feat: support ANTHROPIC_BASE_URL and ANTHROPIC_AUTH_TOKEN for custom endpoints

[ramarivera]

Summary

• Add ANTHROPIC_BASE_URL and ANTHROPIC_AUTH_TOKEN to the environment variable allowlist

Enables use of LLM gateways and Anthropic-compatible providers with AutoMaker.

Usage

ANTHROPIC_API_KEY=your-key \
ANTHROPIC_BASE_URL=https://your-gateway.example.com/v1 \
docker-compose up -d

Closes #338

Summary by CodeRabbit

• Chores

  • Enhanced Claude provider to support configuring a custom API endpoint and authentication token via environment settings, enabling easier integration with Anthropic deployments or proxies.

• Tests

  • Added unit tests to verify environment-based configuration is correctly passed through for these settings.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Note

Other AI code review bot(s) detected

CodeRabbit has detected other AI code review bot(s) in this pull request and will avoid duplicating their findings in the review comments. This may lead to a less comprehensive review.

📝 Walkthrough

Walkthrough

Extended the Claude provider's environment allowlist to include ANTHROPIC_BASE_URL and ANTHROPIC_AUTH_TOKEN, and added unit tests verifying these variables are passed through to the Anthropic/Claude SDK.

Changes

Cohort / File(s)	Summary
Provider allowlist update apps/server/src/providers/claude-provider.ts	Added ANTHROPIC_BASE_URL and ANTHROPIC_AUTH_TOKEN to the ALLOWED_ENV_VARS array so they are passed through to the Claude/Anthropic SDK when present in process.env.
Unit tests apps/server/tests/unit/providers/claude-provider.test.ts	Added tests confirming ANTHROPIC_BASE_URL and ANTHROPIC_AUTH_TOKEN are included in the SDK environment when set, including cleanup (afterEach) of env vars.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

Poem

🐰 I hopped through code with joy and cheer,

Two vars now travel far and near,
Gateways sing and endpoints play,
Anthropic paths now find their way,
A tiny change — a brighter day!

Pre-merge checks and finishing touches

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main change: adding support for ANTHROPIC_BASE_URL and ANTHROPIC_AUTH_TOKEN environment variables for custom endpoints.
Linked Issues check	✅ Passed	The PR fully addresses the linked issue #338 requirements: adds ANTHROPIC_BASE_URL to ALLOWED_ENV_VARS (minimal fix) and also includes ANTHROPIC_AUTH_TOKEN (enhanced solution).
Out of Scope Changes check	✅ Passed	All changes are directly related to the stated objectives: environment variable allowlist modifications in claude-provider.ts and corresponding unit tests.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✨ Finishing touches

• 📝 Generate docstrings

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[gemini-code-assist]

Summary of Changes

Hello @ramarivera, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request introduces greater flexibility for integrating with Anthropic's API by allowing users to specify custom base URLs and authentication tokens via new environment variables. This change is crucial for supporting LLM gateways and other Anthropic-compatible services, thereby expanding the interoperability of AutoMaker with diverse AI infrastructure setups.

Highlights

• Environment Variables: Added 'ANTHROPIC_BASE_URL' and 'ANTHROPIC_AUTH_TOKEN' to the allowlist of environment variables that can be passed to the application.
• Custom Endpoints: This enhancement enables AutoMaker to connect to LLM gateways and other Anthropic-compatible providers by allowing custom base URLs and authentication tokens to be configured.

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request adds support for ANTHROPIC_BASE_URL and ANTHROPIC_AUTH_TOKEN to enable using custom Anthropic-compatible endpoints. The change correctly adds these environment variables to the allowlist in claude-provider.ts. However, this change is incomplete as it doesn't update other parts of the application that handle authentication, which will cause issues for users relying on ANTHROPIC_AUTH_TOKEN. I have added a comment highlighting the necessary changes to fully support this new authentication method. Additionally, it would be helpful to add ANTHROPIC_BASE_URL and ANTHROPIC_AUTH_TOKEN to the .env.example file to document these new options for users.

