Add --gemini-api-target to AWF proxy for Gemini API routing

docs/src/content/docs/reference/engines.md

@@ -156,7 +156,7 @@ The specified hostname must also be listed in `network.allowed` for the firewall
 
 #### Custom API Endpoints via Environment Variables
 
-Three environment variables receive special treatment when set in `engine.env`: `OPENAI_BASE_URL` (for `codex`), `ANTHROPIC_BASE_URL` (for `claude`), and `GITHUB_COPILOT_BASE_URL` (for `copilot`). When any of these is present, the API proxy automatically routes API calls to the specified host instead of the default endpoint. Firewall enforcement remains active, but this routing layer is not a separate authentication boundary for arbitrary code already running inside the agent container.
+Three environment variables receive special treatment when set in `engine.env`: `OPENAI_BASE_URL` (for `codex`), `ANTHROPIC_BASE_URL` (for `claude`), `GITHUB_COPILOT_BASE_URL` (for `copilot`), and `GEMINI_API_BASE_URL` (for `gemini`). When any of these is present, the API proxy automatically routes API calls to the specified host instead of the default endpoint. Firewall enforcement remains active, but this routing layer is not a separate authentication boundary for arbitrary code already running inside the agent container.
 
 This enables workflows to use internal LLM routers, Azure OpenAI deployments, corporate Copilot proxies, or other compatible endpoints without bypassing AWF's security model.
 
@@ -205,7 +205,22 @@ network:
 
 `GITHUB_COPILOT_BASE_URL` is used as a fallback when `engine.api-target` is not explicitly set. If both are configured, `engine.api-target` takes precedence.
 
-The custom hostname is extracted from the URL and passed to the AWF `--openai-api-target`, `--anthropic-api-target`, or `--copilot-api-target` flag automatically at compile time. No additional configuration is required.
+For Gemini workflows routed through a custom Gemini-compatible endpoint:
+
+```yaml wrap
+engine:
+  id: gemini
+  env:
+    GEMINI_API_BASE_URL: "https://gemini-proxy.internal.example.com"
+    GEMINI_API_KEY: ${{ secrets.PROXY_API_KEY }}
+
+network:
+  allowed:
+    - github.com
+    - gemini-proxy.internal.example.com
+```
+
+The custom hostname is extracted from the URL and passed to the AWF `--openai-api-target`, `--anthropic-api-target`, `--copilot-api-target`, or `--gemini-api-target` flag automatically at compile time. No additional configuration is required.
 
 ### Engine Command-Line Arguments
 

pkg/workflow/awf_helpers.go

@@ -315,6 +315,21 @@ func BuildAWFArgs(config AWFCommandConfig) []string {
 		awfHelpersLog.Printf("Added --copilot-api-target=%s", copilotTarget)
 	}
 
+	// Add Gemini API target for the LLM gateway proxy.
+	// Unlike OpenAI/Anthropic/Copilot where AWF has built-in default routing,
+	// Gemini requires an explicit target so the proxy knows where to forward requests.
+	// Defaults to generativelanguage.googleapis.com when the engine is Gemini.
+	if geminiTarget := GetGeminiAPITarget(config.WorkflowData, config.EngineName); geminiTarget != "" {
+		awfArgs = append(awfArgs, "--gemini-api-target", geminiTarget)
+		awfHelpersLog.Printf("Added --gemini-api-target=%s", geminiTarget)
+	}
+
+	geminiBasePath := extractAPIBasePath(config.WorkflowData, "GEMINI_API_BASE_URL")
+	if geminiBasePath != "" {
+		awfArgs = append(awfArgs, "--gemini-api-base-path", geminiBasePath)
+		awfHelpersLog.Printf("Added --gemini-api-base-path=%s", geminiBasePath)
+	}
+
 	// Add SSL Bump support for HTTPS content inspection (v0.9.0+)
 	sslBumpArgs := getSSLBumpArgs(firewallConfig)
 	awfArgs = append(awfArgs, sslBumpArgs...)
@@ -491,6 +506,7 @@ func extractAPIBasePath(workflowData *WorkflowData, envVar string) string {
 //   - Codex:    OPENAI_BASE_URL     → --openai-api-target
 //   - Claude:   ANTHROPIC_BASE_URL  → --anthropic-api-target
 //   - Copilot:  GITHUB_COPILOT_BASE_URL → --copilot-api-target (fallback when api-target not set)
+//   - Gemini:   GEMINI_API_BASE_URL → --gemini-api-target (default: generativelanguage.googleapis.com)
 //
 // Returns empty string if neither source is configured.
 func GetCopilotAPITarget(workflowData *WorkflowData) string {
@@ -503,6 +519,33 @@ func GetCopilotAPITarget(workflowData *WorkflowData) string {
 	return extractAPITargetHost(workflowData, "GITHUB_COPILOT_BASE_URL")
 }
 
