You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: README.md
+15-5Lines changed: 15 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -39,13 +39,23 @@ By default, the `/security:analyze` command determines the scope of the analysis
39
39
40
40
## GitHub Integration
41
41
42
-
Integrate the Gemini CLI Security Extension into your GitHub worklfow for analyzing incoming code can be done with the following:
42
+
### I already use [run-gemini-cli](https://github.com/google-github-actions/run-gemini-cli) workflows in my repository:
43
43
44
-
* Base your workflow off of the [google-github-actions/run-gemini-cli GitHub Action](https://github.com/google-github-actions/run-gemini-cli)
45
-
* Ensure that the [gemini-cli-extensions/security](https://github.com/gemini-cli-extensions/security) extension is passed to the action for installation.
46
-
* Pass `/security:analyze-github-pr` as the prompt to invoke the Security Extension!
44
+
* Replace your existing `gemini-review.yml` with this [updated workflow](https://github.com/gemini-cli-extensions/security/blob/main/.github/workflows/gemini-review.yml), which includes the new Security Analysis step.
47
45
48
-
See this [Example Workflow](https://github.com/gemini-cli-extensions/security/blob/main/.github/workflows/github-review.yml)
46
+
### I don't use [run-gemini-cli](https://github.com/google-github-actions/run-gemini-cli) workflows in my repository yet:
47
+
48
+
1. Integrate the Gemini CLI Security Extension into your GitHub workflow to analyze incoming code:
49
+
50
+
2. Follow Steps 1-3 in this [Quick Start](https://github.com/google-github-actions/run-gemini-cli?tab=readme-ov-file#quick-start).
51
+
52
+
3. Create a `.github/workflows` directory in your repository's root (if it doesn't already exist).
53
+
54
+
4. Copy this [Example Workflow](https://github.com/gemini-cli-extensions/security/blob/main/.github/workflows/gemini-review.yml) into the `.github/workflows` directory. See the run-gemini-cli [configuration](https://github.com/google-github-actions/run-gemini-cli?tab=readme-ov-file#configuration) to make changes to the workflow.
55
+
56
+
5. Ensure the new workflow file is committed and pushed to GitHub.
57
+
58
+
6. Open a new pull request, or comment `@gemini-cli /review` on an existing PR, to run the Gemini CLI Code Review along with Security Analysis.
0 commit comments