chore: Update Gemini Actions workflows for enhanced security and community alignment

- Restrict invoke and review triggers purely to explicit user comments.
- Enforce strict author association verification (OWNER, MEMBER, COLLABORATOR).
- Enforce strict targeting assertion to ensure pull requests act on the main branch.
- Synchronize prompt constraints and GitHub action tools with the community catalog.
- Refine action API key options to uniformly target secrets.GOOGLE_API_KEY.

Co-authored-by: Shangjie Chen <deanchen@google.com>
PiperOrigin-RevId: 915654346

Author: DeanChensj

.github/workflows/gemini-dispatch.yml

@@ -7,14 +7,6 @@ on:
   pull_request_review:
     types:
       - 'submitted'
-  pull_request:
-    types:
-      - 'opened'
-      - 'ready_for_review'
-  issues:
-    types:
-      - 'opened'
-      - 'reopened'
   issue_comment:
     types:
       - 'created'
@@ -44,19 +36,11 @@ jobs:
           env | grep '^DEBUG_'
 
   dispatch:
-    # For PRs: only if not from a fork
-    # For issues: only on open/reopen
-    # For comments: only if user types @gemini-cli and is OWNER/MEMBER/COLLABORATOR
+    # Only trigger if user types @gemini-cli and author association is OWNER, MEMBER, or COLLABORATOR
     if: |-
-      (
-        github.event_name == 'pull_request' &&
-        github.event.pull_request.head.repo.fork == false &&
-        github.event.pull_request.draft == false
-      ) || (
-        github.event.sender.type == 'User' &&
-        startsWith(github.event.comment.body || github.event.review.body || github.event.issue.body, '@gemini-cli') &&
-        contains(fromJSON('["OWNER", "MEMBER", "COLLABORATOR"]'), github.event.comment.author_association || github.event.review.author_association || github.event.issue.author_association)
-      )
+      github.event.sender.type == 'User' &&
+      startsWith(github.event.comment.body || github.event.review.body, '@gemini-cli') &&
+      contains(fromJSON('["OWNER", "MEMBER", "COLLABORATOR"]'), github.event.comment.author_association || github.event.review.author_association)
     runs-on: 'ubuntu-latest'
     permissions:
       contents: 'read'
@@ -82,22 +66,43 @@ jobs:
 
       - name: 'Extract command'
         id: 'extract_command'
-        uses: 'actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea' # ratchet:actions/github-script@v7
+        uses: 'actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd' # ratchet:actions/github-script@v8.0.0
         env:
-          EVENT_TYPE: '${{ github.event_name }}.${{ github.event.action }}'
-          REQUEST: '${{ github.event.comment.body || github.event.review.body || github.event.issue.body }}'
+          REQUEST: '${{ github.event.comment.body || github.event.review.body }}'
+          IS_PR: '${{ !!(github.event.pull_request || github.event.issue.pull_request) }}'
         with:
           script: |
-            const eventType = process.env.EVENT_TYPE;
             const request = process.env.REQUEST;
+            const isPr = process.env.IS_PR === 'true';
             core.setOutput('request', request);
 
-            if (eventType === 'pull_request.opened' || eventType === 'pull_request.ready_for_review') {
-              core.setOutput('command', 'review');
-            } else if (request.startsWith("@gemini-cli /review")) {
-              core.setOutput('command', 'review');
-              const additionalContext = request.replace(/^@gemini-cli \/review/, '').trim();
-              core.setOutput('additional_context', additionalContext);
+            // Ensure request is on a PR targeting the main branch
+            let baseRef = '';
+            if (context.eventName === 'pull_request_review' || context.eventName === 'pull_request_review_comment') {
+              baseRef = context.payload.pull_request.base.ref;
+            } else if (context.eventName === 'issue_comment' && context.payload.issue.pull_request) {
+              const pr = await github.rest.pulls.get({
+                owner: context.repo.owner,
+                repo: context.repo.repo,
+                pull_number: context.payload.issue.number
+              });
+              baseRef = pr.data.base.ref;
+            }
+
+            if (isPr && baseRef !== 'main') {
+              console.log(`Skipping: PR targets '${baseRef}', but only 'main' is allowed.`);
+              core.setOutput('command', 'fallthrough');
+              return;
+            }
+
+            if (request.startsWith("@gemini-cli /review")) {
+              if (isPr) {
+                core.setOutput('command', 'review');
+                const additionalContext = request.replace(/^@gemini-cli \/review/, '').trim();
+                core.setOutput('additional_context', additionalContext);
+              } else {
+                core.setOutput('command', 'fallthrough');
+              }
             } else if (request.startsWith("@gemini-cli")) {
               const additionalContext = request.replace(/^@gemini-cli/, '').trim();
               core.setOutput('command', 'invoke');