+// DefaultGeminiAPITarget is the default Gemini API endpoint hostname.
+// AWF's proxy sidecar needs this target to forward Gemini API requests, since
+// unlike OpenAI/Anthropic/Copilot, the proxy has no built-in default handler for Gemini.
+const DefaultGeminiAPITarget = "generativelanguage.googleapis.com"
+
+// GetGeminiAPITarget returns the effective Gemini API target hostname for the LLM gateway proxy.
+// Unlike other engines where AWF has built-in default routing, Gemini requires an explicit target.
+//
+// Resolution order:
+//  1. GEMINI_API_BASE_URL in engine.env (custom endpoint)
+//  2. Default: generativelanguage.googleapis.com (when engine is "gemini")
+//
+// Returns empty string if the engine is not Gemini and no custom GEMINI_API_BASE_URL is configured.
+func GetGeminiAPITarget(workflowData *WorkflowData, engineName string) string {
+	// Check for custom GEMINI_API_BASE_URL in engine.env
+	if customTarget := extractAPITargetHost(workflowData, "GEMINI_API_BASE_URL"); customTarget != "" {
+		return customTarget
+	}
+
+	// Default to the standard Gemini API endpoint when engine is Gemini
+	if engineName == "gemini" {
+		return DefaultGeminiAPITarget
+	}
+
+	return ""
+}
+
 // ComputeAWFExcludeEnvVarNames returns the list of environment variable names that must be
 // excluded from the agent container's visible environment via AWF's --exclude-env flag.
 //

