fix(onboard): always inject NEMOCLAW_DASHBOARD_PORT into sandbox env

[prekshivyas]

Summary

• When CHAT_UI_URL specifies a custom port, NEMOCLAW_DASHBOARD_PORT was only injected into the sandbox if the host env var was explicitly set, causing the gateway to listen on the wrong port
• Always derive the effective port from chatUiUrl via getDashboardForwardPort() and inject it unconditionally
• Bump vitest timeouts on flaky openshell gateway tests

Closes #2267

Test plan

• All 2302 existing tests pass
• Verify sandbox starts with correct NEMOCLAW_DASHBOARD_PORT when CHAT_UI_URL uses a non-default port (e.g. :18790)
• Verify default port (18789) still works when CHAT_UI_URL is unset

🤖 Generated with Claude Code

Summary by CodeRabbit

• Bug Fixes

  • Dashboard forwarding now consistently derives and injects the dashboard port from CHAT_UI_URL (including custom ports), preventing mismatches that could block dashboard access.

• New Features

  • Deterministic dashboard port derivation from CHAT_UI_URL for sandbox startup and health checks.

• Documentation

  • Updated onboarding, quickstart, reference, and troubleshooting guides and examples to prefer CHAT_UI_URL with auto-derived ports.

• Tests

  • Added/adjusted tests and extended timeouts to validate port injection and improve CLI/onboard reliability.

[copy-pr-bot]

This pull request requires additional validation before any workflows can run on NVIDIA's runners.

Pull request vetters can view their responsibilities here.

Contributors can view more details about this message here.

[coderabbitai]

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

• @coderabbitai resume to resume automatic reviews.
• @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

• ▶️ Resume reviews
• 🔍 Trigger review

📝 Walkthrough

Walkthrough

The onboard flow now always derives the dashboard forward/listen port from CHAT_UI_URL (via getDashboardForwardPort) and injects it as NEMOCLAW_DASHBOARD_PORT into sandbox creation; several tests had timeouts extended and a mocked e2e onboarding test was added. Documentation updated to prefer CHAT_UI_URL for port selection.

Changes

Cohort / File(s)	Summary
Onboard logic & dashboard contract src/lib/onboard.ts, src/lib/dashboard-contract.ts	Add and use getDashboardForwardPort(chatUiUrl); always compute effective dashboard port from CHAT_UI_URL and pass it into sandbox create/start, and use that port for readiness probes instead of conditionally inheriting process.env.NEMOCLAW_DASHBOARD_PORT.
Tests (timeouts & new e2e) test/cli.test.ts, test/onboard.test.ts	Extend Vitest timeouts for gateway/OpenShell probing in two CLI tests; add a mocked end-to-end onboarding test verifying the derived NEMOCLAW_DASHBOARD_PORT is injected and that the dashboard-forward check targets the same derived port.
Docs / onboarding & troubleshooting .agents/skills/nemoclaw-user-get-started/SKILL.md, .agents/skills/nemoclaw-user-reference/.../references/commands.md, .agents/skills/nemoclaw-user-reference/.../references/troubleshooting.md, docs/get-started/quickstart.md, docs/reference/commands.md, docs/reference/troubleshooting.md	Update onboarding and troubleshooting content to prefer deriving the dashboard port from CHAT_UI_URL in examples and remediation steps; update command refs and examples while retaining note that NEMOCLAW_DASHBOARD_PORT can still be set directly.

