Add multi-account rotation to avoid rate limiting

[Copilot]

Gemini CLI frequently hits rate limits during heavy usage. This implements automatic rotation across multiple Google accounts with intelligent health tracking and distributed state management.

Core Implementation

AuthManager (src/auth.ts)

• Parses GCP_SERVICE_ACCOUNT as either single object (existing) or array of credentials
• Round-robin account selection with KV-persisted rotation state
• Health tracking per account: marks rate-limited accounts (429/503) for 60s cooldown
• Automatic failover in callEndpoint(): tries up to 3 accounts before failing
• Per-account token caching: oauth_token_cache_account_{index} keys

State Management (Cloudflare KV)

• account_rotation_state: current index, last rotation timestamp
• account_health_{index}: rate limit status, timestamps
• TTL-based auto-expiry for cooldowns

Configuration

# Single account (backward compatible)
GCP_SERVICE_ACCOUNT={"access_token":"...","refresh_token":"..."}

# Multi-account with rotation
GCP_SERVICE_ACCOUNT=[{...},{...}]
ENABLE_MULTI_ACCOUNT=true

Constants (src/constants.ts)

MULTI_ACCOUNT_CONFIG = {
  RATE_LIMIT_COOLDOWN_MS: 60000,
  MAX_ACCOUNT_RETRY_ATTEMPTS: 3
}

Request Flow

Request → Select account (round-robin) → Execute
  ↓ 429/503
Mark rate-limited → Find next available → Retry (max 3x)
  ↓ Success
Mark healthy → Persist rotation state

Notes

• Single-account mode unchanged: zero breaking changes
• Streaming requests still use existing auto-model-switching (Pro→Flash) for rate limits
• Account validation ensures required OAuth2 fields present
• KV state enables consistent behavior across edge locations

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

• sparrow.cloudflare.com
  • Triggering command: /usr/local/bin/node --no-warnings --experimental-vm-modules /home/REDACTED/work/gemini-cli-openai/gemini-cli-openai/node_modules/wrangler/wrangler-dist/cli.js deploy --dry-run --outdir=dist (dns block)

If you need me to access, download, or install something from one of these locations, you can either:

• Configure Actions setup steps to set up my environment, which run before the firewall is enabled
• Add the appropriate URLs or hosts to the custom allowlist in this repository's Copilot coding agent settings (admins only)

Original prompt

---

This section details on the original issue you should resolve

<issue_title>🚀 Feature Request: Multi-account support to avoid rate limiting</issue_title>
<issue_description>Hey 👋,
I’ve noticed that the Gemini CLI often hits the rate limit when used frequently. To improve performance and usability, it’d be awesome if the CLI could support multiple accounts (like rotating API keys or session tokens) to automatically bypass or balance the rate limits.

Thanks! 🙌</issue_description>

<agent_instructions>Do deep research before beginning. Think of a smart way to set multiple account keys and rotate between them. In a server less Cloudflare environment.</agent_instructions>

Comments on the Issue (you are @copilot in this section)

• Fixes 🚀 Feature Request: Multi-account support to avoid rate limiting #145

---

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.