[gemini-code-assist]

While adding ANTHROPIC_AUTH_TOKEN to the allowlist is necessary, its introduction is incomplete and will cause issues with authentication checks, as several places in the codebase only check for ANTHROPIC_API_KEY.

For example, the detectInstallation method in this very file will incorrectly report that no API key is configured if only ANTHROPIC_AUTH_TOKEN is provided.

To fix this and ensure consistent behavior, all checks for authentication credentials should be updated to consider both ANTHROPIC_API_KEY and ANTHROPIC_AUTH_TOKEN.

Here are some of the locations that need to be updated:

• detectInstallation() in apps/server/src/providers/claude-provider.ts
• The handler in apps/server/src/routes/setup/routes/api-keys.ts
• The handler in apps/server/src/routes/setup/routes/verify-claude-auth.ts

[theghostbel]

@ramarivera , i tried to apply this change and run dev:electron - UI shows auth errors. Did you try a non-docker run?

[ramarivera]

Ooh sorry I somehow missed this message!, will take a look as soon as I can

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

apps/server/tests/unit/providers/claude-provider.test.ts (1)

291-377: Well-structured test suite for custom endpoint support.

The tests properly verify that ANTHROPIC_BASE_URL and ANTHROPIC_AUTH_TOKEN are passed through to the SDK when set, covering individual and combined scenarios. The cleanup in afterEach ensures test isolation.

Optional: Consider testing the negative case

You might add a test verifying that when these env vars are NOT set, the options.env either doesn't contain them or the provider handles their absence gracefully. This would document the default behavior explicitly.

it('should not include custom endpoint vars when not set', async () => {
  // Ensure vars are not set (already done in beforeEach, but explicit here)
  delete process.env.ANTHROPIC_BASE_URL;
  delete process.env.ANTHROPIC_AUTH_TOKEN;

  vi.mocked(sdk.query).mockReturnValue(
    (async function* () {
      yield { type: 'text', text: 'test' };
    })()
  );

  const generator = provider.executeQuery({
    prompt: 'Test',
    cwd: '/test',
  });

  await collectAsyncGenerator(generator);

  const callArgs = vi.mocked(sdk.query).mock.calls[0][0];
  // Verify ANTHROPIC_BASE_URL and ANTHROPIC_AUTH_TOKEN are not in env
  // or that env is undefined/doesn't contain these keys
  expect(callArgs.options.env?.ANTHROPIC_BASE_URL).toBeUndefined();
  expect(callArgs.options.env?.ANTHROPIC_AUTH_TOKEN).toBeUndefined();
});

This is optional as the existing tests likely cover the default behavior adequately.

📜 Review details

Configuration used: defaults

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 9fe5b48 and d2f64f1.

📒 Files selected for processing (1)

• apps/server/tests/unit/providers/claude-provider.test.ts

🧰 Additional context used

📓 Path-based instructions (2)

**/*.{ts,tsx,js,jsx}

📄 CodeRabbit inference engine (CLAUDE.md)

Always import from shared packages (@automaker/*), never from old relative paths

Files:

• apps/server/tests/unit/providers/claude-provider.test.ts

**/*.{ts,tsx}

📄 CodeRabbit inference engine (CLAUDE.md)

Use resolveModelString() from @automaker/model-resolver to convert model aliases (haiku, sonnet, opus) to full model names

Files:

• apps/server/tests/unit/providers/claude-provider.test.ts

🧬 Code graph analysis (1)

apps/server/tests/unit/providers/claude-provider.test.ts (1)

apps/server/tests/utils/helpers.ts (1)

• collectAsyncGenerator (8-14)

🔇 Additional comments (2)

apps/server/tests/unit/providers/claude-provider.test.ts (2)

15-16: LGTM! Proper test isolation.

The cleanup of environment variables in beforeEach ensures tests start with a clean state and don't interfere with each other.

---

292-295: Good practice: localized cleanup.

The afterEach cleanup within this describe block provides an additional layer of test isolation. While the suite-level beforeEach (lines 15-16) also cleans these vars, having localized cleanup is a defensive practice that ensures these tests clean up after themselves.

[LousyBook94]