Problem
When a workflow sets engine.model: gpt-5-codex (a retired model), AWF passes the literal string as COPILOT_MODEL to the Copilot CLI without validation. The agent fails with a provider authentication-style error rather than a clear "model unavailable" message, misleading operators into thinking their API keys are wrong.
Context
Source issue: github/gh-aw#35032
Affected config:
engine:
id: copilot
model: gpt-5-codex
Root Cause
pkg/workflow/engine.go:285-289 copies the raw YAML engine.model string into EngineConfig.Model without resolving aliases or checking availability. AWF then surfaces an opaque auth failure from the Copilot process instead of a model-resolution error.
Proposed Solution
- In
src/cli.ts (or a new src/model-validator.ts), add pre-flight model validation against a known list of supported/retired models before starting containers.
- When
--enable-api-proxy is active (containers/api-proxy/), the API proxy should return a 400 Bad Request with a descriptive body when the requested model is retired or unknown, rather than forwarding a request that produces an auth-flavored error.
- Log a clear warning:
"Model 'gpt-5-codex' is retired; did you mean 'gpt-5.3-codex'?" before exiting with a non-zero code.
Generated by Firewall Issue Dispatcher · sonnet46 2.5M · ◷
Problem
When a workflow sets
engine.model: gpt-5-codex(a retired model), AWF passes the literal string asCOPILOT_MODELto the Copilot CLI without validation. The agent fails with a provider authentication-style error rather than a clear "model unavailable" message, misleading operators into thinking their API keys are wrong.Context
Source issue: github/gh-aw#35032
Affected config:
Root Cause
pkg/workflow/engine.go:285-289copies the raw YAMLengine.modelstring intoEngineConfig.Modelwithout resolving aliases or checking availability. AWF then surfaces an opaque auth failure from the Copilot process instead of a model-resolution error.Proposed Solution
src/cli.ts(or a newsrc/model-validator.ts), add pre-flight model validation against a known list of supported/retired models before starting containers.--enable-api-proxyis active (containers/api-proxy/), the API proxy should return a400 Bad Requestwith a descriptive body when the requested model is retired or unknown, rather than forwarding a request that produces an auth-flavored error."Model 'gpt-5-codex' is retired; did you mean 'gpt-5.3-codex'?"before exiting with a non-zero code.