diff --git a/packages/adapters/gemini-local/src/index.ts b/packages/adapters/gemini-local/src/index.ts index 626266b0..d1b584ff 100644 --- a/packages/adapters/gemini-local/src/index.ts +++ b/packages/adapters/gemini-local/src/index.ts @@ -60,7 +60,8 @@ Operational fields: - graceSec (number, optional): SIGTERM grace period in seconds Notes: -- Runs use positional prompt arguments, not stdin. +- Runs use --prompt for non-interactive execution, not stdin. +- The adapter sets a headless-safe terminal/browser environment for Gemini CLI child processes so unattended runs do not wait on browser auth or 256-color terminal prompts. - Sessions resume with --resume when stored session cwd matches the current cwd. - Paperclip auto-injects local skills into \`~/.gemini/skills/\` via symlinks, so the CLI can discover both credentials and skills in their natural location. - Authentication can use GEMINI_API_KEY / GOOGLE_API_KEY or local Gemini CLI login. diff --git a/packages/adapters/gemini-local/src/server/execute.remote.test.ts b/packages/adapters/gemini-local/src/server/execute.remote.test.ts index e050427b..0fcbcfff 100644 --- a/packages/adapters/gemini-local/src/server/execute.remote.test.ts +++ b/packages/adapters/gemini-local/src/server/execute.remote.test.ts @@ -126,7 +126,10 @@ describe("gemini remote execution", () => { }, config: { command: "gemini", - env: { GEMINI_API_KEY: "test-key" }, + env: { + GEMINI_API_KEY: "test-key", + NO_COLOR: "1", + }, }, context: { paperclipWorkspace: { @@ -218,6 +221,10 @@ describe("gemini remote execution", () => { expect(call?.[3].env.PAPERCLIP_API_URL).toBe("http://127.0.0.1:4310"); expect(call?.[3].env.PAPERCLIP_API_BRIDGE_MODE).toBe("queue_v1"); expect(call?.[3].env.GEMINI_CLI_TRUST_WORKSPACE).toBe("true"); + expect(call?.[3].env.TERM).toBe("xterm-256color"); + expect(call?.[3].env.COLORTERM).toBe("truecolor"); + expect(call?.[3].env.NO_BROWSER).toBe("1"); + expect(call?.[3].env).not.toHaveProperty("NO_COLOR"); expect(call?.[3].remoteExecution?.remoteCwd).toBe(managedRemoteWorkspace); expect(startAdapterExecutionTargetPaperclipBridge).toHaveBeenCalledTimes(1); expect(restoreWorkspaceFromSshExecution).toHaveBeenCalledTimes(1); diff --git a/packages/adapters/gemini-local/src/server/execute.ts b/packages/adapters/gemini-local/src/server/execute.ts index 5431eca5..0a3c0da6 100644 --- a/packages/adapters/gemini-local/src/server/execute.ts +++ b/packages/adapters/gemini-local/src/server/execute.ts @@ -71,6 +71,28 @@ function resolveGeminiBillingType(env: Record): "api" | "subscri : "subscription"; } +function buildGeminiHeadlessEnv(env: Record): Record { + const next = { ...env }; + const term = env.TERM?.trim().toLowerCase(); + if (!term || term === "dumb" || term === "vt100") { + next.TERM = "xterm-256color"; + } + if (!next.COLORTERM?.trim()) { + next.COLORTERM = "truecolor"; + } + next.NO_BROWSER = "1"; + delete next.NO_COLOR; + return next; +} + +function buildGeminiRuntimeEnv(env: Record): Record { + return Object.fromEntries( + Object.entries(ensurePathInEnv({ ...process.env, ...buildGeminiHeadlessEnv(env) })).filter( + (entry): entry is [string, string] => typeof entry[1] === "string", + ), + ); +} + function renderPaperclipEnvNote(env: Record): string { const paperclipKeys = Object.keys(env) .filter((key) => key.startsWith("PAPERCLIP_")) @@ -269,17 +291,8 @@ export async function execute(ctx: