diff --git a/.github/workflows/gemini-cli-bot-brain.yml b/.github/workflows/gemini-cli-bot-brain.yml index 119f25718d..ab5114796e 100644 --- a/.github/workflows/gemini-cli-bot-brain.yml +++ b/.github/workflows/gemini-cli-bot-brain.yml @@ -41,7 +41,8 @@ jobs: github.event_name == 'schedule' || (github.event_name == 'workflow_dispatch' && github.event.inputs.run_interactive != 'true') || (github.event_name == 'workflow_dispatch' && github.event.inputs.run_interactive == 'true') || - (github.event_name == 'issue_comment' && github.event.comment.user.login != 'gemini-cli[bot]' && contains(github.event.comment.body, '@gemini-cli') && contains(fromJSON('["COLLABORATOR", "MEMBER", "OWNER"]'), github.event.comment.author_association)) + (github.event_name == 'issue_comment' && github.event.comment.user.login != 'gemini-cli[bot]' && contains(github.event.comment.body, '@gemini-cli') && contains(fromJSON('["COLLABORATOR", "MEMBER", "OWNER"]'), github.event.comment.author_association)) || + (github.event_name == 'pull_request_review_comment' && github.event.comment.user.login != 'gemini-cli[bot]' && contains(github.event.comment.body, '@gemini-cli') && contains(fromJSON('["COLLABORATOR", "MEMBER", "OWNER"]'), github.event.comment.author_association)) ) # The reasoning phase is strictly readonly. permissions: @@ -119,7 +120,7 @@ jobs: if [ -n "$TRIGGER_COMMENT_ID" ]; then echo "## User Comment" >> trigger_context.md - gh api "repos/${{ github.repository }}/issues/comments/$TRIGGER_COMMENT_ID" -q '.body' >> trigger_context.md + gh api "repos/${{ github.repository }}/issues/comments/$TRIGGER_COMMENT_ID" -q '.body' >> trigger_context.md 2>/dev/null || gh api "repos/${{ github.repository }}/pulls/comments/$TRIGGER_COMMENT_ID" -q '.body' >> trigger_context.md echo "" >> trigger_context.md fi @@ -133,7 +134,7 @@ jobs: node bundle/gemini.js --policy tools/gemini-cli-bot/ci-policy.toml -p "$(cat combined_prompt.md)" - name: 'Run Critique Phase' - if: "${{ github.event.inputs.enable_prs == 'true' || github.event_name == 'issue_comment' || github.event.inputs.run_interactive == 'true' }}" + if: "${{ github.event.inputs.enable_prs == 'true' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event.inputs.run_interactive == 'true' }}" env: GEMINI_API_KEY: '${{ secrets.GEMINI_API_KEY }}' GITHUB_TOKEN: '${{ secrets.GITHUB_TOKEN }}' @@ -154,7 +155,7 @@ jobs: fi - name: 'Generate Patch' - if: "${{ github.event.inputs.enable_prs == 'true' || github.event_name == 'issue_comment' || github.event.inputs.run_interactive == 'true' }}" + if: "${{ github.event.inputs.enable_prs == 'true' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event.inputs.run_interactive == 'true' }}" run: | touch bot-changes.patch touch pr-description.md @@ -192,14 +193,16 @@ jobs: steps: - name: 'Generate GitHub App Token 🔑' id: 'generate_token' - if: "${{ github.event.inputs.enable_prs == 'true' || github.event_name == 'issue_comment' || github.event.inputs.run_interactive == 'true' }}" + if: "${{ github.event.inputs.enable_prs == 'true' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event.inputs.run_interactive == 'true' }}" uses: 'actions/create-github-app-token@a8d616148505b5069dccd32f177bb87d7f39123b' # ratchet:actions/create-github-app-token@v2 with: app-id: '${{ secrets.APP_ID }}' private-key: '${{ secrets.PRIVATE_KEY }}' owner: '${{ github.repository_owner }}' repositories: '${{ github.event.repository.name }}' - permissions: '{"contents": "write", "pull_requests": "write", "issues": "write", "workflows": "write"}' + permission-contents: 'write' + permission-pull-requests: 'write' + permission-issues: 'write' - name: 'Checkout' uses: 'actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8' # ratchet:actions/checkout@v5 @@ -215,9 +218,10 @@ jobs: path: '${{ runner.temp }}/brain-data/' - name: 'Create or Update PR' - if: "${{ github.event.inputs.enable_prs == 'true' || github.event_name == 'issue_comment' || github.event.inputs.run_interactive == 'true' }}" + if: "${{ github.event.inputs.enable_prs == 'true' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event.inputs.run_interactive == 'true' }}" env: GH_TOKEN: '${{ steps.generate_token.outputs.token }}' + FALLBACK_PAT: '${{ secrets.GEMINI_CLI_ROBOT_GITHUB_PAT }}' run: | if [ -s "${{ runner.temp }}/brain-data/bot-changes.patch" ]; then git config user.name "gemini-cli[bot]" @@ -244,16 +248,30 @@ jobs: git commit -m "🤖 Gemini Bot Productivity Optimizations" fi - git push origin "$BRANCH_NAME" --force - PR_TITLE="🤖 Gemini Bot Productivity Optimizations" if [ -s "${{ runner.temp }}/brain-data/pr-description.md" ]; then PR_TITLE=$(head -n 1 "${{ runner.temp }}/brain-data/pr-description.md") fi + if ! git push origin "$BRANCH_NAME" --force; then + echo "Push failed. Retrying with FALLBACK_PAT..." + export GH_TOKEN="$FALLBACK_PAT" + git remote set-url origin "https://x-access-token:${FALLBACK_PAT}@github.com/${{ github.repository }}.git" + git push origin "$BRANCH_NAME" --force + fi + if ! gh pr view "$BRANCH_NAME" > /dev/null 2>&1; then gh pr create --draft --title "$PR_TITLE" --body-file "${{ runner.temp }}/brain-data/pr-description.md" --head "$BRANCH_NAME" --base main || \ gh pr create --draft --title "🤖 Gemini Bot Productivity Optimizations" --body "Automated changes generated by Gemini CLI Bot." --head "$BRANCH_NAME" --base main + else + PR_STATE=$(gh pr view "$BRANCH_NAME" --json state --jq .state) + if [ "$PR_STATE" = "CLOSED" ]; then + NEW_BRANCH_NAME="${BRANCH_NAME}-retry-${{ github.run_id }}" + git checkout -b "$NEW_BRANCH_NAME" + git push origin "$NEW_BRANCH_NAME" --force + gh pr create --draft --title "$PR_TITLE" --body-file "${{ runner.temp }}/brain-data/pr-description.md" --head "$NEW_BRANCH_NAME" --base main || \ + gh pr create --draft --title "🤖 Gemini Bot Productivity Optimizations" --body "Automated changes generated by Gemini CLI Bot." --head "$NEW_BRANCH_NAME" --base main + fi fi fi diff --git a/tools/gemini-cli-bot/brain/critique.md b/tools/gemini-cli-bot/brain/critique.md index 4040af6fa9..427d19702a 100644 --- a/tools/gemini-cli-bot/brain/critique.md +++ b/tools/gemini-cli-bot/brain/critique.md @@ -92,7 +92,12 @@ above: logic and the goals of the prior investigation. Do not invent new workflows; just ensure the existing ones are implemented robustly according to this checklist. -4. Re-stage the file with `git add`. **CRITICAL: You MUST use `git add` to +4. **Strict Scope Constraint**: You are STRICTLY FORBIDDEN from modifying or + staging any file that was not already staged by the investigation phase. You + must ONLY critique and fix the files explicitly included in + `git diff --staged`. Do not attempt to complete pending tasks from the + memory ledger or introduce unrelated refactoring to unstaged files. +5. Re-stage the file with `git add`. **CRITICAL: You MUST use `git add` to stage your fixes.** ## Final Verdict & Logging diff --git a/tools/gemini-cli-bot/brain/interactive.md b/tools/gemini-cli-bot/brain/interactive.md index 1eec66da09..448c4c4045 100644 --- a/tools/gemini-cli-bot/brain/interactive.md +++ b/tools/gemini-cli-bot/brain/interactive.md @@ -24,7 +24,11 @@ Before beginning your analysis, you MUST perform the following research: 1. **Read Memory**: Read `tools/gemini-cli-bot/lessons-learned.md` to understand the current state. -2. **Verify Request Context**: Use the GitHub CLI to verify the current state +2. **Ignore Pending Tasks**: You are in interactive mode. You MUST explicitly + ignore any FAILED, STUCK, or pending tasks listed in the + `lessons-learned.md` Task Ledger. Do not attempt to complete or resume them. + Your ONLY goal is to address the user's specific comment. +3. **Verify Request Context**: Use the GitHub CLI to verify the current state of the issue/PR you were mentioned in. If the user's request is already addressed or obsolete, inform them via `issue-comment.md`. @@ -46,6 +50,10 @@ If your investigation confirms that a code or configuration change is required: - **Surgical Changes**: Apply the minimal set of changes needed to address the issue correctly and safely. +- **Strict Scope**: You MUST strictly limit your changes to addressing the + user's specific request. You are STRICTLY FORBIDDEN from including any + unrelated updates (such as metrics updates, backlog triage changes, or + background housekeeping) when operating in interactive mode. - **Acknowledgment**: Write a brief acknowledgement to `issue-comment.md` (e.g., "I've investigated the request and implemented a fix. A PR will be created shortly.").