ci(github-actions): switch to github app token and fix bot self-trigger

[gundermanc]

Summary

Fixes the GitHub App token generation and permissions in the bot brain workflow.
This PR switches from using a Personal Access Token (gemini-cli-robot) to generating a GitHub App token using actions/create-github-app-token. It also prevents the bot from triggering itself on issue comments by explicitly checking that the comment user is not gemini-cli[bot].

Details

• Uses actions/create-github-app-token instead of GEMINI_CLI_ROBOT_GITHUB_PAT.
• Replaces gemini-cli-robot git config with gemini-cli[bot].
• Uses GitHub REST API directly (gh api) for creating comments to ensure robot identity and to avoid potential GraphQL-specific authorization hurdles with App tokens.
• Updates comment trigger condition to github.event.comment.user.login != 'gemini-cli[bot]' and changes the trigger text from @gemini-cli-robot to @gemini-cli.

Related Issues

How to Validate

• Trigger the workflow via workflow dispatch and ensure PR creation succeeds.
• Add a comment tagging @gemini-cli and verify the bot responds successfully using the app identity.
• Check that the bot doesn't trigger on its own comments.

Pre-Merge Checklist

• Updated relevant documentation and README (if needed)
• Added/updated tests (if needed)
• Noted breaking changes (if any)
• Validated on required platforms/methods:
  • MacOS
    • npm run
    • npx
    • Docker
    • Podman
    • Seatbelt
  • Windows
    • npm run
    • npx
    • Docker
  • Linux
    • npm run
    • npx
    • Docker

[gemini-code-assist]

Note

Gemini is unable to generate a summary for this pull request due to the file types involved not being currently supported.

[github-actions]

Size Change: -4 B (0%)

Total Size: 33.9 MB

Filename	Size	Change
./bundle/chunk-7ZN6GXL7.js	0 B	-655 kB (removed)	🏆
./bundle/chunk-BD6OX4SV.js	0 B	-19.5 kB (removed)	🏆
./bundle/chunk-E2R4MZ6Y.js	0 B	-3.43 kB (removed)	🏆
./bundle/chunk-OIOKKUJV.js	0 B	-3.8 kB (removed)	🏆
./bundle/chunk-OPA4WVYG.js	0 B	-49.2 kB (removed)	🏆
./bundle/chunk-PJHLIBE4.js	0 B	-12.6 kB (removed)	🏆
./bundle/chunk-TICW6OCB.js	0 B	-2.72 MB (removed)	🏆
./bundle/chunk-V5P72VLL.js	0 B	-14.7 MB (removed)	🏆
./bundle/core-OFHG7KTO.js	0 B	-48.2 kB (removed)	🏆
./bundle/devtoolsService-CP3UFFJT.js	0 B	-28 kB (removed)	🏆
./bundle/gemini-JN76QNQH.js	0 B	-576 kB (removed)	🏆
./bundle/interactiveCli-7HNUA2FH.js	0 B	-1.31 MB (removed)	🏆
./bundle/liteRtServerManager-CCWRD3CR.js	0 B	-2.11 kB (removed)	🏆
./bundle/oauth2-provider-OY6XXPXN.js	0 B	-9.16 kB (removed)	🏆
./bundle/chunk-7QKN42XV.js	14.7 MB	+14.7 MB (new file)	🆕
./bundle/chunk-C56ADLBC.js	19.5 kB	+19.5 kB (new file)	🆕
./bundle/chunk-GJ7YEXHW.js	12.6 kB	+12.6 kB (new file)	🆕
./bundle/chunk-HSGBGELH.js	2.72 MB	+2.72 MB (new file)	🆕
./bundle/chunk-ORVEXWG3.js	3.43 kB	+3.43 kB (new file)	🆕
./bundle/chunk-OWDBYZYS.js	3.8 kB	+3.8 kB (new file)	🆕
./bundle/chunk-U4EHSGN2.js	655 kB	+655 kB (new file)	🆕
./bundle/chunk-WYL7J3ST.js	49.2 kB	+49.2 kB (new file)	🆕
./bundle/core-3ZNQOYW7.js	48.2 kB	+48.2 kB (new file)	🆕
./bundle/devtoolsService-WMYVXY7B.js	28 kB	+28 kB (new file)	🆕
./bundle/gemini-WMLWHQLK.js	576 kB	+576 kB (new file)	🆕
./bundle/interactiveCli-Q2WW32BB.js	1.31 MB	+1.31 MB (new file)	🆕
./bundle/liteRtServerManager-4BZDRFH3.js	2.11 kB	+2.11 kB (new file)	🆕
./bundle/oauth2-provider-MBLYW4VP.js	9.16 kB	+9.16 kB (new file)	🆕

