Gemini CLI (3/3)
- 4 minutes read - 678 wordsOkay, so not “Gemini Code Assist” but sufficiently similar that I think it warrants the “3/3” appellation.
I’m not a huge fan of all the se Node.JS-based CLI tools but, Google has released Gemini CLI. It’s good to have a CLI-based tool and it feels otherwise similar to the “Gemini Code Assist” chat.
I don’t (want to) run Node.JS on my Linux host and so am using the containerized version of the CLI here. It’s all documented on the gemini-cli repo but the auth functionality is sub-optimal (see [#1437] ) and you’ll want to use an API key if you can (see below):
BILLING="..."
PROJECT="..."
SERVICE="generativelanguage.googleapis.com"
NAME="Gemini CLI"
# If you know it
IP="..."
gcloud projects create ${PROJECT}
gcloud billing projects link ${PROJECT} \
--billing-account=${BILLING}
gcloud services enable ${SERVICE} \
--project=${PROJECT}
# Omit `--allowed-ips=${IP}` if you don't know it
gcloud services api-keys create \
--display-name="${NAME}" \
--allowed-ips=${IP} \
--api-target=service=${SERVICE} \
--project=${PROJECT}
# Fully-qualified API key name
ID=$(\
gcloud services api-keys list \
--filter="displayName=\"${NAME}\"" \
--project=${PROJECT} \
--format="value(name)")
# API key value
KEY=$(\
gcloud services api-keys get-key-string "${ID}" \
--project=${PROJECT} \
--format="value(keyString)")
NOTE It’s good that Google (
gcloud) finally supports API key management but, it’s not a very friendly API
Gemini tools use ${HOME}/.gemini/settings.json but, if you used Copilot you may have .vscode/mcp.json (or similar):
{
"servers": {
"ackal-mcp-server": {
"url": "http://localhost:7777/mcp"
},
"prometheus-mcp-server": {
"url": "https://prometheus.{tailent}/mcp"
}
}
}
You can transform .vscode/mcp.json into .gemini/settings.json using Jsonnet:
gemini.jsonnet:
local mcp = std.parseJson(std.extVar("mcp"));
local gemini(name, server) = {
command: "npx",
args: [
"mcp-remote",
server.url,
] +
// If "http://" add "--insecure"
(if std.startsWith(server.url, "http://") then ["--insecure"] else []),
};
// Output
{
theme: "Default",
mcpServers: {
[name]: gemini(name, mcp.servers[name])
for name in std.objectFields(mcp.servers)
},
selectedAuthType: "gemini-api-key"
}
And then:
jsonnet \
--ext-str mcp="(cat /path/to/mcp.json)" \
gemini.jsonnet > ${PWD}/.gemini/settings.json
NOTE Ensure the
mcp.jsoncontains no comments (//) and that the output folder${PWD}/.geminiexists.
Yielding .gemini/settings.json:
{
"theme": "Default",
"mcpServers": {
"ackal-mcp-server": {
"command": "npx",
"args": [
"mcp-remote",
"http://localhost:7777/mcp",
"--insecure"
]
},
"prometheus-mcp-server": {
"command": "npx",
"args": [
"mcp-remote",
"https://prometheus.{tailnet}/mcp"
]
}
},
"selectedAuthType": "gemini-api-key"
}
NOTE Because the Gemini CLI container is
FROM: Node, we may as well usenpx mcp-remoteto access the MCP servers.
Then you can run Gemini CLI, specifying the ${PWD}/.gemini/settings.json (mounted in the container’s user’s home folder) and the API key (${KEY})
VERS="0.1.7"
IMG="us-docker.pkg.dev/gemini-code-dev/gemini-cli/sandbox:${VERS}"
podman run \
--rm --interactive --tty \
--name=gemini-cli \
--net=host \
--env=GEMINI_API_KEY=${KEY} \
--userns=keep-id \
--volume=${PWD}/.gemini:/home/node/.gemini \
${IMG}
And:
███ █████████ ██████████ ██████ ██████ █████ ██████ █████ █████
░░░███ ███░░░░░███░░███░░░░░█░░██████ ██████ ░░███ ░░██████ ░░███ ░░███
░░░███ ███ ░░░ ░███ █ ░ ░███░█████░███ ░███ ░███░███ ░███ ░███
░░░███ ░███ ░██████ ░███░░███ ░███ ░███ ░███░░███░███ ░███
███░ ░███ █████ ░███░░█ ░███ ░░░ ░███ ░███ ░███ ░░██████ ░███
███░ ░░███ ░░███ ░███ ░ █ ░███ ░███ ░███ ░███ ░░█████ ░███
███░ ░░█████████ ██████████ █████ █████ █████ █████ ░░█████ █████
░░░ ░░░░░░░░░ ░░░░░░░░░░ ░░░░░ ░░░░░ ░░░░░ ░░░░░ ░░░░░ ░░░░░
Tips for getting started:
1. Ask questions, edit files, or run commands.
2. Be specific for the best results.
3. Create GEMINI.md files to customize your interactions with Gemini.
4. /help for more information.
> /mcp
ℹ Configured MCP servers:
🟢 ackal-mcp-server - Ready (15 tools)
- v1alpha1_Ackal_CheckApply
- v1alpha1_Ackal_CheckCreate
- v1alpha1_Ackal_CheckDelete
- v1alpha1_Ackal_CheckGet
- v1alpha1_Ackal_CheckList
- v1alpha1_Ackal_CheckUpdate
- v1alpha1_Ackal_CustomerGet
- v1alpha1_Ackal_CustomerUpdate
- v1alpha1_Ackal_DomainCreate
- v1alpha1_Ackal_DomainDelete
- v1alpha1_Ackal_DomainGet
- v1alpha1_Ackal_DomainList
- v1alpha1_Ackal_DomainUpdate
- v1alpha1_Ackal_DomainVerify
- v1alpha1_Ackal_LocationList
🟢 prometheus-mcp-server - Ready (11 tools)
- alertmanagers
- alerts
- exemplars
- metrics
- ping
- query
- query_range
- rules
- series
- status_tsdb
- targets
Using 2 MCP servers (ctrl+t to view)
╭─────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────╮
│ > Type your message or @path/to/file │
╰─────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────╯
/ sandbox gemini-2.5-pro (100% context left)
When you’re done, you may want to delete the API key:
gcloud services api-keys delete ${ID}
NOTE The fully-qualified API key name includes a reference to the project and so, somewhat unconventionally, this command does not require
--project=${PROJECT}nor does it want--quiet
And, if the only resource in the Project is the API key, you can delete the Project too:
gcloud projects delete ${PROJECT} --quiet
That’s all!