#22569: [Feature] add provider wizard

## Summary Describe the problem and fix in 2–5 bullets: - Problem: Adding custom OpenAI/Anthropic-compatible providers manually to the configuration file is error-prone for users. Additionally, recent upstream syncs introduced a TypeScript type mismatch in the session schema, and new gateway methods were missing permission classifications. - Why it matters: A guided TUI wizard significantly improves the developer experience (DX) for onboarding local models (like Ollama/vLLM). Fixing the schema and type errors is essential for project build stability. - What changed: Implemented `AddProviderWizard` in the TUI, supporting guided entry of Base URL, API Key, Model ID, and auto-detection of compatibility. - What did NOT change (scope boundary): The core model execution logic or existing hardcoded provider implementations remained untouched. ## Change Type (select all) - [ ] Bug fix - [x] Feature - [ ] Refactor - [ ] Docs - [ ] Security hardening - [ ] Chore/infra ## Scope (select all touched areas) - [x] Gateway / orchestration - [ ] Skills / tool execution - [ ] Auth / tokens - [ ] Memory / storage - [ ] Integrations - [x] API / contracts - [x] UI / DX - [ ] CI/CD / infra ## Linked Issue/PR - Closes # - Related # ## User-visible / Behavior Changes - Added a new "Add Custom Provider" wizard in the TUI. - Users can now verify provider connectivity (OpenAI/Anthropic probes) directly during setup. ## Security Impact (required) - New permissions/capabilities? (`Yes`) - Secrets/tokens handling changed? (`No`) - New/changed network calls? (`Yes`) - Command/tool execution surface changed? (`No`) - Data access scope changed? (`No`) - If any `Yes`, explain risk + mitigation: Added `models.addProvider` capability. To mitigate unauthorized access, it is restricted to the `operator.admin` scope, ensuring only authorized administrators can modify the model provider configuration via the gateway. The wizard also performs network probes to verify endpoints, which are governed by standard fetch timeouts. ## Repro + Verification ### Environment - OS: darwin (macOS) - Runtime/container: Node.js 22.12.0+ - Model/provider: Custom (OpenAI/Anthropic compatible) - Integration/channel (if any): TUI - Relevant config (redacted): N/A ### Steps 1. Run `pnpm build` to verify schema fixes. 2. Run `pnpm test src/gateway/method-scopes.test.ts` to verify permission classification. 3. (In TUI) Trigger the Add Provider wizard and follow the steps to add a local Ollama/vLLM endpoint. ### Expected - Project builds successfully without Zod/TypeScript errors. - Tests pass. - New providers are correctly added to the config and immediately visible in the model catalog. ### Actual - Build passes successfully. - All 7 tests in `method-scopes.test.ts` pass. - TUI wizard correctly updates `config.json5`. ## Evidence Attach at least one: - [x] Failing test/log before + passing after (Fixed `models.addProvider` unclassified error) - [x] Trace/log snippets (Confirmed `pnpm build` completion) - [ ] Screenshot/recording - [ ] Perf numbers (if relevant) ## Human Verification (required) What you personally verified (not just CI), and how: - Verified scenarios: Local build, specific test suite execution, and TUI component rendering. - Edge cases checked: Empty API keys (optional), invalid URL formats, invalid model names, and auto-detection fallback logic. - What you did **not** verify: Full end-to-end integration with a live remote production Discord bot (verified via existing test mocks). ## Compatibility / Migration - Backward compatible? (`Yes`) - Config/env changes? (`No`) - Migration needed? (`No`) - If yes, exact upgrade steps: ## Failure Recovery (if this breaks) - How to disable/revert this change quickly: Revert the commit and remove the newly added `AddProviderWizard` references in TUI command handlers. - Files/config to restore: `src/config/zod-schema.session.ts`, `src/gateway/method-scopes.ts`. - Known bad symptoms reviewers should watch for: Build errors related to Zod defaults or 403 Forbidden errors when trying to add providers via the API. ## Risks and Mitigations List only real risks for this PR. Add/remove entries as needed. If none, write `None`. - Risk: Incorrect endpoint auto-detection for non-standard APIs. - Mitigation: Provided manual selection options ("OpenAI-compatible" / "Anthropic-compatible") as a fallback auto-detection fails. <!-- greptile_comment --> <h3>Greptile Summary</h3> Added a TUI wizard (`AddProviderWizard`) to simplify adding custom OpenAI/Anthropic-compatible model providers, along with a new `models.addProvider` gateway method. The wizard guides users through configuring base URL, API key, compatibility mode, model ID, and provider ID, with optional endpoint verification. Major changes: - New `models.addProvider` gateway method with admin-scope permission requirement - Added `AddProviderWizard` component with auto-detection and manual verification flows - Integrated wizard into model selector as "+ Add my provider" option - Fixed default context window and max tokens from 4096 to 256,000 in `onboard-custom.ts` Issues found: - Endpoint verification logic doesn't distinguish between network failures and valid HTTP error responses (4xx/5xx), causing incorrect fallback to alternative compatibility modes - Auto-detection mode runs verification twice due to control flow issue - Production code calls test-only function `__resetModelCatalogCacheForTest()` <h3>Confidence Score: 2/5</h3> - This PR has logical issues in endpoint verification that will cause incorrect behavior during provider auto-detection - The verification logic has a critical flaw where HTTP error responses (401, 400, etc.) are treated as "endpoint not found" rather than "endpoint is compatible but request failed". This causes the wizard to incorrectly try multiple compatibility modes when it should recognize the endpoint type from error responses. Additionally, calling a test-only function in production code is a code quality issue. - Pay close attention to `src/tui/components/add-provider-wizard.ts` lines 290-352 (verification logic) and `src/gateway/server-methods/models.ts` line 53 (test function usage) _{Last reviewed commit: 4f7e9b6} <!-- greptile_other_comments_section --> _{(2/5) Greptile learns from your feedback when you react with thumbs up/down!} <!-- /greptile_comment -->