ℹ️ View Unchanged

Filename	Size	Change
./bundle/bundled/third_party/index.js	8 MB	0 B
./bundle/chunk-34MYV7JD.js	2.45 kB	0 B
./bundle/chunk-5AUYMPVF.js	858 B	0 B
./bundle/chunk-5PS3AYFU.js	1.18 kB	0 B
./bundle/chunk-664ZODQF.js	124 kB	0 B
./bundle/chunk-DAHVX5MI.js	206 kB	0 B
./bundle/chunk-IUUIT4SU.js	56.5 kB	0 B
./bundle/chunk-RJTRUG2J.js	39.8 kB	0 B
./bundle/chunk-XRLFHCHC.js	1.97 MB	0 B
./bundle/cleanup-PUFSBMNE.js	0 B	-932 B (removed)	🏆
./bundle/devtools-36NN55EP.js	696 kB	0 B
./bundle/dist-T73EYRDX.js	356 B	0 B
./bundle/events-XB7DADIJ.js	418 B	0 B
./bundle/examples/hooks/scripts/on-start.js	188 B	0 B
./bundle/examples/mcp-server/example.js	1.43 kB	0 B
./bundle/gemini.js	5.1 kB	0 B
./bundle/getMachineId-bsd-TXG52NKR.js	1.55 kB	0 B
./bundle/getMachineId-darwin-7OE4DDZ6.js	1.55 kB	0 B
./bundle/getMachineId-linux-SHIFKOOX.js	1.34 kB	0 B
./bundle/getMachineId-unsupported-5U5DOEYY.js	1.06 kB	0 B
./bundle/getMachineId-win-6KLLGOI4.js	1.72 kB	0 B
./bundle/memoryDiscovery-FN3IAPBT.js	980 B	0 B
./bundle/multipart-parser-KPBZEGQU.js	11.7 kB	0 B
./bundle/node_modules/@google/gemini-cli-devtools/dist/client/main.js	222 kB	0 B
./bundle/node_modules/@google/gemini-cli-devtools/dist/src/_client-assets.js	229 kB	0 B
./bundle/node_modules/@google/gemini-cli-devtools/dist/src/index.js	13.4 kB	0 B
./bundle/node_modules/@google/gemini-cli-devtools/dist/src/types.js	132 B	0 B
./bundle/sandbox-macos-permissive-open.sb	890 B	0 B
./bundle/sandbox-macos-permissive-proxied.sb	1.31 kB	0 B
./bundle/sandbox-macos-restrictive-open.sb	3.36 kB	0 B
./bundle/sandbox-macos-restrictive-proxied.sb	3.56 kB	0 B
./bundle/sandbox-macos-strict-open.sb	4.82 kB	0 B
./bundle/sandbox-macos-strict-proxied.sb	5.02 kB	0 B
./bundle/src-QVCVGIUX.js	47 kB	0 B
./bundle/start-G4ZLYOAR.js	0 B	-652 B (removed)	🏆
./bundle/tree-sitter-7U6MW5PS.js	274 kB	0 B
./bundle/tree-sitter-bash-34ZGLXVX.js	1.84 MB	0 B
./bundle/cleanup-IN3FB5HB.js	932 B	+932 B (new file)	🆕
./bundle/start-7ZP55UAE.js	652 B	+652 B (new file)	🆕

_{compressed-size-action}