Google Gemini CLI Integration

Complete guide for using Bob the Fixer with Google Gemini CLI.

Overview

Google Gemini CLI supports MCP servers, allowing Bob the Fixer to provide code quality analysis capabilities. The installer automatically configures Gemini CLI when detected.

Prerequisites

Node.js 18+ and npm
Google account with Gemini access
Bob the Fixer installed
SonarQube running

Installation

Option 1: Automatic (Recommended)

If Gemini CLI is detected during Bob the Fixer installation, it's configured automatically:

cd /path/to/bob-the-fixer
./install.sh

The installer will:

Detect Gemini CLI
Register the MCP server
Configure environment variables
Verify the connection

Option 2: Install Gemini CLI

If not already installed:

npm install -g @google/gemini-cli

Then authenticate:

gemini auth login

Option 3: Manual Registration

If automatic setup didn't work:

# Get the MCP server path
MCP_SERVER_PATH="/path/to/bob-the-fixer/packages/core/dist/universal-mcp-server.js"

# Remove any existing registration
gemini mcp remove bob-the-fixer 2>/dev/null || true

# Register Bob the Fixer
gemini mcp add bob-the-fixer node "$MCP_SERVER_PATH" \
  --scope user \
  --env SONAR_URL=http://localhost:9000 \
  --env SONAR_TOKEN="your-token-here" \
  --env NODE_ENV=production \
  --env LOG_LEVEL=info

Configuration

Environment Variables

Variable	Required	Default	Description
`SONAR_URL`	Yes	`http://localhost:9000`	SonarQube server URL
`SONAR_TOKEN`	Yes	-	Authentication token
`NODE_ENV`	No	`production`	Node environment
`LOG_LEVEL`	No	`info`	Logging verbosity

Verify Installation

gemini mcp list

You should see bob-the-fixer in the list of registered MCP servers.

Usage

Starting Gemini

cd /your/project
gemini

First Scan

Set up this project for SonarQube analysis and run a scan

Gemini will:

Detect project type and languages
Configure SonarQube settings
Run the analysis
Display found issues

Analyzing Code Quality

What are the main code quality issues in this project?

Show me security vulnerabilities that need immediate attention

What's our test coverage situation?

Fixing Issues

Fix the SQL injection vulnerability in the API handler

Help me fix all the unused import warnings

Show me how to fix this code smell and apply the fix

Quality Reports

Did we pass the quality gate?

Generate a technical debt report

What should we prioritize fixing first?

Available Tools

All 20 Bob the Fixer MCP tools are available in Gemini:

Category	Tools
Scanning	`sonar_scan_project`, `sonar_auto_setup`
Analysis	`sonar_get_issue_details`, `sonar_analyze_patterns`, `sonar_get_security_hotspots`, `sonar_get_security_hotspot_details`
Metrics	`sonar_get_project_metrics`, `sonar_get_quality_gate`, `sonar_get_technical_debt`, `sonar_get_coverage_gaps`
Duplication	`sonar_get_duplication_summary`, `sonar_get_duplication_details`
Reporting	`sonar_generate_report`
Management	`sonar_project_discovery`, `sonar_config_manager`, `sonar_link_existing_project`, `sonar_generate_config`, `sonar_cleanup`, `sonar_diagnose_permissions`, `sonar_delete_project`

Example Session

A typical code review session with Gemini:

User: Scan this TypeScript project for issues

Gemini: I'll set up SonarQube and run an analysis...
[Uses sonar_auto_setup and sonar_scan_project]
Found 23 issues: 2 bugs, 1 vulnerability, 20 code smells.

User: Tell me about the vulnerability

Gemini: [Uses sonar_get_issue_details]
There's a potential XSS vulnerability in src/components/UserInput.tsx...

User: Fix it

Gemini: [Reads file, applies fix]
I've sanitized the user input using DOMPurify...

User: Re-scan to verify

Gemini: [Uses sonar_scan_project]
Vulnerability resolved. Now showing 22 issues: 2 bugs, 0 vulnerabilities, 20 code smells.

Best Practices

Be Specific About Files

Fix the performance issue in src/services/DataProcessor.ts

Use Pattern-Based Fixes

Find and fix all instances of console.log in production code

Verify Changes

After fixing, re-scan to make sure the issues are resolved

Request Explanations

Explain why this code is flagged as a security issue before fixing

Troubleshooting

"MCP server not found"

# Check registration
gemini mcp list

# Re-register if missing
gemini mcp add bob-the-fixer node "/path/to/universal-mcp-server.js" \
  --scope user \
  --env SONAR_URL=http://localhost:9000 \
  --env SONAR_TOKEN="your-token"

"Authentication failed"

# Re-authenticate with Google
gemini auth login

# Verify status
gemini auth status

"SonarQube connection failed"

Verify SonarQube is running:
```
docker ps | grep sonar
```

Test the connection:

curl http://localhost:9000/api/system/status

Check token validity in Gemini:

Run diagnostics on my SonarQube connection

"Tools not responding"

# Check Gemini MCP logs
cat ~/.gemini/logs/mcp.log

# Restart with verbose output
gemini --verbose

Updating

When you update Bob the Fixer:

cd /path/to/bob-the-fixer
./update.sh

The update script will re-register the MCP server if needed.

Removing

To remove Bob the Fixer from Gemini:

gemini mcp remove bob-the-fixer

Next Steps

Quick Start Guide - First scan tutorial
MCP Tools Reference - All available tools
Troubleshooting - Common issues

Overview​

Prerequisites​

Installation​

Option 1: Automatic (Recommended)​

Option 2: Install Gemini CLI​

Option 3: Manual Registration​

Configuration​

Environment Variables​

Verify Installation​

Usage​

Starting Gemini​

First Scan​

Analyzing Code Quality​

Fixing Issues​

Quality Reports​

Available Tools​

Example Session​

Best Practices​

Be Specific About Files​

Use Pattern-Based Fixes​

Verify Changes​

Request Explanations​

Troubleshooting​

"MCP server not found"​

"Authentication failed"​

"SonarQube connection failed"​

"Tools not responding"​

Updating​

Removing​

Next Steps​