fix(api-proxy): exclude GEMINI_API_BASE_URL from env-all passthrough

Agent-Logs-Url: https://github.com/github/gh-aw-firewall/sessions/45da4d20-2dd1-4626-bdd7-cfe45a6c0037

Author: Copilot

docs/api-proxy-sidecar.md

@@ -432,7 +432,7 @@ Fields:
 
 ### Gemini proxy returns 503
 
-When `--enable-api-proxy` is active, `GOOGLE_GEMINI_BASE_URL`, `GEMINI_API_BASE_URL`, and a placeholder `GEMINI_API_KEY` are always injected into the agent container. If the real `GEMINI_API_KEY` was not set in the AWF runner environment, the api-proxy Gemini listener (port 10003) responds with **503** to all requests.
+When `--enable-api-proxy` is active **and `GEMINI_API_KEY` is provided to the AWF runner**, `GOOGLE_GEMINI_BASE_URL`, `GEMINI_API_BASE_URL`, and a placeholder `GEMINI_API_KEY` are injected into the agent container. If the real `GEMINI_API_KEY` was not set in the AWF runner environment, the Gemini routing vars are never set and the api-proxy Gemini listener (port 10003) responds with **503** to any requests that do reach it.
 
 **Solution**: Export `GEMINI_API_KEY` in the runner environment before invoking AWF. In GitHub Actions, add it to the step's `env:` block and use `sudo --preserve-env`:
 

src/docker-manager.test.ts

@@ -3094,6 +3094,24 @@ describe('docker-manager', () => {
         }
       });
 
+      it('should not inherit GEMINI_API_BASE_URL from host env via envAll when geminiApiKey is absent', () => {
+        const origVal = process.env.GEMINI_API_BASE_URL;
+        process.env.GEMINI_API_BASE_URL = 'http://some-other-proxy';
+        try {
+          const configWithProxy = { ...mockConfig, enableApiProxy: true, openaiApiKey: 'sk-test-key', envAll: true };
+          const result = generateDockerCompose(configWithProxy, mockNetworkConfigWithProxy);
+          const env = result.services.agent.environment as Record<string, string>;
+          // GEMINI_API_BASE_URL is in EXCLUDED_ENV_VARS so it must not be inherited from host
+          expect(env.GEMINI_API_BASE_URL).toBeUndefined();
+        } finally {
+          if (origVal !== undefined) {
+            process.env.GEMINI_API_BASE_URL = origVal;
+          } else {
+            delete process.env.GEMINI_API_BASE_URL;
+          }
+        }
+      });
+
       it('should NOT set GEMINI_API_KEY placeholder in agent when api-proxy is enabled without geminiApiKey', () => {
         const configWithProxy = { ...mockConfig, enableApiProxy: true, openaiApiKey: 'sk-test-key' };
         const result = generateDockerCompose(configWithProxy, mockNetworkConfigWithProxy);

src/docker-manager.ts

@@ -773,6 +773,7 @@ export function generateDockerCompose(
     EXCLUDED_ENV_VARS.add('CLAUDE_API_KEY');
     EXCLUDED_ENV_VARS.add('GEMINI_API_KEY');
     EXCLUDED_ENV_VARS.add('GOOGLE_GEMINI_BASE_URL');
+    EXCLUDED_ENV_VARS.add('GEMINI_API_BASE_URL');
     // COPILOT_GITHUB_TOKEN and COPILOT_API_KEY get placeholders (not excluded), protected by one-shot-token
     // GITHUB_API_URL is intentionally NOT excluded: the Copilot CLI needs it to know the
     // GitHub API base URL. Copilot-specific API calls (inference and token exchange) go