feat: Initial implementation of the Gemini CLI GitHub Action

This commit introduces the core implementation of the Gemini CLI GitHub Action, establishing its primary features and structure.

Key features and additions include:

- **Composite Action:** The action is built as a composite action, directly installing and running the Gemini CLI for efficiency and simplicity.
- **Workflows:** Includes example workflows for key use cases:
  - Automated and scheduled issue triage.
  - Pull request reviews.
- **Documentation:** Comprehensive documentation is added for:
  - Configuration and setup.
  - Authentication using GitHub Apps and Google Cloud Workload Identity Federation.
  - Observability with OpenTelemetry.
- **Scripts:** Helper scripts are provided to facilitate the setup of Workload Identity and OpenTelemetry.
- **Project Files:**
  -  is configured with inputs for the CLI.
  - , , and  provide usage and contribution guidelines.

Author: jerop

.github/dependabot.yml

@@ -1,3 +1,4 @@
+---
 version: 2
 updates:
   - package-ecosystem: 'npm'
@@ -7,4 +8,4 @@ updates:
       interval: 'daily'
     commit-message:
       prefix: 'security: '
-    open-pull-requests-limit: 0 # only check security updates
+    open-pull-requests-limit: 0  # only check security updates

.github/workflows/draft-release.yml

@@ -1,6 +1,7 @@
+---
 name: 'Draft release'
 
-on:
+on:  # yamllint disable-line rule:truthy
   workflow_dispatch:
     inputs:
       version_strategy:
@@ -19,7 +20,7 @@ permissions:
 
 jobs:
   draft-release:
-    uses: 'google-github-actions/.github/.github/workflows/draft-release.yml@v3' # ratchet:exclude
+    uses: 'google-github-actions/.github/.github/workflows/draft-release.yml@v3'  # ratchet:exclude
     with:
       version_strategy: '${{ github.event.inputs.version_strategy }}'
     secrets:

.github/workflows/gemini-issue-automated-triage.yml

@@ -0,0 +1,85 @@
+---
+name: '🏷️ Gemini Automated Issue Triage'
+on:  # yamllint disable-line rule:truthy
+  issues:
+    types:
+      - 'opened'
+      - 'reopened'
+
+jobs:
+  triage-issue:
+    timeout-minutes: 5
+    permissions:
+      issues: 'write'
+      contents: 'read'
+      id-token: 'write'
+    concurrency:
+      group: '${{ github.workflow }}-${{ github.event.issue.number }}'
+      # yamllint disable-line rule:truthy
+      cancel-in-progress: true
+    runs-on: 'ubuntu-latest'
+    steps:
+      - name: 'Checkout repository'
+        uses: 'actions/checkout@v4'
+
+      - name: 'Generate GitHub App Token'
+        id: 'generate_token'
+        if: ${{ vars.APP_ID }}
+        uses: 'actions/create-github-app-token@v1'
+        with:
+          app-id: '${{ vars.APP_ID }}'
+          private-key: '${{ secrets.APP_PRIVATE_KEY }}'
+
+      - name: 'Run Gemini Issue Triage'
+        uses: './'
+        env:
+          GITHUB_TOKEN: '${{ steps.generate_token.outputs.token || secrets.GITHUB_TOKEN }}'
+          ISSUE_TITLE: '${{ github.event.issue.title }}'
+          ISSUE_BODY: '${{ github.event.issue.body }}'
+          ISSUE_NUMBER: '${{ github.event.issue.number }}'
+          REPOSITORY: '${{ github.repository }}'
+          GEMINI_CLI_VERSION: '${{ vars.GEMINI_CLI_VERSION }}'
+          OTLP_GOOGLE_CLOUD_PROJECT: '${{ vars.OTLP_GOOGLE_CLOUD_PROJECT }}'
+          OTLP_GCP_WIF_PROVIDER: '${{ vars.OTLP_GCP_WIF_PROVIDER }}'
+          GEMINI_API_KEY: '${{ secrets.GEMINI_API_KEY }}'
+        with:
+          settings_json: |
+            {
+              "coreTools": [
+                "run_shell_command(gh label list)",
+                "run_shell_command(gh issue edit)"
+              ],
+              "telemetry": {
+                "enabled": true,
+                "target": "gcp"
+              },
+              "sandbox": false
+            }
+          prompt: |
+            ## Role
+
+            You are an issue triage assistant. Analyze the current GitHub issue
+            and apply the most appropriate existing labels. Use the available
+            tools to gather information; do not ask for information to be
+            provided.
+
+            ## Steps
+
+            1. Run: `gh label list` to get all available labels.
+            2. Review the issue title and body provided in the environment
+               variables: "${ISSUE_TITLE}" and "${ISSUE_BODY}".
+            3. Select the most relevant labels from the existing labels. If
+               available, set labels that follow the `kind/*`, `area/*`, and
+               `priority/*` patterns.
+            4. Apply the selected labels to this issue using:
+               `gh issue edit "${ISSUE_NUMBER}" --add-label "label1,label2"`
+            5. If the "status/needs-triage" label is present, remove it using:
+               `gh issue edit "${ISSUE_NUMBER}" --remove-label "status/needs-triage"`
+
+            ## Guidelines
+
+            - Only use labels that already exist in the repository
+            - Do not add comments or modify the issue content
+            - Triage only the current issue
+            - Assign all applicable labels based on the issue content
+            - Reference all shell variables as "${VAR}" (with quotes and braces)

