gemini-cli/.github/workflows/release-patch-1-create-pr.yml at main · google-gemini/gemini-cli · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
name: 'Release: Patch (1) Create PR'

run-name: >-
  Release Patch (1) Create PR | S:${{ inputs.channel }} | C:${{ inputs.commit }} ${{ inputs.original_pr && format('| PR:#{0}', inputs.original_pr) || '' }}

on:
  workflow_dispatch:
    inputs:
      commit:
        description: 'The commit SHA to cherry-pick for the patch.'
        required: true
        type: 'string'
      channel:
        description: 'The release channel to patch.'
        required: true
        type: 'choice'
        options:
          - 'stable'
          - 'preview'
      dry_run:
        description: 'Whether to run in dry-run mode.'
        required: false
        type: 'boolean'
        default: false
      ref:
        description: 'The branch, tag, or SHA to test from.'
        required: false
        type: 'string'
        default: 'main'
      original_pr:
        description: 'The original PR number to comment back on.'
        required: false
        type: 'string'
      environment:
        description: 'Environment'
        required: false
        type: 'choice'
        options:
          - 'prod'
          - 'dev'
        default: 'prod'

jobs:
  create-patch:
    runs-on: 'ubuntu-latest'
    environment: "${{ github.event.inputs.environment || 'prod' }}"
    permissions:
      contents: 'write'
      pull-requests: 'write'
      actions: 'write'
    steps:
      - name: 'Checkout'
        uses: 'actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8' # ratchet:actions/checkout@v5
        with:
          ref: '${{ github.event.inputs.ref }}'
          fetch-depth: 0

      - name: 'Setup Node.js'
        uses: 'actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020' # ratchet:actions/setup-node@v4
        with:
          node-version-file: '.nvmrc'
          cache: 'npm'

      - name: 'configure .npmrc'
        uses: './.github/actions/setup-npmrc'
        with:
          github-token: '${{ secrets.GITHUB_TOKEN }}'

      - name: 'Install Script Dependencies'
        run: 'npm ci'

      - name: 'Configure Git User'
        env:
          GH_TOKEN: '${{ secrets.GITHUB_TOKEN }}'
          REPOSITORY: '${{ github.repository }}'
        run: |-
          git config user.name "gemini-cli-robot"
          git config user.email "gemini-cli-robot@google.com"
          # Configure git to use GITHUB_TOKEN for remote operations (has actions:write for workflow files)
          git remote set-url origin "https://x-access-token:${GH_TOKEN}@github.com/${REPOSITORY}.git"

      - name: 'Create Patch'
        id: 'create_patch'
        env:
          GITHUB_TOKEN: '${{ secrets.GITHUB_TOKEN }}'
          GH_TOKEN: '${{ secrets.GEMINI_CLI_ROBOT_GITHUB_PAT }}'
          CLI_PACKAGE_NAME: '${{ vars.CLI_PACKAGE_NAME }}'
          PATCH_COMMIT: '${{ github.event.inputs.commit }}'
          PATCH_CHANNEL: '${{ github.event.inputs.channel }}'
          ORIGINAL_PR: '${{ github.event.inputs.original_pr }}'
          DRY_RUN: '${{ github.event.inputs.dry_run }}'
        continue-on-error: true
        run: |
          # Capture output and display it in logs using tee
          {
            node scripts/releasing/create-patch-pr.js \
              --cli-package-name="${CLI_PACKAGE_NAME}" \
              --commit="${PATCH_COMMIT}" \
              --channel="${PATCH_CHANNEL}" \
              --pullRequestNumber="${ORIGINAL_PR}" \
              --dry-run="${DRY_RUN}"
          } 2>&1 | tee >(
            echo "LOG_CONTENT<<EOF" >> "$GITHUB_ENV"
            cat >> "$GITHUB_ENV"
            echo "EOF" >> "$GITHUB_ENV"
          )
          echo "EXIT_CODE=${PIPESTATUS[0]}" >> "$GITHUB_OUTPUT"

      - name: 'Comment on Original PR'
        if: 'always() && inputs.original_pr'
        env:
          GH_TOKEN: '${{ secrets.GITHUB_TOKEN }}'
          ORIGINAL_PR: '${{ github.event.inputs.original_pr }}'
          EXIT_CODE: '${{ steps.create_patch.outputs.EXIT_CODE }}'
          COMMIT: '${{ github.event.inputs.commit }}'
          CHANNEL: '${{ github.event.inputs.channel }}'
          REPOSITORY: '${{ github.repository }}'
          GITHUB_RUN_ID: '${{ github.run_id }}'
          LOG_CONTENT: '${{ env.LOG_CONTENT }}'
          TARGET_REF: '${{ github.event.inputs.ref }}'
          ENVIRONMENT: '${{ github.event.inputs.environment }}'
        continue-on-error: true
        run: |
          git checkout "${TARGET_REF}"
          node scripts/releasing/patch-create-comment.js

      - name: 'Fail Workflow if Main Task Failed'
        if: 'always() && steps.create_patch.outputs.EXIT_CODE != 0'
        env:
          EXIT_CODE: '${{ steps.create_patch.outputs.EXIT_CODE }}'
        run: |
          echo "Patch creation failed with exit code: ${EXIT_CODE}"
          echo "Check the logs above and the comment posted to the original PR for details."
          exit 1