fix: custom API endpoints for Codex/Claude/Gemini engines

[Copilot]

Summary

Fixes the "Custom API Endpoints doesn't work" issue where using OPENAI_BASE_URL in engine.env (e.g. to use openrouter.ai) caused Codex to silently fall back to the default gpt-5.3-codex model instead of the user's configured model.

Root cause

Codex's built-in openai provider validates model names against a known list. When a custom model name like openrouter/free is not recognised, it falls back to the default model rather than forwarding the name to the API. Additionally, the engines (Codex, Claude) did not explicitly declare their API base-URL env var, unlike Gemini which already declared GEMINI_API_BASE_URL.

Changes

codex_engine.go — Declare OPENAI_BASE_URL = http://host.docker.internal:<CodexPort>/v1 when the AWF firewall is enabled. A user-provided OPENAI_BASE_URL in engine.env still overrides this via maps.Copy; the AWF --openai-api-target flag (already set by extractAPITargetHost) routes those proxy calls to the custom endpoint.

claude_engine.go — Same pattern: declare ANTHROPIC_BASE_URL = http://host.docker.internal:<ClaudePort> when firewall is enabled.

awf_helpers.go — Add GEMINI_API_BASE_URL → --gemini-api-target extraction alongside the existing OPENAI_BASE_URL and ANTHROPIC_BASE_URL handlers, completing coverage for all three variable-endpoint engines.

codex_mcp.go — When OPENAI_BASE_URL is detected in engine.env, inject a model_provider = "openai-compat" block at the top of the generated config.toml (required by TOML: bare keys must precede section headers). The custom provider points its base_url at the local AWF LLM proxy (host.docker.internal:<CodexPort>/v1); AWF's --openai-api-target routes those requests onward to the user's endpoint. Because the provider is user-defined rather than built-in, it passes model names through as-is — enabling e.g. model: "openrouter/free".

How the user's example now works

engine:
  id: codex
  model: "openrouter/free"
  env:
    OPENAI_BASE_URL: "https://openrouter.ai/api/v1"
    OPENAI_API_KEY: ${{ secrets.OPENROUTER_API_KEY }}

1. Compiler detects OPENAI_BASE_URL → emits --openai-api-target openrouter.ai to AWF
2. config.toml gains model_provider = "openai-compat" with base_url = "http://host.docker.internal:10001/v1"
3. Codex calls the local AWF LLM proxy with model = "openrouter/free" (no validation, no fallback)
4. AWF routes the request to openrouter.ai, which accepts the model name

Security Summary

No new security vulnerabilities introduced. CodeQL scan: 0 alerts.

---

---

✨ PR Review Safe Output Test - Run 23102624714

💥 [THE END] — Illustrated by Smoke Claude · ◷

---

---

✨ PR Review Safe Output Test - Run 23110576257

💥 [THE END] — Illustrated by Smoke Claude · ◷

[pelikhan]

@lpcox ler's chat about making something like this work

[github-actions]

💥 Automated smoke test review - all systems nominal!

💥 [THE END] — Illustrated by Smoke Claude

[github-actions]

Consider documenting why host.docker.internal is used here — this is a Docker-specific hostname for accessing the host from inside a container. Worth a comment for clarity.

[github-actions]

The ANTHROPIC_BASE_URL override looks correct for custom API endpoint support. Ensure the endpoint value is validated/sanitized at runtime to prevent SSRF if user-configurable.

[github-actions]

💥 Automated smoke test review - all systems nominal!

💥 [THE END] — Illustrated by Smoke Claude

[github-actions]

Smoke test review comment #1: OPENAI_BASE_URL correctly points to the local AWF LLM proxy. This ensures custom API endpoints route through the firewall-aware proxy rather than directly to external services. ✅

[github-actions]

Smoke test review comment #2: ANTHROPIC_BASE_URL added consistently across Claude engine steps. Good — this mirrors the Codex OPENAI_BASE_URL pattern and ensures all engines declare their proxy base URL. ✅

[lpcox]

AWF Compatibility Analysis

Checked the AWF firewall codebase (gh-aw-firewall) to see which of these custom endpoint changes are supported by existing AWF configuration flags.

✅ Fully Supported

• OPENAI_BASE_URL → --openai-api-target — AWF has this CLI flag, the api-proxy sidecar reads OPENAI_API_TARGET, and custom targets are auto-added to the Squid domain allowlist. The Codex engine setting OPENAI_BASE_URL to the local proxy works end-to-end.

• ANTHROPIC_BASE_URL → --anthropic-api-target — Same pattern, fully wired up in AWF (CLI flag → WrapperConfig → docker-compose env → containers/api-proxy/server.js).

• model_provider = "openai-compat" (codex_mcp.go) — Purely a Codex config.toml concern that bypasses model name validation. No AWF changes needed; the proxy forwards whatever model name comes through.

❌ Gap: --gemini-api-target

The PR adds GEMINI_API_BASE_URL → --gemini-api-target extraction in awf_helpers.go, but AWF does not have a --gemini-api-target flag:

• No --gemini-api-target CLI option in src/cli.ts
• No geminiApiTarget property in WrapperConfig (src/types.ts)
• No GEMINI_API_TARGET handling in containers/api-proxy/server.js
• No dedicated Gemini proxy port in the api-proxy sidecar

AWF currently has three api-target flags: --openai-api-target, --anthropic-api-target, and --copilot-api-target. Gemini is not yet covered.

What happens at runtime

When gh-aw emits --gemini-api-target, AWF will reject it as an unknown option and the run will fail. Two options:

1. Add --gemini-api-target to AWF — new CLI flag, WrapperConfig property, api-proxy port, and Squid allowlist auto-add (mirrors the OpenAI/Anthropic pattern)
2. Skip emitting the flag in gh-aw — since Gemini doesn't route through the api-proxy today, just ensure the custom Gemini host lands in --allow-domains and let traffic go through Squid directly

Option 1 is the cleaner long-term approach. Happy to add --gemini-api-target support on the AWF side if that's the direction.

[github-actions]

Hey @Copilot 👋 — great work on this fix! Resolving the silent model-name fallback for custom API endpoints (e.g. openrouter/free) is a meaningful improvement for users who want to route Codex through non-OpenAI providers, and the three-engine coverage (Codex, Claude, Gemini) makes it feel complete.

The PR is well-structured and looks ready for maintainer review once the draft flag is removed. Here's the checklist summary:

Check	Result
On-topic	✅ yes
Follows process	✅ yes — authored by Copilot coding agent as expected
Focused	✅ yes — lock-file regeneration is a natural make recompile side-effect
New dependencies	✅ no
Tests included	✅ yes — awf_helpers_test.go (+82) and codex_engine_test.go (+155)
Description	✅ yes — detailed root-cause analysis, per-file change notes, and end-to-end flow walkthrough
Lines changed	394

Verdict: 🟢 Aligned — quality: lgtm

The only minor flag is that the PR is still in draft state. Once you're satisfied with CI results, marking it ready for review would be the next step. Everything else looks solid!

Generated by Contribution Check · ◷