fix(ci): pass GOOGLE_API_KEY and BLOB_READ_WRITE_TOKEN to analyze

[znat]

Summary

• Feature-image generation was silently disabled in every deploy. CI logs show images: skipped (GEMINI_API_KEY or GOOGLE_API_KEY missing) emitted once at analyzer startup, then per-PR processing proceeds without ever entering the image branch (no per-PR log line, no errors).
• Root cause: .gitpulse.json declares images.ai (Gemini) and images.storage (Vercel Blob), and both secrets exist on the repo, but none of the three workflows that run gitpulse analyze (self-deploy.yml, deploy-vercel.yml, deploy-vercel-staging.yml) pass them through to the step env.
• Fix wires GOOGLE_API_KEY and BLOB_READ_WRITE_TOKEN into all three analyze steps. Both are needed together — adding only the AI key would then trip VercelBlobStorage (cli/src/image/storage/vercel-blob.ts), which requires BLOB_READ_WRITE_TOKEN.

Test plan

• After merge, watch the first Self-deploy and Deploy to Vercel runs to confirm the startup log line flips from images: skipped (...) to images: enabled (gemini gemini-3.1-flash-image-preview).
• Confirm a feature-categorized PR processed in that run gets an image:stored tag and that imageUrl is populated in the story JSON.
• Visit the deployed site and spot-check a feature story for a rendered illustration.

🤖 Generated with Claude Code

[coderabbitai]

Warning

Rate limit exceeded

@znat has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 48 minutes and 54 seconds before requesting another review.

You’ve run out of usage credits. Purchase more in the billing tab.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro Plus

Run ID: 478daef0-8e54-46f1-b213-106169eb3090

📥 Commits

Reviewing files that changed from the base of the PR and between 2fec32b and 0968fb1.

📒 Files selected for processing (3)

• .github/workflows/deploy-vercel-staging.yml
• .github/workflows/deploy-vercel.yml
• .github/workflows/self-deploy.yml

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch fix/ci-image-generation-env

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[greptile-apps]

Greptile Summary

Wires GOOGLE_API_KEY and BLOB_READ_WRITE_TOKEN into the gitpulse analyze step env of the three main-branch deploy workflows so that Gemini image generation and Vercel Blob storage are actually activated at runtime.

• deploy-vercel.yml, deploy-vercel-staging.yml, and self-deploy.yml each receive the same two-line env addition; no logic changes, no new secrets — both already exist on the repo.
• deploy-vercel-preview.yml runs the same gitpulse analyze step but was not updated, so PR preview deployments will continue to skip image generation after this fix lands.

Confidence Score: 4/5

Safe to merge — the three changed workflow files are correct and consistent.

The three changed files all apply the same minimal, mechanical env addition to fix a genuine silent-skip. The only gap is that deploy-vercel-preview.yml — a fourth workflow that also runs gitpulse analyze — was not updated, so PR preview deployments will still skip image generation after this lands.

.github/workflows/deploy-vercel-preview.yml — runs gitpulse analyze but was not updated with the same env additions.

Important Files Changed

Filename	Overview
.github/workflows/deploy-vercel-staging.yml	Adds GOOGLE_API_KEY and BLOB_READ_WRITE_TOKEN to the analyze step env; straightforward, no issues in this file.
.github/workflows/deploy-vercel.yml	Adds the same two secrets to the analyze step env; consistent with the other production workflow changes.
.github/workflows/self-deploy.yml	Adds the same two secrets to the analyze step env; consistent with the other workflow changes.

Sequence Diagram

sequenceDiagram
    participant CI as GitHub Actions
    participant Analyzer as gitpulse analyze
    participant Gemini as Gemini API
    participant Blob as Vercel Blob

    CI->>Analyzer: run analyze (GOOGLE_API_KEY + BLOB_READ_WRITE_TOKEN now set)
    Analyzer->>Analyzer: check cfg.imageAi → enabled
    Analyzer->>Gemini: generate feature image
    Gemini-->>Analyzer: image bytes
    Analyzer->>Blob: store image (BLOB_READ_WRITE_TOKEN)
    Blob-->>Analyzer: imageUrl
    Analyzer->>Analyzer: write imageUrl to story JSON
    Note over CI,Blob: Before this PR: GOOGLE_API_KEY missing → images skipped, Gemini never called

Loading

_{Reviews (1): Last reviewed commit: "fix(ci): pass GOOGLE_API_KEY and BLOB_RE..." | Re-trigger Greptile}

[github-actions]

Vercel preview — built from 0968fb1b5b4956980f3011e95275618d12e3de41

https://gitpulse-demo-47yxftv7u-znats-projects.vercel.app