Sequence Diagram(s)

sequenceDiagram
    participant CLI as Client (CLI)
    participant Onboard as Onboard service
    participant Gateway as Gateway / Port Forwarder
    participant Sandbox as Sandbox / Container

    CLI->>Onboard: Run `nemoclaw onboard` with CHAT_UI_URL
    Onboard->>Onboard: getDashboardForwardPort(CHAT_UI_URL) -> port
    Onboard->>Gateway: request forward for computed port
    Gateway-->>Onboard: forward created / active
    Onboard->>Sandbox: create sandbox (env: NEMOCLAW_DASHBOARD_PORT=port, CHAT_UI_URL)
    Sandbox-->>Onboard: startup logs / dashboard binds to port
    Onboard->>Gateway: verify active forward for port
    Gateway-->>Onboard: confirmation (active)

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Poem

🐇 I nibble at a CHAT_UI_URL,
I pull the port and give a whirl,
The sandbox wakes with forwarded light,
Ports aligned and everything bright,
Hoppity-hop — the TUI greets the world.

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main change: unconditionally injecting NEMOCLAW_DASHBOARD_PORT into the sandbox environment, derived from CHAT_UI_URL, which directly fixes issue #2267.
Linked Issues check	✅ Passed	The code changes fully address all three objectives from issue #2267: (1) derives dashboard port from CHAT_UI_URL via new getDashboardForwardPort() function, (2) unconditionally injects NEMOCLAW_DASHBOARD_PORT into sandbox env, (3) ensures gateway readiness check uses the correct derived port for consistent port-forwarding.
Out of Scope Changes check	✅ Passed	All changes are directly scoped to fixing issue #2267: core logic fix in onboard.ts, test updates validating the fix, test timeout adjustments for gateway probing reliability, and documentation updates reflecting the new port-derivation behavior.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch fix/dashboard-port-from-chat-ui-url-2267

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

🧹 Nitpick comments (1)

test/cli.test.ts (1)

86-125: Align inner command timeout with the new 35s test timeout.

Only the Vitest timeout was increased; runWithEnv("start", ...) still defaults to 10s and can fail early.

Suggested patch

-    const r = runWithEnv("start", {
+    const r = runWithEnv("start", {
       HOME: home,
       PATH: `${localBin}:${process.env.PATH || ""}`,
       NVIDIA_API_KEY: "",
       TELEGRAM_BOT_TOKEN: "",
-    });
+    }, 30000);

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@test/cli.test.ts` around lines 86 - 125, The test increases Vitest's timeout
to 35000ms but the helper runWithEnv("start", ...) still uses its 10s default;
update the call site in the test (runWithEnv) to pass a matching timeout (e.g.,
runWithEnv("start", { ... }, { timeout: 35000 }) or change runWithEnv's default
timeout to 35000) so the inner command timeout aligns with the top-level test
timeout and prevents premature failures.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In `@test/cli.test.ts`:
- Around line 86-125: The test increases Vitest's timeout to 35000ms but the
helper runWithEnv("start", ...) still uses its 10s default; update the call site
in the test (runWithEnv) to pass a matching timeout (e.g., runWithEnv("start", {
... }, { timeout: 35000 }) or change runWithEnv's default timeout to 35000) so
the inner command timeout aligns with the top-level test timeout and prevents
premature failures.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: c4442781-8c51-4af5-b19d-46a0c5644345

📥 Commits

Reviewing files that changed from the base of the PR and between de97a00 and 0ab8171.

📒 Files selected for processing (3)

• src/lib/onboard.ts
• test/cli.test.ts
• test/onboard.test.ts

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (1)

docs/reference/troubleshooting.md (1)

604-609: Use one sentence per line in source for the new custom-port section.

Line 604-609 and Line 611-612 wrap single sentences across multiple lines. Please keep each sentence on a single line to match docs style.

As per coding guidelines: “One sentence per line in source (makes diffs readable).”

