From 3a0c5eef9c7ecb9128dae762c2f8de52f8c4be71 Mon Sep 17 00:00:00 2001 From: mkorwel Date: Sun, 15 Mar 2026 09:41:50 -0700 Subject: [PATCH] feat(build): implement dual-tagging strategy and update next mission dossier --- .gcp/maintainer-worker.yml | 20 ++++++++++++++++---- .gemini/skills/offload/NEXT_MISSION.md | 26 ++++++++++++++++++-------- 2 files changed, 34 insertions(+), 12 deletions(-) diff --git a/.gcp/maintainer-worker.yml b/.gcp/maintainer-worker.yml index f8004a68e8..7ca97ef124 100644 --- a/.gcp/maintainer-worker.yml +++ b/.gcp/maintainer-worker.yml @@ -24,12 +24,24 @@ steps: args: - '-c' - |- - # Use commit SHA for PR builds to ensure isolation IMAGE_BASE="us-docker.pkg.dev/gemini-code-dev/gemini-cli/maintainer" - TAG="${SHORT_SHA}" - docker build -f .gcp/Dockerfile.maintainer -t "$${IMAGE_BASE}:$${TAG}" . - docker push "$${IMAGE_BASE}:$${TAG}" + # Sanitize branch name (lowercase, replace non-alphanumeric with -) + # Handles both _HEAD_BRANCH (PRs) and BRANCH_NAME (Pushes) + RAW_BRANCH="${_HEAD_BRANCH:-${BRANCH_NAME}}" + CLEAN_BRANCH=$(echo "$${RAW_BRANCH}" | sed 's/[^a-zA-Z0-9]/-/g' | tr '[:upper:]' '[:lower:]') + + TAG_SHA="${SHORT_SHA}" + TAG_BRANCH="$${CLEAN_BRANCH}" + + echo "📦 Building Maintainer Image for branch: $${RAW_BRANCH} ($${CLEAN_BRANCH})" + + docker build -f .gcp/Dockerfile.maintainer \ + -t "$${IMAGE_BASE}:$${TAG_SHA}" \ + -t "$${IMAGE_BASE}:$${TAG_BRANCH}" . + + docker push "$${IMAGE_BASE}:$${TAG_SHA}" + docker push "$${IMAGE_BASE}:$${TAG_BRANCH}" options: defaultLogsBucketBehavior: 'REGIONAL_USER_OWNED_BUCKET' diff --git a/.gemini/skills/offload/NEXT_MISSION.md b/.gemini/skills/offload/NEXT_MISSION.md index c7af242927..c5b4065c89 100644 --- a/.gemini/skills/offload/NEXT_MISSION.md +++ b/.gemini/skills/offload/NEXT_MISSION.md @@ -10,15 +10,25 @@ Shift from a "Manual VM" to an "Invisible VM" (Container-Optimized OS) that runs ## Planned Changes 1. **Multi-Stage Dockerfile**: - - Optimize `Dockerfile.gemini-maintainer` to include `tsx`, `vitest`, `gh`, and a pre-warmed repository. - - Base it on the existing `google-gemini-cli-sandbox`. -2. **Setup Script (`setup.ts`)**: + - Optimize `.gcp/Dockerfile.maintainer` to include `tsx`, `vitest`, `gh`, and system dependencies (`libsecret`, `build-essential`). +2. **Dedicated Pipeline**: + - Use `.gcp/maintainer-worker.yml` for isolated PR builds. + - **Tagging Strategy**: Dual-tag images with `${SHORT_SHA}` (immutable) and `${CLEAN_BRANCH}` (latest-on-branch). +3. **Setup Script (`setup.ts`)**: - Refactor `provision` to use `gcloud compute instances create-with-container`. - - Configure the VM to launch the container as the primary entrypoint. -3. **Orchestrator (`orchestrator.ts`)**: + - Point to the new `maintainer` image in Artifact Registry. +4. **Orchestrator (`orchestrator.ts`)**: - Update SSH logic to include the `--container` flag. - - Ensure `rsync` still maps to the persistent home directory that is mounted into the container. + +## GCP Console Setup (Manual Action) +To enable the automatic maintainer image builds on PRs: +1. **Create Trigger**: Go to **Cloud Build > Triggers** and create a new trigger. +2. **Event**: Set to **Pull Request**. +3. **Source**: Select the `google-gemini/gemini-cli` repository. +4. **Configuration**: Point to `.gcp/maintainer-worker.yml` in the repo. +5. **Filters**: Set the base branch to `^main$`. +6. **Service Account**: Ensure it has `Artifact Registry Writer` permissions. ## How to Resume -1. Load the checkpoint: `/checkpoint load offload-container-refactor` (if available). -2. Tell Gemini: *"Read .gemini/skills/offload/NEXT_MISSION.md and start Phase 1: The Multi-Stage Dockerfile."* +1. Load the checkpoint: `/checkpoint save offload-container-refactor` (if available). +2. Tell Gemini: *"Read .gemini/skills/offload/NEXT_MISSION.md and start Phase 3: Refactoring setup.ts for Container-OS."*