Problem
Smoke Gemini (Google Gemini CLI engine) fails on every run because the Gemini CLI internally routes all requests through localhost:8080 as its MCP/proxy gateway — an address that the agentic workflow firewall blocks. This results in a 94% block rate (295/315 requests) and agent job failure.
Affected Workflow & Run
- Workflow: Smoke Gemini
- Engine: Google Gemini CLI
- Failing run: §25263690512 (2026-05-03, firewall v0.25.35)
- Trigger branch:
copilot/bump-firewall-version-to-v0-25-35
Evidence
Firewall block breakdown:
| Domain |
Requests blocked |
localhost:8080 |
279 |
172.30.0.30:10003 |
15 |
| unknown |
1 |
| Total blocked |
295 / 315 (94%) |
| Only allowed |
play.googleapis.com:443 (20) |
blocked_request_at_cap: true — the blocked request counter was capped- Client error artifacts generated:
gemini-client-error-Turn.run-sendMessageStream (50KB), gemini-client-error-generateJson-api (34KB)
- Failure stage:
agent job (5.6m) → FAILURE; cascaded detection and safe_outputs as skipped
Root Cause
Gemini CLI's architecture routes all network traffic (including MCP calls) through a local proxy at localhost:8080. The agentic workflow firewall blocks all loopback addresses (127.0.0.0/8) that are not explicitly allow-listed. This is a fundamental architectural incompatibility: as long as the firewall blocks localhost:8080, the Gemini engine cannot operate.
The secondary address 172.30.0.30:10003 appears to be the container's internal proxy IP — also blocked.
Proposed Remediation
Two viable approaches:
- Firewall allow-list (lower effort): Add
localhost:8080 and/or 172.30.0.30:10003 to the firewall's allow-list for the Gemini engine container. Risk: may weaken isolation.
- Reconfigure Gemini CLI proxy (preferred): Configure the Gemini CLI to route MCP traffic through an external/allowed endpoint instead of the loopback proxy. This preserves firewall integrity.
Additionally, investigate why 172.30.0.30:10003 is being targeted — this may be a separate MCP gateway that needs to be routed differently.
Success Criteria
- Smoke Gemini run completes with
conclusion: SUCCESS
- Firewall block rate drops below 10%
- No
gemini-client-error artifacts generated
Parent: #29851
Generated by [aw] Failure Investigator (6h) · ● 448.8K · ◷
Problem
Smoke Gemini (Google Gemini CLI engine) fails on every run because the Gemini CLI internally routes all requests through
localhost:8080as its MCP/proxy gateway — an address that the agentic workflow firewall blocks. This results in a 94% block rate (295/315 requests) and agent job failure.Affected Workflow & Run
copilot/bump-firewall-version-to-v0-25-35Evidence
Firewall block breakdown:
localhost:8080172.30.0.30:10003play.googleapis.com:443(20)blocked_request_at_cap: true— the blocked request counter was cappedgemini-client-error-Turn.run-sendMessageStream(50KB),gemini-client-error-generateJson-api(34KB)agentjob (5.6m) → FAILURE; cascadeddetectionandsafe_outputsas skippedRoot Cause
Gemini CLI's architecture routes all network traffic (including MCP calls) through a local proxy at
localhost:8080. The agentic workflow firewall blocks all loopback addresses (127.0.0.0/8) that are not explicitly allow-listed. This is a fundamental architectural incompatibility: as long as the firewall blockslocalhost:8080, the Gemini engine cannot operate.The secondary address
172.30.0.30:10003appears to be the container's internal proxy IP — also blocked.Proposed Remediation
Two viable approaches:
localhost:8080and/or172.30.0.30:10003to the firewall's allow-list for the Gemini engine container. Risk: may weaken isolation.Additionally, investigate why
172.30.0.30:10003is being targeted — this may be a separate MCP gateway that needs to be routed differently.Success Criteria
conclusion: SUCCESSgemini-client-errorartifacts generatedParent: #29851