.github/workflows/gemini-invoke.yml

@@ -52,12 +52,14 @@ jobs:
           ISSUE_NUMBER: '${{ github.event.pull_request.number || github.event.issue.number }}'
           REPOSITORY: '${{ github.repository }}'
           ADDITIONAL_CONTEXT: '${{ inputs.additional_context }}'
+          # Required to allow the Gemini CLI to process files in the ephemeral GitHub Actions runner
+          GEMINI_CLI_TRUST_WORKSPACE: 'true'
         with:
           gcp_location: '${{ vars.GOOGLE_CLOUD_LOCATION }}'
           gcp_project_id: '${{ vars.GOOGLE_CLOUD_PROJECT }}'
           gcp_service_account: '${{ vars.SERVICE_ACCOUNT_EMAIL }}'
           gcp_workload_identity_provider: '${{ vars.GCP_WIF_PROVIDER }}'
-          gemini_api_key: '${{ secrets.GEMINI_API_KEY }}'
+          gemini_api_key: '${{ secrets.GOOGLE_API_KEY }}'
           gemini_cli_version: '${{ vars.GEMINI_CLI_VERSION }}'
           gemini_debug: '${{ fromJSON(vars.GEMINI_DEBUG || vars.ACTIONS_STEP_DEBUG || false) }}'
           gemini_model: '${{ vars.GEMINI_MODEL }}'
@@ -91,32 +93,12 @@ jobs:
                     "GITHUB_PERSONAL_ACCESS_TOKEN",
                     "ghcr.io/github/github-mcp-server:v0.27.0"
                   ],
-                  "includeTools": [
-                    "add_issue_comment",
-                    "issue_read",
-                    "list_issues",
-                    "search_issues",
-                    "pull_request_read",
-                    "list_pull_requests",
-                    "search_pull_requests",
-                    "get_commit",
-                    "get_file_contents",
-                    "list_commits",
-                    "search_code"
-                  ],
                   "env": {
                     "GITHUB_PERSONAL_ACCESS_TOKEN": "${{ steps.mint_identity_token.outputs.token || secrets.GITHUB_TOKEN || github.token }}"
                   }
                 }
-              },
-              "tools": {
-                "core": [
-                  "run_shell_command(cat)",
-                  "run_shell_command(echo)",
-                  "run_shell_command(grep)",
-                  "run_shell_command(head)",
-                  "run_shell_command(tail)"
-                ]
               }
             }
-          prompt: '/gemini-invoke'
+          prompt: |-
+            /gemini-invoke
+            [IMPORTANT] Do not generate execution plans and do not ask for approval (such as suggesting `@gemini-cli /approve`). Perform the requested task or answer the question directly and immediately.

.github/workflows/gemini-review.yml

@@ -51,14 +51,15 @@ jobs:
           PULL_REQUEST_NUMBER: '${{ github.event.pull_request.number || github.event.issue.number }}'
           REPOSITORY: '${{ github.repository }}'
           ADDITIONAL_CONTEXT: '${{ inputs.additional_context }}'
-          GEMINI_API_KEY: '${{ secrets.GEMINI_API_KEY }}'
+          GEMINI_API_KEY: '${{ secrets.GOOGLE_API_KEY }}'
+          # Required to allow the Gemini CLI to process files in the ephemeral GitHub Actions runner
           GEMINI_CLI_TRUST_WORKSPACE: 'true'
         with:
           gcp_location: '${{ vars.GOOGLE_CLOUD_LOCATION }}'
           gcp_project_id: '${{ vars.GOOGLE_CLOUD_PROJECT }}'
           gcp_service_account: '${{ vars.SERVICE_ACCOUNT_EMAIL }}'
           gcp_workload_identity_provider: '${{ vars.GCP_WIF_PROVIDER }}'
-          gemini_api_key: '${{ secrets.GEMINI_API_KEY }}'
+          gemini_api_key: '${{ secrets.GOOGLE_API_KEY }}'
           gemini_cli_version: '${{ vars.GEMINI_CLI_VERSION }}'
           gemini_debug: '${{ fromJSON(vars.GEMINI_DEBUG || vars.ACTIONS_STEP_DEBUG || false) }}'
           gemini_model: '${{ vars.GEMINI_MODEL }}'
@@ -90,11 +91,6 @@ jobs:
                     "GITHUB_PERSONAL_ACCESS_TOKEN",
                     "ghcr.io/github/github-mcp-server:v0.27.0"
                   ],
-                  "includeTools": [
-                    "pull_request_read",
-                    "add_comment_to_pending_review",
-                    "pull_request_review_write"
-                  ],
                   "env": {
                     "GITHUB_PERSONAL_ACCESS_TOKEN": "${{ steps.mint_identity_token.outputs.token || secrets.GITHUB_TOKEN || github.token }}"
                   }