Description
The AWF proxy sidecar routes all AI traffic through a local proxy, but the proxy has no handler for Gemini API requests. When a workflow uses engine: gemini, GEMINI_API_BASE_URL points to the proxy, but the proxy returns auth errors (API_KEY_INVALID or no route). This affects all community users with Gemini workflows and has caused the internal Smoke Gemini test to fail for 5+ days (20+ failure comments on #25216).
Root cause is documented in #25294: the proxy accepts Copilot and Claude traffic but was never extended to handle (generativelanguage.googleapis.com/redacted) (Gemini) endpoints. A secondary report (#25944) confirms valid Gemini keys are rejected by the proxy sidecar.
Expected Impact
Suggested Agent
Copilot Coding Agent — look at the proxy handler code in gh-aw-firewall, add a Gemini API route matching generativelanguage.googleapis.com that forwards with the correct auth headers. Reference the existing Anthropic/OpenAI handler patterns.
Estimated Effort
Medium (1–4 hours) — requires reading proxy source, adding route handler, updating smoke test trigger
Data Source
DeepReport Intelligence Briefing — 2026-04-13 (run §24350668325). Source discussions: #25294, #25944, #25216.
Generated by DeepReport - Intelligence Gathering Agent · ● 444.6K · ◷
Description
The AWF proxy sidecar routes all AI traffic through a local proxy, but the proxy has no handler for Gemini API requests. When a workflow uses
engine: gemini,GEMINI_API_BASE_URLpoints to the proxy, but the proxy returns auth errors (API_KEY_INVALIDor no route). This affects all community users with Gemini workflows and has caused the internalSmoke Geminitest to fail for 5+ days (20+ failure comments on #25216).Root cause is documented in #25294: the proxy accepts Copilot and Claude traffic but was never extended to handle
(generativelanguage.googleapis.com/redacted)(Gemini) endpoints. A secondary report (#25944) confirms valid Gemini keys are rejected by the proxy sidecar.Expected Impact
Suggested Agent
Copilot Coding Agent — look at the proxy handler code in
gh-aw-firewall, add a Gemini API route matchinggenerativelanguage.googleapis.comthat forwards with the correct auth headers. Reference the existing Anthropic/OpenAI handler patterns.Estimated Effort
Medium (1–4 hours) — requires reading proxy source, adding route handler, updating smoke test trigger
Data Source
DeepReport Intelligence Briefing — 2026-04-13 (run §24350668325). Source discussions: #25294, #25944, #25216.