rebuild fails: Dockerfile Patch 4 literal-string assert breaks against OpenClaw 2026.4.24 in base image

[wist83-hue]

Summary

nemoclaw <name> rebuild (and nemoclaw onboard --resume after a failed rebuild) fails during the in-image OpenClaw JS patch step (Step 17 of Dockerfile, "Patch 4 — graceful EACCES in replaceConfigFile"). The Python script's literal-string assert no longer matches the source in the bundled OpenClaw, because the base sandbox image now ships OpenClaw 2026.4.24 while NemoClaw v0.0.29's blueprint pin is min_openclaw_version: 2026.4.9.

The result: any rebuild on a fresh v0.0.29 install destroys the sandbox during the recreate step and cannot recover via onboard --resume (same patch, same failure).

Repro

curl -fsSL https://www.nvidia.com/nemoclaw.sh | bash   # default install, build provider
nemoclaw <sandbox-name> rebuild --yes

Error trace

Step 16/56 : RUN ... INFO: OpenClaw 2026.4.24 is current (>= 2026.4.9), no upgrade needed
Step 17/56 : RUN set -eu; ... # Patch 4 ...
 ---> Running in <id>
Traceback (most recent call last):
  File "<string>", line 1, in <module>
AssertionError: writeConfigFile(params.nextConfig) pattern not found
The command '/bin/bash -o pipefail -c set -eu; ...' returned a non-zero code: 1

Recreate failed after sandbox was destroyed.
Backup is preserved at: ~/.nemoclaw/rebuild-backups/<name>/<timestamp>

The literal pattern Patch 4 searches for —

\tawait writeConfigFile(params.nextConfig, {\n\t\t...writeOptions,\n\t\t...params.writeOptions\n\t});

— no longer appears in /usr/local/lib/node_modules/openclaw/dist/*.js for OpenClaw 2026.4.24, presumably due to a refactor of replaceConfigFile.

Environment

• NemoClaw: v0.0.29
• OpenShell: 0.0.36 (per cluster image tag)
• OpenClaw (in base image): 2026.4.24
• OS: Ubuntu 24.04 / kernel 6.17.0-22-generic
• Docker: 29.1.3
• Node: 25.6.1
• GPU: RTX 4090
• Provider: build (NVIDIA Endpoints, hosted)
• Sandbox image digest pinned in blueprint: sha256:b3d832b596ab6b7184a9dcb4ae93337ca32851a4f93b00765cc12de26baa3a9a

Suggested fix

One of:

1. Bump min_openclaw_version in nemoclaw-blueprint/blueprint.yaml to 2026.4.24 and update Patch 4's literal-string match (or pattern-match against the new shape of replaceConfigFile).
2. Make Patch 4 tolerant of a missing pattern when the bundled OpenClaw version is >= 2026.4.X where the refactor landed — warn instead of failing the build, since the function may now handle EACCES natively.
3. Pin the sandbox image digest to one whose OpenClaw is 2026.4.9 (revert image bump) until Patch 4 is re-targeted.

Happy to test a candidate fix.

[wist83-hue]

Update from continued investigation while testing a workaround:

Two more findings worth adding to this issue (or splitting into separate ones):

1. blueprint.yaml's policy.additions field is inert in v0.0.29

The schema (schemas/blueprint.schema.json) declares components.policy.additions, and nemoclaw/src/blueprint/runner.ts reads it into a context object:

policy_additions: blueprint.components?.policy?.additions ?? {},

…but no other code in the repo consumes policy_additions anywhere — it's parsed and dropped. Confirmed empirically: the default blueprint's additions.nim_service (host nim-service.local) does not appear in the active OpenShell policy, and neither do additions added by users.

Effect: blueprint authors who try to extend egress via policy.additions (a natural reading of the schema and the field name) get no runtime effect and no warning. The actually-effective customization points for egress are policies/openclaw-sandbox.yaml (base) and policies/presets/*.yaml (runtime presets).

2. network_policies entries with no binaries: block silently deny all callers

When adding an entry to policies/openclaw-sandbox.yaml, an endpoints block alone is not sufficient — without a binaries: block, the OPA gate denies the egress for every calling binary (the absence is treated as "no binary allowed", not "any binary allowed").

Repro:

network_policies:
  hello_world:
    name: hello_world
    endpoints:
      - host: api.github.com
        port: 443
        access: full
        tls: skip
    # no binaries: block

→ curl: CONNECT tunnel failed, 403. Adding binaries: [{path: /usr/bin/curl}] flips the result to HTTP 200.

This deny-by-default is probably correct security-wise, but it'd be helpful if either (a) the blueprint validator warned on network_policies.* without a binaries: block, or (b) the docs called it out as a required pairing.

Workaround for the original issue (Patch 4 / OpenClaw 2026.4.24)

Locally I made Patch 4 tolerant by wrapping the python assert old in src in a soft-fail print and downgrading line 184's grep ... || exit 1 to || echo WARN. With that change, rebuild proceeds successfully, and the resulting sandbox runs OpenClaw 2026.4.24 normally (no plugin-install path was exercised, so the EACCES wrap wasn't needed in practice). Happy to send a PR if you'd like that exact patch.

[wscurran]

Thanks for the precise error trace and version breakdown — this identifies a hard rebuild failure where Patch 4's literal-string assert no longer matches the replaceConfigFile shape shipped in OpenClaw 2026.4.24, leaving any fresh v0.0.29 install unable to complete a rebuild. A fix could update the patch pattern to target the new function shape, add a version-gated tolerance for the missing match, or re-pin the base image to an OpenClaw version the patch was written against.