AdapterExecutionContext): Promise typeof entry[1] === "string", - ), - ); - const billingType = resolveGeminiBillingType(effectiveEnv); - const runtimeEnv = Object.fromEntries( - Object.entries(ensurePathInEnv(effectiveEnv)).filter( - (entry): entry is [string, string] => typeof entry[1] === "string", - ), - ); + const runtimeEnv = buildGeminiRuntimeEnv(env); + const billingType = resolveGeminiBillingType(runtimeEnv); const timeoutSec = resolveAdapterExecutionTargetTimeoutSec( executionTarget, asNumber(config.timeoutSec, 0), @@ -301,12 +314,6 @@ export async function execute(ctx: AdapterExecutionContext): Promise { const fromExtraArgs = asStringArray(config.extraArgs); if (fromExtraArgs.length > 0) return fromExtraArgs; @@ -434,11 +441,6 @@ export async function execute(ctx: AdapterExecutionContext): Promise { const notes: string[] = ["Prompt is passed to Gemini via --prompt for non-interactive execution."]; notes.push("Added --approval-mode yolo for unattended execution."); + notes.push("Set headless terminal/browser env so Gemini fails fast instead of opening interactive auth or color prompts."); if (executionTargetIsRemote) { notes.push("Set GEMINI_CLI_TRUST_WORKSPACE=true for remote headless execution."); } @@ -557,6 +560,13 @@ export async function execute(ctx: AdapterExecutionContext): Promise { const args = buildArgs(resumeSessionId); + const invocationEnv = buildGeminiHeadlessEnv(env); + const invocationRuntimeEnv = buildGeminiRuntimeEnv(env); + const loggedEnv = buildInvocationEnvForLogs(invocationEnv, { + runtimeEnv: invocationRuntimeEnv, + includeRuntimeKeys: ["HOME"], + resolvedCommand, + }); if (onMeta) { await onMeta({ adapterType: "gemini_local", @@ -575,7 +585,7 @@ export async function execute(ctx: AdapterExecutionContext): Promise { const result = parseGeminiJsonl(stdout); expect(result.errorMessage).toBe("boom"); }); + + it("classifies non-interactive manual authorization failures as auth required", () => { + const result = detectGeminiAuthRequired({ + parsed: null, + stdout: "", + stderr: + "Error authenticating: FatalAuthenticationError: Manual authorization is required but the current session is non-interactive.", + }); + + expect(result.requiresAuth).toBe(true); + }); }); describe("isGeminiSessionUnrecoverableError", () => { diff --git a/packages/adapters/gemini-local/src/server/parse.ts b/packages/adapters/gemini-local/src/server/parse.ts index 93686b61..008f6522 100644 --- a/packages/adapters/gemini-local/src/server/parse.ts +++ b/packages/adapters/gemini-local/src/server/parse.ts @@ -263,7 +263,7 @@ export function describeGeminiFailure(parsed: Record): string | return parts.length > 1 ? parts.join(": ") : null; } -const GEMINI_AUTH_REQUIRED_RE = /(?:not\s+authenticated|please\s+authenticate|api[_ ]?key\s+(?:required|missing|invalid)|authentication\s+required|unauthorized|invalid\s+credentials|not\s+logged\s+in|login\s+required|run\s+`?gemini\s+auth(?:\s+login)?`?\s+first)/i; +const GEMINI_AUTH_REQUIRED_RE = /(?:not\s+authenticated|please\s+authenticate|api[_ ]?key\s+(?:required|missing|invalid)|authentication\s+required|manual\s+authorization\s+is\s+required|unauthorized|invalid\s+credentials|not\s+logged\s+in|login\s+required|run\s+`?gemini\s+auth(?:\s+login)?`?\s+first)/i; const GEMINI_QUOTA_EXHAUSTED_RE = /(?:resource_exhausted|quota|rate[-\s]?limit|too many requests|\b429\b|billing details)/i;