From 951596ffe4db5fb03be28bcd5bf37bf0d7af0f91 Mon Sep 17 00:00:00 2001
From: matt korwel <matt.korwel@gmail.com>
Date: Fri, 19 Sep 2025 00:27:14 -0700
Subject: [PATCH] again with permissions (#8865)

Co-authored-by: gemini-cli-robot <gemini-cli-robot@google.com>
---
 .../workflows/release-patch-1-create-pr.yml   | 24 ++++++++-----------
 scripts/releasing/patch-create-comment.js     |  7 +++++-
 2 files changed, 16 insertions(+), 15 deletions(-)

diff --git a/.github/workflows/release-patch-1-create-pr.yml b/.github/workflows/release-patch-1-create-pr.yml
index 877e3d1e00..e83d8124e9 100644
--- a/.github/workflows/release-patch-1-create-pr.yml
+++ b/.github/workflows/release-patch-1-create-pr.yml
@@ -48,18 +48,6 @@ jobs:
           node-version-file: '.nvmrc'
           cache: 'npm'
 
-      - name: 'Install Dependencies'
-        run: 'npm ci'
-
-      - name: 'Generate GitHub App Token'
-        id: 'generate_token'
-        uses: 'actions/create-github-app-token@a8d616148505b5069dccd32f177bb87d7f39123b'
-        with:
-          app-id: '${{ secrets.APP_ID }}'
-          private-key: '${{ secrets.PRIVATE_KEY }}'
-          permission-pull-requests: 'write'
-          permission-contents: 'write'
-
       - name: 'Configure Git User'
         run: |-
           git config user.name "gemini-cli-robot"
@@ -68,7 +56,7 @@ jobs:
       - name: 'Create Patch'
         id: 'create_patch'
         env:
-          GH_TOKEN: '${{ steps.generate_token.outputs.token }}'
+          GH_TOKEN: '${{ secrets.GITHUB_TOKEN }}'
         continue-on-error: true
         run: |
           # Capture output and display it in logs using tee
@@ -82,7 +70,7 @@ jobs:
           )
 
       - name: 'Comment on Original PR'
-        if: 'inputs.original_pr'
+        if: 'always() && inputs.original_pr'
         env:
           GH_TOKEN: '${{ secrets.GITHUB_TOKEN }}'
           ORIGINAL_PR: '${{ github.event.inputs.original_pr }}'
@@ -91,6 +79,14 @@ jobs:
           CHANNEL: '${{ github.event.inputs.channel }}'
           REPOSITORY: '${{ github.repository }}'
           GITHUB_RUN_ID: '${{ github.run_id }}'
+          LOG_CONTENT: '${{ env.LOG_CONTENT }}'
         run: |
           git checkout '${{ github.event.inputs.ref }}'
           node scripts/releasing/patch-create-comment.js
+
+      - name: 'Fail Workflow if Main Task Failed'
+        if: 'always() && steps.create_patch.outputs.EXIT_CODE != 0'
+        run: |
+          echo "Patch creation failed with exit code: ${{ steps.create_patch.outputs.EXIT_CODE }}"
+          echo "Check the logs above and the comment posted to the original PR for details."
+          exit 1
diff --git a/scripts/releasing/patch-create-comment.js b/scripts/releasing/patch-create-comment.js
index 673568e6dc..1be72b76f2 100644
--- a/scripts/releasing/patch-create-comment.js
+++ b/scripts/releasing/patch-create-comment.js
@@ -275,7 +275,12 @@ There was an error creating the patch release.
 - Ensure you have permissions to create branches and PRs
 
 **🔗 Links:**
-- [View workflow run](https://github.com/${repository}/actions/runs/${runId})`;
+- [View workflow run](https://github.com/${repository}/actions/runs/${runId})
+
+**📋 Full Output:**
+\`\`\`
+${logContent}
+\`\`\``;
   }
 
   if (!commentBody) {