Improve LoadCodeAssist error handling (#1645)

This commit is contained in:
Tommaso Sciortino 2025-06-26 08:27:20 -07:00 committed by GitHub
parent 24ccc9c457
commit c55b15f705
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
4 changed files with 61 additions and 60 deletions

View File

@ -7,7 +7,7 @@ The Gemini CLI requires you to authenticate with Google's AI services. On initia
- Use this option to log in with your google account.
- During initial startup, Gemini CLI will direct you to a webpage for authentication. Once authenticated, your credentials will be cached locally so the web login can be skipped on subsequent runs.
- Note that the web login must be done in a browser that can communicate with the machine Gemini CLI is being run from. (Specifically, the browser will be redirected to a localhost url that Gemini CLI will be listening on).
- Users may have to specify a GOOGLE_CLOUD_PROJECT if:
- <a id="workspace-gca">Users may have to specify a GOOGLE_CLOUD_PROJECT if:</a>
1. You have a Google Workspace account. Google Workspace is a paid service for businesses and organizations that provides a suite of productivity tools, including a custom email domain (e.g. your-name@your-company.com), enhanced security features, and administrative controls. These accounts are often managed by an employer or school.
2. You are a licensed Code Assist user. This can happen if you have previously purchased a Code Assist license or have acquired one through Google Developer Program.
- If you fall into one of these categories, you must first configure a Google Cloud Project Id to use, [enable the Gemini for Cloud API](https://cloud.google.com/gemini/docs/discover/set-up-gemini#enable-api) and [configure access permissions](https://cloud.google.com/gemini/docs/discover/set-up-gemini#grant-iam). You can temporarily set the environment variable in your current shell session using the following command:
@ -34,28 +34,7 @@ The Gemini CLI requires you to authenticate with Google's AI services. On initia
source ~/.bashrc
```
3. **<a id="workspace-gca"></a>Login with Google (Gemini Code Assist for Workspace or licensed Code Assist users):**
(For more information, see: https://developers.google.com/gemini-code-assist/resources/faqs#gcp-project-requirement)
- Use this option if:
1. You have a Google Workspace account. Google Workspace is a paid service for businesses and organizations that provides a suite of productivity tools, including a custom email domain (e.g. your-name@your-company.com), enhanced security features, and administrative controls. These accounts are often managed by an employer or school.
2. You are a licensed Code Assist user. This can happen if you have previously purchased a Code Assist license or have acquired one through Google Developer Program.
- If you fall into one of these categories, you must first configure a Google Cloud Project Id to use, [enable the Gemini for Cloud API](https://cloud.google.com/gemini/docs/discover/set-up-gemini#enable-api) and [configure access permissions](https://cloud.google.com/gemini/docs/discover/set-up-gemini#grant-iam). You can temporarily set the environment variable in your current shell session using the following command:
```bash
export GOOGLE_CLOUD_PROJECT="YOUR_PROJECT_ID"
```
- For repeated use, you can add the environment variable to your `.env` file (located in the project directory or user home directory) or your shell's configuration file (like `~/.bashrc`, `~/.zshrc`, or `~/.profile`). For example, the following command adds the environment variable to a `~/.bashrc` file:
```bash
echo 'export GOOGLE_CLOUD_PROJECT="YOUR_PROJECT_ID"' >> ~/.bashrc
source ~/.bashrc
```
- During startup, Gemini CLI will direct you to a webpage for authentication. Once authenticated, your credentials will be cached locally so the web login can be skipped on subsequent runs.
- Note that the web login must be done in a browser that can communicate with the machine Gemini CLI is being run from. (Specifically, the browser will be redirected to a localhost url that Gemini CLI will be listening on).
4. **Vertex AI:**
3. **Vertex AI:**
- If not using express mode:
- Ensure you have a Google Cloud project and have enabled the Vertex AI API.
