fix: refactor publish workflow and remove obsolete bots

[utkarsh232005]

This PR fixes the 'Publish to npm and GitHub Release' workflow by reordering steps and fixing file extensions. It also removes the requested automation bots.

Summary by CodeRabbit

Release Notes

• New Features

  • Introduced AI-powered pull request code review automation
  • Added intelligent issue triage with automatic label assignment
  • Enabled AI-driven command dispatching and execution workflows

• Chores

  • Modernized GitHub Actions workflow infrastructure
  • Streamlined version management in the release process

[coderabbitai]

Caution

Review failed

The pull request is closed.

Note

.coderabbit.yaml has unrecognized properties

CodeRabbit is using all valid settings from your configuration. Unrecognized properties (listed below) have been ignored and may indicate typos or deprecated fields that can be removed.

⚠️ Parsing warnings (1)

Validation error: Unrecognized key(s) in object: 'pre_merge_checks'

⚙️ Configuration instructions

• Please see the configuration documentation for more information.
• You can also validate your configuration using the online YAML validator.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro Plus

Run ID: 3747dfe6-b328-4505-8fc7-5d3f2538c4e6

📥 Commits

Reviewing files that changed from the base of the PR and between c425cc3 and 1396d0b.

⛔ Files ignored due to path filters (19)

• .github/commands/gemini-invoke.toml is excluded by none and included by none
• .github/commands/gemini-plan-execute.toml is excluded by none and included by none
• .github/commands/gemini-review.toml is excluded by none and included by none
• .github/commands/gemini-scheduled-triage.toml is excluded by none and included by none
• .github/commands/gemini-triage.toml is excluded by none and included by none
• .github/scripts/bot-on-comment.cjs is excluded by none and included by none
• .github/scripts/bot-on-pr-close.cjs is excluded by none and included by none
• .github/scripts/bot-on-pr-open.cjs is excluded by none and included by none
• .github/scripts/bot-on-pr-review-labels.cjs is excluded by none and included by none
• .github/scripts/bot-on-pr-review.cjs is excluded by none and included by none
• .github/scripts/bot-on-pr-update.cjs is excluded by none and included by none
• .github/scripts/helpers/config-loader.cjs is excluded by none and included by none
• .github/scripts/helpers/constants.cjs is excluded by none and included by none
• .github/scripts/tests/test-config-loader.cjs is excluded by none and included by none
• .github/scripts/tests/test-on-comment-bot.cjs is excluded by none and included by none
• .github/scripts/tests/test-on-pr-close-bot.cjs is excluded by none and included by none
• .github/scripts/tests/test-on-pr-open-bot.cjs is excluded by none and included by none
• .github/scripts/tests/test-on-pr-review-bot.cjs is excluded by none and included by none
• .github/scripts/tests/test-on-pr-update-bot.cjs is excluded by none and included by none

📒 Files selected for processing (13)

• .github/workflows/gemini-dispatch.yml
• .github/workflows/gemini-invoke.yml
• .github/workflows/gemini-plan-execute.yml
• .github/workflows/gemini-review.yml
• .github/workflows/gemini-scheduled-triage.yml
• .github/workflows/gemini-triage.yml
• .github/workflows/on-comment.yaml
• .github/workflows/on-pr-close.yaml
• .github/workflows/on-pr-review-labels.yaml
• .github/workflows/on-pr-review.yaml
• .github/workflows/on-pr-update.yaml
• .github/workflows/on-pr.yaml
• .github/workflows/publish.yml

---

📝 Walkthrough

Walkthrough

This PR replaces six legacy bot-based GitHub Actions workflows with a new Gemini-powered CI/CD system. Five new Gemini workflows (dispatch, invoke, review, plan-execute, triage) and one scheduled triage workflow implement event-driven command routing, PR code review, and automated issue categorization. The publish workflow is refined to use npm ci and explicit git rebase. Legacy bot workflows are removed entirely.

Changes

Gemini Command Dispatch & Routing

Layer / File(s)	Summary
Dispatch workflow metadata and triggers .github/workflows/gemini-dispatch.yml	Workflow triggers on PR review comments/reviews, PR open, issue open/reopen, and issue comments. Sets bash as default shell for all run steps.
Dispatch and fallthrough job orchestration .github/workflows/gemini-dispatch.yml	Debugger job logs event context when step debug is enabled. Dispatch job gates on non-fork PRs/opened issues/@gemini-cli mentions, parses command and context via github-script, optionally mints GitHub App token, and posts acknowledgment comments. Fallthrough job handles pipeline failures or fallthrough commands with error comments.
Command-to-workflow routing wiring .github/workflows/gemini-dispatch.yml	Routes parsed commands (review, triage, invoke, plan-execute) to downstream reusable workflows with conditional execution gated by dispatch.outputs.command, forwarding additional_context and inheriting secrets.

