Gemini CLI (3/3)

June 30, 2025 - 4 minutes read - 736 words

Update 2025-07-08

Gemini CLI supports HTTP-based MCP server integration

So, it’s possible to replace the .gemini/settings.json included in the original post with:

{
  "theme": "Default",
  "mcpServers": {
    "ackal-mcp-server": {
      "httpUrl": "http://localhost:7777/mcp",
      "timeout": 5000
    },
    "prometheus-mcp-server": {
      "httpUrl": "https://prometheus.{tailnet}/mcp",
      "timeout": 5000
    }
  },
  "selectedAuthType": "gemini-api-key"
}

This solution permits the addition of headers too for e.g. including Authorization

Original

Okay, so not “Gemini Code Assist” but sufficiently similar that I think it warrants the “3/3” appellation.

I’m not a huge fan of all the se Node.JS-based CLI tools but, Google has released Gemini CLI. It’s good to have a CLI-based tool and it feels otherwise similar to the “Gemini Code Assist” chat.

I don’t (want to) run Node.JS on my Linux host and so am using the containerized version of the CLI here. It’s all documented on the gemini-cli repo but the auth functionality is sub-optimal (see [#1437] ) and you’ll want to use an API key if you can (see below):

BILLING="..."
PROJECT="..."

SERVICE="generativelanguage.googleapis.com"

NAME="Gemini CLI"

# If you know it
IP="..."

gcloud projects create ${PROJECT}

gcloud billing projects link ${PROJECT} \
--billing-account=${BILLING}

gcloud services enable ${SERVICE} \
--project=${PROJECT}

# Omit `--allowed-ips=${IP}` if you don't know it
gcloud services api-keys create \
--display-name="${NAME}" \
--allowed-ips=${IP} \
--api-target=service=${SERVICE} \
--project=${PROJECT}

# Fully-qualified API key name
ID=$(\
  gcloud services api-keys list \
  --filter="displayName=\"${NAME}\"" \
  --project=${PROJECT} \
  --format="value(name)")

# API key value
KEY=$(\
  gcloud services api-keys get-key-string "${ID}" \
  --project=${PROJECT} \
  --format="value(keyString)")

NOTE It’s good that Google (gcloud) finally supports API key management but, it’s not a very friendly API

Gemini tools use ${HOME}/.gemini/settings.json but, if you used Copilot you may have .vscode/mcp.json (or similar):

{
    "servers": {
        "ackal-mcp-server": {
            "url": "http://localhost:7777/mcp"
        },
        "prometheus-mcp-server": {
            "url": "https://prometheus.{tailent}/mcp"
        }
    }
}

You can transform .vscode/mcp.json into .gemini/settings.json using Jsonnet:

gemini.jsonnet:

local mcp = std.parseJson(std.extVar("mcp"));

local gemini(name, server) = {
  command: "npx",
  args: [
    "mcp-remote",
    server.url,
  ] +
  // If "http://" add "--insecure"
  (if std.startsWith(server.url, "http://") then ["--insecure"] else []),
};

// Output
{
  theme: "Default",
  mcpServers: {
    [name]: gemini(name, mcp.servers[name])
    for name in std.objectFields(mcp.servers)
  },
  selectedAuthType: "gemini-api-key"
}

And then:

jsonnet \
--ext-str mcp="(cat /path/to/mcp.json)" \
gemini.jsonnet > ${PWD}/.gemini/settings.json

NOTE Ensure the mcp.json contains no comments (//) and that the output folder ${PWD}/.gemini exists.

Yielding .gemini/settings.json:

{
  "theme": "Default",
  "mcpServers": {
    "ackal-mcp-server": {
      "command": "npx",
      "args": [
        "mcp-remote",
        "http://localhost:7777/mcp",
        "--insecure"
      ]
    },
    "prometheus-mcp-server": {
      "command": "npx",
      "args": [
        "mcp-remote",
        "https://prometheus.{tailnet}/mcp"
      ]
    }
  },
  "selectedAuthType": "gemini-api-key"
}

NOTE Because the Gemini CLI container is FROM: Node, we may as well use npx mcp-remote to access the MCP servers.

Then you can run Gemini CLI, specifying the ${PWD}/.gemini/settings.json (mounted in the container’s user’s home folder) and the API key (${KEY})

VERS="0.1.7"
IMG="us-docker.pkg.dev/gemini-code-dev/gemini-cli/sandbox:${VERS}"

podman run \
--rm --interactive --tty \
--name=gemini-cli \
--net=host \
--env=GEMINI_API_KEY=${KEY} \
--userns=keep-id \
--volume=${PWD}/.gemini:/home/node/.gemini \
${IMG}

And:


 ███            █████████  ██████████ ██████   ██████ █████ ██████   █████ █████
░░░███         ███░░░░░███░░███░░░░░█░░██████ ██████ ░░███ ░░██████ ░░███ ░░███
  ░░░███      ███     ░░░  ░███  █ ░  ░███░█████░███  ░███  ░███░███ ░███  ░███
    ░░░███   ░███          ░██████    ░███░░███ ░███  ░███  ░███░░███░███  ░███
     ███░    ░███    █████ ░███░░█    ░███ ░░░  ░███  ░███  ░███ ░░██████  ░███
   ███░      ░░███  ░░███  ░███ ░   █ ░███      ░███  ░███  ░███  ░░█████  ░███
 ███░         ░░█████████  ██████████ █████     █████ █████ █████  ░░█████ █████
░░░            ░░░░░░░░░  ░░░░░░░░░░ ░░░░░     ░░░░░ ░░░░░ ░░░░░    ░░░░░ ░░░░░


Tips for getting started:
1. Ask questions, edit files, or run commands.
2. Be specific for the best results.
3. Create GEMINI.md files to customize your interactions with Gemini.
4. /help for more information.


> /mcp


ℹ Configured MCP servers:

  🟢 ackal-mcp-server - Ready (15 tools)
    - v1alpha1_Ackal_CheckApply
    - v1alpha1_Ackal_CheckCreate
    - v1alpha1_Ackal_CheckDelete
    - v1alpha1_Ackal_CheckGet
    - v1alpha1_Ackal_CheckList
    - v1alpha1_Ackal_CheckUpdate
    - v1alpha1_Ackal_CustomerGet
    - v1alpha1_Ackal_CustomerUpdate
    - v1alpha1_Ackal_DomainCreate
    - v1alpha1_Ackal_DomainDelete
    - v1alpha1_Ackal_DomainGet
    - v1alpha1_Ackal_DomainList
    - v1alpha1_Ackal_DomainUpdate
    - v1alpha1_Ackal_DomainVerify
    - v1alpha1_Ackal_LocationList

  🟢 prometheus-mcp-server - Ready (11 tools)
    - alertmanagers
    - alerts
    - exemplars
    - metrics
    - ping
    - query
    - query_range
    - rules
    - series
    - status_tsdb
    - targets



Using 2 MCP servers (ctrl+t to view)
╭─────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────╮
│ >   Type your message or @path/to/file                                                                                                                                                                                                                                                                                                          │
╰─────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────╯

/                                                                                                                                                    sandbox                                                                                                                                                     gemini-2.5-pro (100% context left)

When you’re done, you may want to delete the API key:

gcloud services api-keys delete ${ID}

NOTE The fully-qualified API key name includes a reference to the project and so, somewhat unconventionally, this command does not require --project=${PROJECT} nor does it want --quiet

And, if the only resource in the Project is the API key, you can delete the Project too:

gcloud projects delete ${PROJECT} --quiet

That’s all!