keys, tokens) in your workflows. Use [GitHub S To ensure the stability and security of your workflows, pin the Gemini CLI action to a specific version. ```yaml -uses: google-github-actions/run-gemini-cli@v0 +uses: google-github-actions/run-gemini-cli@main ``` ## Creating Custom Workflows diff --git a/docs/extensions.md b/docs/extensions.md index 3992c9ab..386dd736 100644 --- a/docs/extensions.md +++ b/docs/extensions.md @@ -22,7 +22,7 @@ jobs: runs-on: ubuntu-latest steps: - id: gemini - uses: google-github-actions/run-gemini-cli@v0 + uses: google-github-actions/run-gemini-cli@main with: gemini_api_key: ${{ secrets.GEMINI_API_KEY }} prompt: "/security:analyze" diff --git a/docs/observability.md b/docs/observability.md index cd7c92be..82c2208e 100644 --- a/docs/observability.md +++ b/docs/observability.md @@ -49,7 +49,7 @@ environment. After running the setup script, configure your GitHub Actions workflow with the provided values: ```yaml -- uses: 'google-github-actions/run-gemini-cli@v0' +- uses: 'google-github-actions/run-gemini-cli@main' with: gcp_workload_identity_provider: '${{ vars.GCP_WIF_PROVIDER }}' gcp_project_id: '${{ vars.GOOGLE_CLOUD_PROJECT }}' @@ -88,7 +88,7 @@ jobs: review: runs-on: 'ubuntu-latest' steps: - - uses: 'google-github-actions/run-gemini-cli@v0' + - uses: 'google-github-actions/run-gemini-cli@main' with: gcp_workload_identity_provider: '${{ vars.GCP_WIF_PROVIDER }}' gcp_service_account: '${{ vars.SERVICE_ACCOUNT_EMAIL }}' @@ -109,7 +109,7 @@ jobs: If you prefer to disable OpenTelemetry, you can explicitly opt out by setting `enabled: false` in your settings: ```yaml -- uses: 'google-github-actions/run-gemini-cli@v0' +- uses: 'google-github-actions/run-gemini-cli@main' with: gcp_workload_identity_provider: '${{ vars.GCP_WIF_PROVIDER }}' gcp_project_id: '${{ vars.GOOGLE_CLOUD_PROJECT }}' @@ -128,7 +128,7 @@ If you prefer to disable OpenTelemetry, you can explicitly opt out by setting `e Alternatively, you can omit the `telemetry` settings entirely, as telemetry is disabled by default: ```yaml -- uses: 'google-github-actions/run-gemini-cli@v0' +- uses: 'google-github-actions/run-gemini-cli@main' with: gcp_workload_identity_provider: '${{ vars.GCP_WIF_PROVIDER }}' gcp_project_id: '${{ vars.GOOGLE_CLOUD_PROJECT }}' diff --git a/examples/workflows/gemini-assistant/gemini-invoke.yml b/examples/workflows/gemini-assistant/gemini-invoke.yml index e59e55de..f27e96a1 100644 --- a/examples/workflows/gemini-assistant/gemini-invoke.yml +++ b/examples/workflows/gemini-assistant/gemini-invoke.yml @@ -39,7 +39,7 @@ jobs: - name: 'Run Gemini CLI' id: 'run_gemini' - uses: 'google-github-actions/run-gemini-cli@v0' # ratchet:exclude + uses: 'google-github-actions/run-gemini-cli@main' # ratchet:exclude env: TITLE: '${{ github.event.pull_request.title || github.event.issue.title }}' DESCRIPTION: '${{ github.event.pull_request.body || github.event.issue.body }}' diff --git a/examples/workflows/issue-triage/gemini-scheduled-triage.yml b/examples/workflows/issue-triage/gemini-scheduled-triage.yml index 46bb71f2..96d9db07 100644 --- a/examples/workflows/issue-triage/gemini-scheduled-triage.yml +++ b/examples/workflows/issue-triage/gemini-scheduled-triage.yml @@ -89,7 +89,7 @@ jobs: id: 'gemini_issue_analysis' if: |- ${{ steps.find_issues.outputs.issues_to_triage != '[]' }} - uses: 'google-github-actions/run-gemini-cli@v0' # ratchet:exclude + uses: 'google-github-actions/run-gemini-cli@main' # ratchet:exclude env: GITHUB_TOKEN: '' # Do not pass any auth token here since this runs on untrusted inputs ISSUES_TO_TRIAGE: '${{ steps.find_issues.outputs.issues_to_triage }}' diff --git a/examples/workflows/issue-triage/gemini-triage.yml b/examples/workflows/issue-triage/gemini-triage.yml index 581acbbf..c5acc968 100644 --- a/examples/workflows/issue-triage/gemini-triage.yml +++ b/examples/workflows/issue-triage/gemini-triage.yml @@ -59,7 +59,7 @@ jobs: id: 'gemini_analysis' if: |- ${{ steps.get_labels.outputs.available_labels != '' }} - uses: 'google-github-actions/run-gemini-cli@v0' # ratchet:exclude + uses: 'google-github-actions/run-gemini-cli@main' # ratchet:exclude env: GITHUB_TOKEN: '' # Do NOT pass any auth tokens here since this runs on untrusted inputs ISSUE_TITLE: '${{ github.event.issue.title }}' diff --git a/examples/workflows/pr-review/gemini-review.yml b/examples/workflows/pr-review/gemini-review.yml index c7486180..04eab6db 100644 --- a/examples/workflows/pr-review/gemini-review.yml +++ b/examples/workflows/pr-review/gemini-review.yml @@ -42,7 +42,7 @@ jobs: uses: 'actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8' # ratchet:actions/checkout@v5 - name: 'Run Gemini pull request review' - uses: 'megha1188/run-gemini-cli@v0' # ratchet:exclude + uses: 'megha1188/run-gemini-cli@main' # ratchet:exclude id: 'gemini_pr_review' env: GITHUB_TOKEN: '${{ steps.mint_identity_token.outputs.token || secrets.GITHUB_TOKEN || github.token }}' diff --git a/scripts/generate-examples.sh b/scripts/generate-examples.sh index 0c355d02..e7f45861 100755 --- a/scripts/generate-examples.sh +++ b/scripts/generate-examples.sh @@ -44,7 +44,7 @@ for workflow_file in "${WORKFLOWS_DIR}"/*.yml; do # Update lines that are different in the /examples/, such as the version of the action sed \ - -e "s|uses: 'megha1188/run-gemini-cli@main'|uses: 'megha1188/run-gemini-cli@v0'|g" \ + -e "s|uses: 'megha1188/run-gemini-cli@main'|uses: 'megha1188/run-gemini-cli@main'|g" \ "${workflow_file}" > "${example_file}" done