Also applies to: 611-612

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@docs/reference/troubleshooting.md` around lines 604 - 609, The paragraph
starting with "If you ran `nemoclaw onboard` with a custom dashboard port..."
and the subsequent sentence(s) in the new custom-port section are wrapped across
multiple source lines; split each sentence into its own physical line so each
sentence is a single line in the source (e.g., ensure the sentence about the
sandbox being created with an older NemoClaw version, the gateway listening on
default port 18789, and the SSH tunnel forwarding the custom port are each
placed on separate lines), and do the same for the sentences currently spanning
lines 611-612 so every sentence in that section occupies one line in the file.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@docs/get-started/quickstart.md`:
- Around line 303-306: Replace the bash code fences and bare CLI lines with
console fences and $ prompts: change the ```bash (or ```shell) fences around the
nemoclaw onboarding examples to ```console and prepend each command line (e.g.,
"nemoclaw onboard", "CHAT_UI_URL=http://127.0.0.1:19000 nemoclaw onboard", and
"NEMOCLAW_DASHBOARD_PORT=19000 nemoclaw onboard") with "$ " so the examples
follow the docs standard; apply the same replacement to the other affected block
at the noted nearby lines.

In `@test/onboard.test.ts`:
- Around line 2833-2835: Remove the unnecessary ESLint suppression comment above
the environment destructuring; specifically delete the line "//
eslint-disable-next-line `@typescript-eslint/no-unused-vars`" that precedes the
destructuring of process.env into _stripped, _stripped2, and inheritedEnv. The
variables _stripped and _stripped2 are already prefixed with underscores to
indicate intentional unused status, so just remove the suppression comment in
the test file where the destructuring occurs to rely on existing project lint
rules.

---

Nitpick comments:
In `@docs/reference/troubleshooting.md`:
- Around line 604-609: The paragraph starting with "If you ran `nemoclaw
onboard` with a custom dashboard port..." and the subsequent sentence(s) in the
new custom-port section are wrapped across multiple source lines; split each
sentence into its own physical line so each sentence is a single line in the
source (e.g., ensure the sentence about the sandbox being created with an older
NemoClaw version, the gateway listening on default port 18789, and the SSH
tunnel forwarding the custom port are each placed on separate lines), and do the
same for the sentences currently spanning lines 611-612 so every sentence in
that section occupies one line in the file.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: abebb5b0-5d61-4019-a91c-f4f6ac96a558

📥 Commits

Reviewing files that changed from the base of the PR and between a562022 and be93634.

📒 Files selected for processing (7)

• .agents/skills/nemoclaw-user-get-started/SKILL.md
• .agents/skills/nemoclaw-user-reference/references/commands.md
• .agents/skills/nemoclaw-user-reference/references/troubleshooting.md
• docs/get-started/quickstart.md
• docs/reference/commands.md
• docs/reference/troubleshooting.md
• test/onboard.test.ts

✅ Files skipped from review due to trivial changes (2)

• .agents/skills/nemoclaw-user-reference/references/commands.md
• .agents/skills/nemoclaw-user-get-started/SKILL.md

[coderabbitai]

Actionable comments posted: 2

♻️ Duplicate comments (1)

test/onboard.test.ts (1)

2754-2756: ⚠️ Potential issue | 🟡 Minor

Remove the unsupported ESLint suppression on Line [2754].

_stripped and _stripped2 are already intentionally-unused variables (underscore-prefixed), so this suppression is unnecessary and currently invalid.

#!/bin/bash
set -euo pipefail

# Confirm the unsupported suppression is present in the changed test.
rg -n '@typescript-eslint/no-unused-vars' test/onboard.test.ts

# Inspect ESLint config files for registered rules/plugins.
fd -i 'eslint.config.*' --exec rg -n 'typescript-eslint|no-unused-vars' {}

Proposed fix

-    // eslint-disable-next-line `@typescript-eslint/no-unused-vars`
     const { CHAT_UI_URL: _stripped, NEMOCLAW_DASHBOARD_PORT: _stripped2, ...inheritedEnv } =
       process.env;