- Set up Application Default Credentials (ADC), using the following command:

View File

@ -141,12 +141,16 @@ export async function main() {
if (sandboxConfig) {
if (settings.merged.selectedAuthType) {
// Validate authentication here because the sandbox will interfere with the Oauth2 web redirect.
const err = validateAuthMethod(settings.merged.selectedAuthType);
if (err) {
console.error(err);
try {
const err = validateAuthMethod(settings.merged.selectedAuthType);
if (err) {
throw new Error(err);
}
await config.refreshAuth(settings.merged.selectedAuthType);
} catch (err) {
console.error('Error authenticating:', err);
process.exit(1);
}
await config.refreshAuth(settings.merged.selectedAuthType);
}
await start_sandbox(sandboxConfig, memoryArgs);
process.exit(0);

View File

@ -46,17 +46,7 @@ export const useAuthCommand = (
config,
);
} catch (e) {
let errorMessage = `Failed to login.\nMessage: ${getErrorMessage(e)}`;
if (
settings.merged.selectedAuthType ===
AuthType.LOGIN_WITH_GOOGLE_PERSONAL &&
!process.env.GOOGLE_CLOUD_PROJECT
) {
errorMessage =
'Failed to login. Workspace accounts and licensed Code Assist users must configure' +
` GOOGLE_CLOUD_PROJECT (see https://goo.gle/gemini-cli-auth-docs#workspace-gca).\nMessage: ${getErrorMessage(e)}`;
}
setAuthError(errorMessage);
setAuthError(`Failed to login. Message: ${getErrorMessage(e)}`);
openAuthDialog();
} finally {
setIsAuthenticating(false);

View File

@ -4,17 +4,31 @@
* SPDX-License-Identifier: Apache-2.0
*/
import { ClientMetadata, OnboardUserRequest } from './types.js';
import {
ClientMetadata,
GeminiUserTier,
LoadCodeAssistResponse,
OnboardUserRequest,
UserTierId,
} from './types.js';
import { CodeAssistServer } from './server.js';
import { OAuth2Client } from 'google-auth-library';
export class ProjectIdRequiredError extends Error {
constructor() {
super(
'This account requires setting the GOOGLE_CLOUD_PROJECT env var. See https://goo.gle/gemini-cli-auth-docs#workspace-gca',
);
}
}
/**
*
* @param projectId the user's project id, if any
* @returns the user's actual project id
*/
export async function setupUser(authClient: OAuth2Client): Promise<string> {
const projectId = process.env.GOOGLE_CLOUD_PROJECT;
let projectId = process.env.GOOGLE_CLOUD_PROJECT;
const caServer = new CodeAssistServer(authClient, projectId);
const clientMetadata: ClientMetadata = {
@ -24,34 +38,48 @@ export async function setupUser(authClient: OAuth2Client): Promise<string> {
duetProject: projectId,
};
// TODO: Support Free Tier user without projectId.
const loadRes = await caServer.loadCodeAssist({
cloudaicompanionProject: projectId,
metadata: clientMetadata,
});
const onboardTier: string =
loadRes.allowedTiers?.find((tier) => tier.isDefault)?.id ?? 'legacy-tier';
if (!projectId && loadRes.cloudaicompanionProject) {
projectId = loadRes.cloudaicompanionProject;
}
const tier = getOnboardTier(loadRes);
if (tier.userDefinedCloudaicompanionProject && !projectId) {
throw new ProjectIdRequiredError();
}
const onboardReq: OnboardUserRequest = {
tierId: onboardTier,
cloudaicompanionProject: loadRes.cloudaicompanionProject || projectId || '',
tierId: tier.id,
cloudaicompanionProject: projectId,
metadata: clientMetadata,
};
try {
// Poll onboardUser until long running operation is complete.
let lroRes = await caServer.onboardUser(onboardReq);
while (!lroRes.done) {
await new Promise((f) => setTimeout(f, 5000));
lroRes = await caServer.onboardUser(onboardReq);
}
return lroRes.response?.cloudaicompanionProject?.id || '';
} catch (e) {
console.log(
'\n\nError onboarding with Code Assist.\n' +
'Google Workspace Account (e.g. your-name@your-company.com)' +
' must specify a GOOGLE_CLOUD_PROJECT environment variable.\n\n',
);
throw e;
// Poll onboardUser until long running operation is complete.
let lroRes = await caServer.onboardUser(onboardReq);
while (!lroRes.done) {
await new Promise((f) => setTimeout(f, 5000));
lroRes = await caServer.onboardUser(onboardReq);
}
return lroRes.response?.cloudaicompanionProject?.id || '';
}
function getOnboardTier(res: LoadCodeAssistResponse): GeminiUserTier {
if (res.currentTier) {
return res.currentTier;
}
for (const tier of res.allowedTiers || []) {
if (tier.isDefault) {
return tier;
}
}
return {
name: '',
description: '',
id: UserTierId.LEGACY,
userDefinedCloudaicompanionProject: true,
};
}