fix(ci): use wombat dressing room fallback in nightly release to prevent ENEEDAUTH#28104
Conversation
Replace queueMicrotask with setTimeout(..., 10) inside _processNextItem loop to allow the event loop's macrotask queue (I/O, timers, child processes) to execute when waiting for external events. Also update parallel tools integration test and mocks.
…ting in CI Add a non-strict option to TestRig.setup to launch the CLI with --fake-responses-non-strict. This allows the integration tests to match mock responses by method name and ignore order differences caused by model-routing (classifier) being active or inactive in different environments (local vs CI).
Summary of ChangesHello, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed! This pull request addresses authentication failures during scheduled nightly releases by standardizing registry URL formats and ensuring the correct proxy is used. Additionally, it includes stability improvements for the test suite and scheduler, ensuring more reliable execution in CI environments. Highlights
Ignored Files
Using Gemini Code AssistThe full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips. Invoking Gemini You can request assistance from Gemini at any point by creating a comment using either
Customization To customize the Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a Limitations & Feedback Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counterproductive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here. Footnotes
|
|
📊 PR Size: size/XS
|
There was a problem hiding this comment.
Code Review
This pull request introduces several updates to improve the robustness of integration tests, release publishing, and scheduler yielding. Key changes include adding --ignore-scripts to npm publish commands, removing trailing slashes from registry URLs, implementing a non-strict mode for fake responses in tests, and replacing queueMicrotask with setTimeout in the scheduler. Feedback is provided regarding the error handling in parallel-tools.test.ts, where writing the failure output directly to the workspace without a nested try-catch could mask the original test failure if the write operation fails.
I am having trouble creating individual review comments. Click here to see my feedback.
integration-tests/parallel-tools.test.ts (58-61)
Writing to a file in the catch block without wrapping it in a try-catch can mask the original test failure. If fs.writeFileSync throws an error (e.g., due to permission issues or a read-only file system in the CI environment), the original assertion failure (err) will be lost, making debugging extremely difficult. Additionally, writing directly to the current working directory can pollute the workspace. Wrapping the write operation in a try-catch and writing to rig.testDir ensures the original error is always rethrown and the workspace remains clean.
} catch (err) {
try {
fs.writeFileSync(join(rig.testDir!, 'pty_output_failure.txt'), run.output);
} catch (writeErr) {
console.error('Failed to write pty_output_failure.txt:', writeErr);
}
throw err;
}
References
- In contexts like test logging or error handling, prefer synchronous file I/O over asynchronous methods to ensure data durability and log capture.
16 commits ahead of main-api-integration at sync time: - f8541cf fix/verify release npm ci ignore scripts (google-gemini#28116) - 6e0bd68 Add JSON output for eval inventory (google-gemini#28058) - d3ef6ac fix(ci): use wombat dressing room fallback in nightly release to prevent ENEEDAUTH (google-gemini#28104) - be7ba2c fix: resolve workspace publish failures and scheduler event loop starvation (google-gemini#28063) - c22137e feat: add eval:inventory CLI command and reporting logic (google-gemini#28009) - 6613e12 fix(ci): append trailing slash to registry url in npmrc (google-gemini#28038) - 93844df chore(deps): pin dependencies and enforce 14-day update cooldown (google-gemini#27948) - c427d18 fix(ci): provide fallbacks for package variables in nightly release (google-gemini#28016) - d5e25b9 Changelog for v0.48.0-preview.0 (google-gemini#27999) - 7ef3b4e chore(release): bump version to 0.49.0-nightly.20260617.g4d3dcdce1 (google-gemini#28003) - 4d3dcdc Revert "fix(core-tools): resolve defensive path resolution for at-reference files" (google-gemini#27992) - f741d03 fix(core-tools): resolve defensive path resolution for at-reference files (google-gemini#27943) - 926f3d9 fix(config): migrate coreTools setting to tools.core (google-gemini#27947) - 97455e5 Add static eval source analyzer (google-gemini#27631) - 5624a3b fix(cli): handle tmux false positive background detection (google-gemini#27572) - fbce3e5 feat(core): Support GDC air-gapped Service Identity after auth library update (google-gemini#27956) Conflict resolution: - packages/core/package.json: upstream pinned all dep versions (no caret) per 93844df (chore(deps): pin dependencies and enforce 14-day update cooldown). Kept fork-specific 'openai: 4.104.0' (pinned to match new policy) for MiniMax OpenAI-compat API integration. - packages/vscode-ide-companion/package.json: took upstream's pinned versions (no fork-specific deps). - package-lock.json: regenerated via 'npm install' after taking upstream's lockfile via 'git checkout --theirs'. Verification: - npm run build: pass - npm run typecheck: pass (0 errors) - npm test --workspace=@google/gemini-cli -- --run: 463 files / 6914 pass, 4 skipped, 0 fail - npm test --workspace=@google/gemini-cli-core -- --run: 403 files, 7710 tests run (12 fail originally, 2 fixed via UPDATE_GOLDENS=true golden regen on src/services/modelConfig.golden.test.ts). REMAINING 10 FAILURES in memory/AGENTS.md/scoped workspace path validation tests are KNOWN UPSTREAM BEHAVIOR DRIFT — upstream commit pair (f741d03 + 4d3dcdc revert) left tests in intermediate state (expect deny, code allows). Tracked for separate fix; not blocking the merge per user direction. Snapshot regen: - packages/core/src/services/test-data/resolved-aliases.golden.json - packages/core/src/services/test-data/resolved-aliases-retry.golden.json (regenerated via UPDATE_GOLDENS=true, see pitfall google-gemini#4 in autonomous-ai-agents/gemini-cli skill)
Summary
This PR resolves the
ENEEDAUTHcustom npm registry authentication mapping mismatch error that occurs during the scheduled nightly release pipeline.Details
In the scheduled nightly release workflow (
release-nightly.yml), when the pipeline triggers on a schedule, it runs in the'internal'environment wherevars.NPM_REGISTRY_PUBLISH_URLis undefined.Because of this, it was falling back to the default of
'https://registry.npmjs.org/'. This causedactions/setup-nodeto generate authorization config in~/.npmrcmapped toregistry.npmjs.org. However, since all of our packages under the@googlescope are mapped to use the Wombat Dressing Room proxy (https://wombat-dressing-room.appspot.com) in the local project.npmrcfiles,npm publishwould attempt to publish to Wombat but find no credentials mapped to it, resulting innpm error need auth.To resolve this:
.github/workflows/release-nightly.ymlwithhttps://wombat-dressing-room.appspot.comto guarantee correct authentication mapping on nightly runs..npmrc,packages/core/.npmrc, and.github/actions/setup-npmrc/action.ymlto prevent key mismatch during npm's strict URL matching.Related Issues
Fixes #28102 Fixes #28087
How to Validate
Since this is a CI environment workflow bug, validation can be confirmed by running the nightly release workflow on a branch or observing the next scheduled nightly run. The configuration change ensures that even if environment variables are not loaded, the fallback correctly targets the custom registry.
Pre-Merge Checklist