.github/workflows/gemini-issue-scheduled-triage.yml

@@ -0,0 +1,107 @@
+---
+name: '📋 Gemini Scheduled Issue Triage'
+
+on:  # yamllint disable-line rule:truthy
+  schedule:
+    - cron: '0 * * * *'  # Runs every hour
+  workflow_dispatch:
+
+jobs:
+  triage-issues:
+    timeout-minutes: 10
+    runs-on: 'ubuntu-latest'
+    permissions:
+      contents: 'read'
+      id-token: 'write'
+      issues: 'write'
+    steps:
+      - name: 'Checkout repository'
+        uses: 'actions/checkout@v4'
+
+      - name: 'Generate GitHub App Token'
+        id: 'generate_token'
+        if: ${{ vars.APP_ID }}
+        uses: 'actions/create-github-app-token@v1'
+        with:
+          app-id: '${{ vars.APP_ID }}'
+          private-key: '${{ secrets.APP_PRIVATE_KEY }}'
+
+      - name: 'Find untriaged issues'
+        id: 'find_issues'
+        env:
+          GITHUB_TOKEN: '${{ steps.generate_token.outputs.token || secrets.GITHUB_TOKEN }}'
+          GITHUB_REPOSITORY: '${{ github.repository }}'
+          GITHUB_OUTPUT: '${{ github.output }}'
+        shell: bash
+        run: |
+          set -euo pipefail
+
+          echo '🔍 Finding issues without labels...'
+          NO_LABEL_ISSUES="$(gh issue list --repo "${GITHUB_REPOSITORY}" \
+            --search 'is:open is:issue no:label' --json number,title,body)"
+
+          echo '🏷️ Finding issues that need triage...'
+          NEED_TRIAGE_ISSUES="$(gh issue list --repo "${GITHUB_REPOSITORY}" \
+            --search 'is:open is:issue label:"status/needs-triage"' --json number,title,body)"
+
+          echo '🔄 Merging and deduplicating issues...'
+          ISSUES="$(echo "${NO_LABEL_ISSUES}" "${NEED_TRIAGE_ISSUES}" | jq -c -s 'add | unique_by(.number)')"
+
+          echo '📝 Setting output for GitHub Actions...'
+          echo "issues_to_triage=${ISSUES}" >> "${GITHUB_OUTPUT}"
+
+          ISSUE_COUNT="$(echo "${ISSUES}" | jq 'length')"
+          echo "✅ Found ${ISSUE_COUNT} issues to triage! 🎯"
+
+      - name: 'Run Gemini Issue Triage'
+        if: steps.find_issues.outputs.issues_to_triage != '[]'
+        uses: './'
+        env:
+          GITHUB_TOKEN: '${{ steps.generate_token.outputs.token }}'
+          ISSUES_TO_TRIAGE: '${{ steps.find_issues.outputs.issues_to_triage }}'
+          REPOSITORY: '${{ github.repository }}'
+          GEMINI_CLI_VERSION: '${{ vars.GEMINI_CLI_VERSION }}'
+          OTLP_GOOGLE_CLOUD_PROJECT: '${{ vars.OTLP_GOOGLE_CLOUD_PROJECT }}'
+          OTLP_GCP_WIF_PROVIDER: '${{ vars.OTLP_GCP_WIF_PROVIDER }}'
+          GEMINI_API_KEY: '${{ secrets.GEMINI_API_KEY }}'
+        with:
+          settings_json: |
+            {
+              "coreTools": [
+                "run_shell_command(echo)",
+                "run_shell_command(gh label list)",
+                "run_shell_command(gh issue edit)",
+                "run_shell_command(gh issue list)"
+              ],
+              "telemetry": {
+                "enabled": true,
+                "target": "gcp"
+              },
+              "sandbox": false
+            }
+          prompt: |
+            ## Role
+
+            You are an issue triage assistant. Analyze issues and apply
+            appropriate labels. Use the available tools to gather information;
+            do not ask for information to be provided.
+
+            ## Steps
+
+            1. Run: `gh label list`
+            2. Check environment variable: "${ISSUES_TO_TRIAGE}" (JSON array
+               of issues)
+            3. For each issue, apply labels:
+               `gh issue edit "${ISSUE_NUMBER}" --add-label "label1,label2"`.
+               If available, set labels that follow the `kind/*`, `area/*`,
+               and `priority/*` patterns.
+            4. For each issue, if the `status/needs-triage` label is present,
+               remove it using:
+               `gh issue edit "${ISSUE_NUMBER}" --remove-label "status/needs-triage"`
+
+            ## Guidelines
+
+            - Only use existing repository labels
+            - Do not add comments
+            - Triage each issue independently
+            - Reference all shell variables as "${VAR}" (with quotes and braces)