As per coding guidelines, **/*.{js,ts,tsx}: Unused variables must be prefixed with _ in JavaScript and TypeScript files.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@test/onboard.test.ts` around lines 2754 - 2756, Remove the unsupported ESLint
suppression and rely on the intentional underscore-prefixed unused variables:
delete the "// eslint-disable-next-line `@typescript-eslint/no-unused-vars`"
before the destructuring that declares _stripped, _stripped2, and inheritedEnv
so the line "const { CHAT_UI_URL: _stripped, NEMOCLAW_DASHBOARD_PORT:
_stripped2, ...inheritedEnv } = process.env;" remains and satisfies the
project's rule that unused vars be prefixed with an underscore.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@src/lib/onboard.ts`:
- Around line 4068-4074: The readiness probe is still using the old port
variable (effectivePort) instead of the computed effective dashboard port;
update the readiness probe curl/check to use the effectiveDashboardPort value
produced by getDashboardForwardPort and assigned to NEMOCLAW_DASHBOARD_PORT (see
effectiveDashboardPort, getDashboardForwardPort, formatEnvAssignment) so the
probe targets the same port forwarded into the container and avoids false
failures during startup.
- Around line 4073-4074: The call to getDashboardForwardPort(chatUiUrl) is
invalid because that function doesn't exist; either implement and export
getDashboardForwardPort in src/lib/dashboard-contract.ts or replace the call
with the existing port-resolution logic (e.g., use the resolvePort pattern used
in dashboard-contract) to derive effectiveDashboardPort from chatUiUrl before
passing it to formatEnvAssignment("NEMOCLAW_DASHBOARD_PORT",
effectiveDashboardPort); update the import/destructure near
buildChain/buildControlUiUrls if you add and export getDashboardForwardPort so
the symbol is available where effectiveDashboardPort is computed.

---

Duplicate comments:
In `@test/onboard.test.ts`:
- Around line 2754-2756: Remove the unsupported ESLint suppression and rely on
the intentional underscore-prefixed unused variables: delete the "//
eslint-disable-next-line `@typescript-eslint/no-unused-vars`" before the
destructuring that declares _stripped, _stripped2, and inheritedEnv so the line
"const { CHAT_UI_URL: _stripped, NEMOCLAW_DASHBOARD_PORT: _stripped2,
...inheritedEnv } = process.env;" remains and satisfies the project's rule that
unused vars be prefixed with an underscore.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: a2fe6219-4ec3-4617-9215-2d783495560d

📥 Commits

Reviewing files that changed from the base of the PR and between be93634 and e793dee.

📒 Files selected for processing (2)

• src/lib/onboard.ts
• test/onboard.test.ts

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.agents/skills/nemoclaw-user-get-started/SKILL.md:
- Around line 248-252: The docs example incorrectly implies
NEMOCLAW_DASHBOARD_PORT alone controls the dashboard port; update the source
docs in docs/ so the example reflects actual runtime behavior used by
createSandbox which derives the effective port from CHAT_UI_URL (see
createSandbox and CHAT_UI_URL usage in src/lib/onboard.ts), either by showing
the compatible command using CHAT_UI_URL (e.g.
CHAT_UI_URL=http://localhost:19000 ...) or by clarifying the semantic that
NEMOCLAW_DASHBOARD_PORT only applies when CHAT_UI_URL is not set; after editing
the canonical docs regenerate the .agents/skills/nemoclaw-user-*/.md files so
the SKILL.md is updated.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: 0245bc63-25a2-4451-92bd-27693cab1481

📥 Commits

Reviewing files that changed from the base of the PR and between e793dee and 6f7f8a4.

📒 Files selected for processing (5)

• .agents/skills/nemoclaw-user-get-started/SKILL.md
• docs/get-started/quickstart.md
• src/lib/dashboard-contract.ts
• src/lib/onboard.ts
• test/onboard.test.ts

🚧 Files skipped from review as they are similar to previous changes (2)

• docs/get-started/quickstart.md
• test/onboard.test.ts

[ericksoa]

The fix logic is correct and the test coverage is good, but CI is failing with a build error that needs to be resolved before this can merge.

Blocking: TypeScript build failure

src/lib/onboard.ts(6717,41): error TS2300: Duplicate identifier 'getDashboardForwardPort'.
src/lib/onboard.ts(6911,10): error TS2300: Duplicate identifier 'getDashboardForwardPort'.