Gemini Action Workflows: Review, Invoke, Plan-Execute

Layer / File(s)	Summary
PR code review workflow .github/workflows/gemini-review.yml	Reusable workflow with 7-minute timeout and scoped permissions. Conditionally mints GitHub App token, checks out repository, and invokes Gemini CLI with GitHub MCP server (Docker-hosted), telemetry configuration, /pr-code-review prompt, and tool allowlists.
Invoke command workflow .github/workflows/gemini-invoke.yml	Reusable workflow accepting optional additional context. Configures concurrency without cancellation, conditionally mints identity token, checks out code, and runs Gemini CLI with GitHub MCP server and embedded settings configured for /gemini-invoke prompt.
Plan-execute workflow .github/workflows/gemini-plan-execute.yml	Reusable workflow with 30-minute timeout and cancellation of in-progress runs. Mints identity tokens, checks out repository, and runs Gemini CLI with GitHub MCP server, telemetry to .gemini/telemetry.log, shell tools, and /gemini-plan-execute prompt.

Gemini Triage System: Reusable & Scheduled

Layer / File(s)	Summary
Reusable triage workflow .github/workflows/gemini-triage.yml	Callable workflow that paginates through all repository labels, invokes Gemini CLI to select labels for the target issue, and applies filtered labels while validating against the known label set to prevent label injection.
Scheduled triage metadata and job configuration .github/workflows/gemini-scheduled-triage.yml	Hourly cron schedule with path-based filtering for main/release branches and manual dispatch. Concurrency uses workflow name as group with in-progress cancellation enabled.
Scheduled triage analysis and label automation .github/workflows/gemini-scheduled-triage.yml	Fetches all repository labels with pagination, finds unlabeled or status/needs-triage issues via GitHub CLI, invokes Gemini CLI for batch analysis, exports results, conditionally mints GitHub App token, and applies validated labels via REST API with error handling.

Release Publishing Workflow Updates

Layer / File(s)	Summary
Publish workflow steps and version handling .github/workflows/publish.yml	Replaces npm install with npm ci for reproducible dependency management, adds explicit git pull --rebase origin main before version bump, consolidates push to single git push --follow-tags command, and changes version extraction to read from package.json instead of package.cjson.

Sequence Diagram(s)

sequenceDiagram
  participant GitHub as GitHub Events
  participant Dispatch as gemini-dispatch
  participant Review as gemini-review
  participant Triage as gemini-triage
  participant Invoke as gemini-invoke
  participant PlanExec as gemini-plan-execute
  participant Gemini as Gemini CLI
  participant GitHub as GitHub API
  
  GitHub->>Dispatch: PR review / issue comment / mention `@gemini-cli`
  Dispatch->>Dispatch: Parse command from event body
  Dispatch->>Dispatch: Gate by actor authorization
  Dispatch->>Dispatch: Mint GitHub App token (optional)
  Dispatch->>GitHub: Post acknowledgment comment
  
  alt command == review
    Dispatch->>Review: workflow_call with additional_context
    Review->>Review: Mint identity token
    Review->>Gemini: Run with /pr-code-review prompt
    Gemini->>GitHub: GitHub MCP: read PR code
    Gemini->>Review: Review results
  else command == triage
    Dispatch->>Triage: workflow_call
    Triage->>GitHub: Fetch all repository labels
    Triage->>Gemini: Run with issue/label context
    Gemini->>Triage: Selected labels
    Triage->>Triage: Validate labels against known set
    Triage->>GitHub: Set issue labels
  else command == invoke
    Dispatch->>Invoke: workflow_call with additional_context
    Invoke->>Gemini: Run with /gemini-invoke prompt
    Gemini->>Invoke: Command results
  else command == plan-execute
    Dispatch->>PlanExec: workflow_call
    PlanExec->>Gemini: Run with /gemini-plan-execute prompt
    Gemini->>GitHub: GitHub MCP: push changes (optional)
  else command == fallthrough
    Dispatch->>Dispatch: Post failure comment
  end

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

• KDM-cli/kdm-cli#21: Both PRs modify .github/workflows/publish.yml with different tweaks to the publish workflow release procedure.
• KDM-cli/kdm-cli#33: This PR's removal of legacy bot workflows (on-comment, on-pr, on-pr-update, on-pr-close, on-pr-review, on-pr-review-labels) directly supersedes migrations added in PR #33.

Suggested labels

ci/cd

---

🧙 From bot scripts to Gemini dreams,
Command dispatch routes the workflow streams.
Labels auto-sort, reviews compile—
The new CI/CD system's got style! ✨

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[Copilot]

Copilot encountered an error and was unable to review this pull request. You can try again by re-requesting a review.