pkg/workflow/awf_helpers_test.go

@@ -919,3 +919,218 @@ func TestAWFSupportsCliProxy(t *testing.T) {
 		})
 	}
 }
+
+// TestGetGeminiAPITarget tests the GetGeminiAPITarget helper that resolves the effective
+// Gemini API target from GEMINI_API_BASE_URL in engine.env or the default endpoint.
+func TestGetGeminiAPITarget(t *testing.T) {
+	tests := []struct {
+		name         string
+		workflowData *WorkflowData
+		engineName   string
+		expected     string
+	}{
+		{
+			name: "returns default target for gemini engine with no custom URL",
+			workflowData: &WorkflowData{
+				EngineConfig: &EngineConfig{
+					ID: "gemini",
+				},
+			},
+			engineName: "gemini",
+			expected:   "generativelanguage.googleapis.com",
+		},
+		{
+			name: "custom GEMINI_API_BASE_URL takes precedence over default",
+			workflowData: &WorkflowData{
+				EngineConfig: &EngineConfig{
+					ID: "gemini",
+					Env: map[string]string{
+						"GEMINI_API_BASE_URL": "https://gemini-proxy.internal.company.com/v1",
+					},
+				},
+			},
+			engineName: "gemini",
+			expected:   "gemini-proxy.internal.company.com",
+		},
+		{
+			name: "returns empty for non-gemini engine without custom URL",
+			workflowData: &WorkflowData{
+				EngineConfig: &EngineConfig{
+					ID: "claude",
+				},
+			},
+			engineName: "claude",
+			expected:   "",
+		},
+		{
+			name:         "returns empty when workflowData is nil",
+			workflowData: nil,
+			engineName:   "gemini",
+			expected:     "generativelanguage.googleapis.com",
+		},
+		{
+			name: "returns custom target for non-gemini engine with GEMINI_API_BASE_URL",
+			workflowData: &WorkflowData{
+				EngineConfig: &EngineConfig{
+					ID: "custom",
+					Env: map[string]string{
+						"GEMINI_API_BASE_URL": "https://custom-proxy.example.com",
+					},
+				},
+			},
+			engineName: "custom",
+			expected:   "custom-proxy.example.com",
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			result := GetGeminiAPITarget(tt.workflowData, tt.engineName)
+			assert.Equal(t, tt.expected, result, "GetGeminiAPITarget should return expected hostname")
+		})
+	}
+}
+
+// TestAWFGeminiAPITargetFlags tests that BuildAWFArgs includes --gemini-api-target flag
+// for the Gemini engine with default and custom endpoints.
+func TestAWFGeminiAPITargetFlags(t *testing.T) {
+	t.Run("includes default gemini-api-target flag for gemini engine", func(t *testing.T) {
+		workflowData := &WorkflowData{
+			Name: "test-workflow",
+			EngineConfig: &EngineConfig{
+				ID: "gemini",
+			},
+			NetworkPermissions: &NetworkPermissions{
+				Firewall: &FirewallConfig{
+					Enabled: true,
+				},
+			},
+		}
+
+		config := AWFCommandConfig{
+			EngineName:     "gemini",
+			WorkflowData:   workflowData,
+			AllowedDomains: "github.com",
+		}
+
+		args := BuildAWFArgs(config)
+		argsStr := strings.Join(args, " ")
+
+		assert.Contains(t, argsStr, "--gemini-api-target", "Should include --gemini-api-target flag")
+		assert.Contains(t, argsStr, "generativelanguage.googleapis.com", "Should include default Gemini API hostname")
+	})
+
+	t.Run("includes custom gemini-api-target flag when GEMINI_API_BASE_URL is configured", func(t *testing.T) {
+		workflowData := &WorkflowData{
+			Name: "test-workflow",
+			EngineConfig: &EngineConfig{
+				ID: "gemini",
+				Env: map[string]string{
+					"GEMINI_API_BASE_URL": "https://gemini-proxy.internal.company.com/v1",
+					"GEMINI_API_KEY":      "${{ secrets.GEMINI_PROXY_KEY }}",
+				},
+			},
+			NetworkPermissions: &NetworkPermissions{
+				Firewall: &FirewallConfig{
+					Enabled: true,
+				},
+			},
+		}
+
+		config := AWFCommandConfig{
+			EngineName:     "gemini",
+			WorkflowData:   workflowData,
+			AllowedDomains: "github.com",
+		}
+
+		args := BuildAWFArgs(config)
+		argsStr := strings.Join(args, " ")
+
+		assert.Contains(t, argsStr, "--gemini-api-target", "Should include --gemini-api-target flag")
+		assert.Contains(t, argsStr, "gemini-proxy.internal.company.com", "Should include custom Gemini hostname")
+	})
+
+	t.Run("does not include gemini-api-target for non-gemini engine without custom URL", func(t *testing.T) {
+		workflowData := &WorkflowData{
+			Name: "test-workflow",
+			EngineConfig: &EngineConfig{
+				ID: "claude",
+			},
+			NetworkPermissions: &NetworkPermissions{
+				Firewall: &FirewallConfig{
+					Enabled: true,
+				},
+			},
+		}
+
+		config := AWFCommandConfig{
+			EngineName:     "claude",
+			WorkflowData:   workflowData,
+			AllowedDomains: "github.com",
+		}
+
+		args := BuildAWFArgs(config)
+		argsStr := strings.Join(args, " ")
+
+		assert.NotContains(t, argsStr, "--gemini-api-target", "Should not include --gemini-api-target for non-gemini engine")
+	})
+
+	t.Run("includes gemini-api-base-path when custom URL has path component", func(t *testing.T) {
+		workflowData := &WorkflowData{
+			Name: "test-workflow",
+			EngineConfig: &EngineConfig{
+				ID: "gemini",
+				Env: map[string]string{
+					"GEMINI_API_BASE_URL": "https://gemini-proxy.company.com/serving-endpoints",
+					"GEMINI_API_KEY":      "${{ secrets.GEMINI_PROXY_KEY }}",
+				},
+			},
+			NetworkPermissions: &NetworkPermissions{
+				Firewall: &FirewallConfig{
+					Enabled: true,
+				},
+			},
+		}
+
+		config := AWFCommandConfig{
+			EngineName:     "gemini",
+			WorkflowData:   workflowData,
+			AllowedDomains: "github.com",
+		}
+
+		args := BuildAWFArgs(config)
+		argsStr := strings.Join(args, " ")
+
+		assert.Contains(t, argsStr, "--gemini-api-base-path", "Should include --gemini-api-base-path flag")
+		assert.Contains(t, argsStr, "/serving-endpoints", "Should include the path component")
+	})
+}
+
+// TestGeminiEngineIncludesGeminiAPITarget tests that the Gemini engine execution
+// step includes --gemini-api-target when firewall is enabled.
+func TestGeminiEngineIncludesGeminiAPITarget(t *testing.T) {
+	workflowData := &WorkflowData{
+		Name: "test-workflow",
+		EngineConfig: &EngineConfig{
+			ID: "gemini",
+		},
+		NetworkPermissions: &NetworkPermissions{
+			Firewall: &FirewallConfig{
+				Enabled: true,
+			},
+		},
+	}
+
+	engine := NewGeminiEngine()
+	steps := engine.GetExecutionSteps(workflowData, "test.log")
+
+	if len(steps) < 2 {
+		t.Fatal("Expected at least two execution steps (settings + execution)")
+	}
+
+	// steps[0] = Write Gemini Settings, steps[1] = Execute Gemini CLI
+	stepContent := strings.Join(steps[1], "\n")
+
+	assert.Contains(t, stepContent, "--gemini-api-target", "Should include --gemini-api-target flag")
+	assert.Contains(t, stepContent, "generativelanguage.googleapis.com", "Should include default Gemini API hostname")
+}

pkg/workflow/domains.go

@@ -751,6 +751,12 @@ func (c *Compiler) computeAllowedDomainsForSanitization(data *WorkflowData) stri
 		base = mergeAPITargetDomains(base, copilotAPITarget)
 	}
 
+	// Add Gemini API target domains so GH_AW_ALLOWED_DOMAINS stays in sync with --allow-domains.
+	// Resolved from GEMINI_API_BASE_URL in engine.env or default generativelanguage.googleapis.com.
+	if geminiAPITarget := GetGeminiAPITarget(data, engineID); geminiAPITarget != "" {
+		base = mergeAPITargetDomains(base, geminiAPITarget)
+	}
+
 	return base
 }