The branch imports getDashboardForwardPort from dashboard-contract.ts at line 6717:

const { buildChain, buildControlUiUrls, getDashboardForwardPort } = dashboardContract;

But getDashboardForwardPort also exists as a local function or is re-exported at line 6911 in module.exports. This is likely a stale-branch issue — PR #2398 deleted the old local getDashboardForwardPort from onboard.ts and this branch was based on a version of main that still had it. A rebase onto current main should fix this.

checks, macos-e2e, and wsl-e2e all fail for the same root cause.

Code review (assuming the build issue is fixed)

The core fix is sound:

• getDashboardForwardPort(chatUiUrl) in dashboard-contract.ts — thin wrapper over buildChain().port. Clean, reuses existing logic.
• createSandbox — changed from conditional injection (if (process.env.NEMOCLAW_DASHBOARD_PORT)) to unconditional derivation from chatUiUrl. This is the right fix for #2267.
• Readiness probe — now uses effectiveDashboardPort instead of effectivePort, matching the port the gateway actually listens on.
• Test — the #2267 regression test is thorough: spawns a child process with CHAT_UI_URL=http://127.0.0.1:18790 but no NEMOCLAW_DASHBOARD_PORT, then asserts the sandbox create command includes NEMOCLAW_DASHBOARD_PORT=18790.

Docs updates are correct — CHAT_UI_URL is now the recommended way to set custom ports, with NEMOCLAW_DASHBOARD_PORT as a fallback.

Minor (non-blocking)

1. Unnecessary eslint-disable in test/onboard.test.ts:2754 — the _stripped/_stripped2 underscore prefix already satisfies the unused-var rule. Remove the // eslint-disable-next-line comment.

2. CodeRabbit noted the inner command timeout in the #2164 test wasn't increased to match the new 35s vitest timeout — the runWithEnv default is 10s and could still time out before the outer test does. Looks like the second iteration did pass 30000 to runWithEnv, so verify that's in the final commit.

Please rebase and re-push — happy to approve once CI is green.

[prekshivyas]

@ericksoa Thanks for the thorough review. All three points addressed:

• Blocking (TS duplicate identifier): Fixed in 348a2856. You had the diagnosis exactly right — the automated main-merge pulled in PR refactor(cli): extract dashboard delivery chain into contract/health/recover modules #2398's local function getDashboardForwardPort at onboard.ts:6911, which conflicted with both my destructure from dashboardContract at line 6717 and the helper wrapper I'd added to dashboard-contract.ts. Removed both of my additions; the in-file function is the single source of truth now.

• Minor 1 (stale eslint-disable): Already removed in the first commit 6f7f8a4. The _stripped / _stripped2 prefix is doing the work.

• Minor 2 (runWithEnv 30000 timeout on [Jetson][CLI] nemoclaw shows "Unknown command" instead of "sandbox not found" when referencing destroyed sandbox #2164 test): Verified present at test/cli.test.ts:121 — runWithEnv("boguscmd", {}, 30000) is inside the { timeout: 35000 } outer test, so the inner command has 5s of headroom before the vitest timeout fires. This came in via the main-merge commit e793dee.

Tests pass locally: npx vitest run test/onboard.test.ts → 135/135. Build clean. Waiting on CI.

Signed-off-by: Prekshi Vyas prekshiv@nvidia.com

Build issue resolved after merge from main.

[ericksoa]

Build issue resolved after merge from main. The duplicate getDashboardForwardPort identifier is gone — dashboard-contract.ts already has the function on main now, and the old local definition in onboard.ts was removed by #2398.

All checks green except wsl-e2e still pending. Core fix and test unchanged from prior review — logic is correct. The additional timeout bump in install-preflight.test.ts is fine.

Previous review notes still apply as minor non-blocking items (unnecessary eslint-disable in test, inner command timeout alignment).