fix(e2e): unset OPENCLAW_GATEWAY_PORT and TOKEN in devices approve guard

[hunglp6d]

Summary

[Agent-generated issue]

The issue-4462-scope-upgrade-approval-e2e / run job in nightly run #26698759656 failed because the openclaw devices approve guard function in the sandbox proxy env only unset OPENCLAW_GATEWAY_URL, leaving OPENCLAW_GATEWAY_PORT and OPENCLAW_GATEWAY_TOKEN in the environment. The OpenClaw CLI falls back to the port-based gateway URL, causing the approval to route through the gateway and fail with GatewayClientRequestError: scope upgrade pending approval.

Changes

• scripts/nemoclaw-start.sh: Unset all three gateway env vars (OPENCLAW_GATEWAY_URL, OPENCLAW_GATEWAY_PORT, OPENCLAW_GATEWAY_TOKEN) in the devices approve guard subshell.
• test/nemoclaw-start.test.ts: Update the fake openclaw stub to log PORT and TOKEN alongside URL; add OPENCLAW_GATEWAY_PORT and OPENCLAW_GATEWAY_TOKEN to the test env; update assertions to verify all three are unset for devices approve while remaining set for other commands.

Root Cause

The #4462 guard (line 1872 of nemoclaw-start.sh) runs openclaw devices approve in a subshell that unsets only OPENCLAW_GATEWAY_URL. The sandbox proxy env also exports OPENCLAW_GATEWAY_PORT (line 264) and OPENCLAW_GATEWAY_TOKEN (line 1351). When the OpenClaw CLI resolves the gateway URL, it can fall back to OPENCLAW_GATEWAY_PORT, reconnecting to the gateway and hitting the scope-upgrade Catch-22: the approve command itself requires the upgraded scope.

Validation

The GITHUB_TOKEN used by this CI run does not include the workflow scope, so the -custom-e2e validation branch could not be pushed. To validate manually:

gh workflow run nightly-e2e.yaml --repo NVIDIA/NemoClaw \
  --ref fix/nightly-e2e-gateway-env-approve-guard-a25b393 \
  -f jobs=issue-4462-scope-upgrade-approval-e2e

• Original failing run: #26698759656 on a25b3931

Signed-off-by: Hung Le hple@nvidia.com

Summary by CodeRabbit

• Bug Fixes

  • Ensure the devices approval flow fully clears gateway URL, port, and token in both the auto-pair watcher and the interactive shell wrapper before delegating to the real command.

• Tests

  • Tightened and expanded end-to-end and unit tests to assert gateway URL/port/token are present for listing/agent calls but are unset during approval, and to validate the approval subprocess observes the expected unset state.

[copy-pr-bot]

Auto-sync is disabled for draft pull requests in this repository. Workflows must be run manually.

Contributors can view more details about this message here.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: 83de7770-3744-4535-aa86-0077dd03da50

📥 Commits

Reviewing files that changed from the base of the PR and between e749d4d and f47c0c4.

📒 Files selected for processing (2)

• scripts/nemoclaw-start.sh
• test/e2e/test-issue-4462-scope-upgrade-approval.sh

🚧 Files skipped from review as they are similar to previous changes (1)

• scripts/nemoclaw-start.sh

---

📝 Walkthrough

Walkthrough

The PR broadens the devices approve execution path to unset OPENCLAW_GATEWAY_URL, OPENCLAW_GATEWAY_PORT, and OPENCLAW_GATEWAY_TOKEN. The auto-pair watcher helper and sandbox openclaw wrapper now remove the three env vars for approve; unit, auto-pair, and e2e tests are updated to seed, log, and assert the triple unset behavior.

Changes

Expand gateway credential clearing for devices approve

Layer / File(s)	Summary
Auto-pair watcher helper and call site scripts/nemoclaw-start.sh	Rename watcher helper flag to strip_gateway_env and make it remove OPENCLAW_GATEWAY_URL, OPENCLAW_GATEWAY_PORT, and OPENCLAW_GATEWAY_TOKEN; update the approve invocation to pass strip_gateway_env=True.
Interactive sandbox runtime wrapper scripts/nemoclaw-start.sh	Interactive openclaw() wrapper devices approve branch now unsets URL/PORT/TOKEN before delegating to the real openclaw binary.
Unit and auto-pair tests test/nemoclaw-start.test.ts	Tests seed OPENCLAW_GATEWAY_PORT and OPENCLAW_GATEWAY_TOKEN, extend fake openclaw logging to record URL/PORT/TOKEN, tighten assertions, and expect devices approve to run with URL/PORT/TOKEN unset.
E2E proxy-env guard and approve_request harness test/e2e/test-issue-4462-scope-upgrade-approval.sh	approve_request wrapper probes/logs gateway URL/PORT/TOKEN before and after approval, validates pre-approve exposure of all three, ensures no caller-shell mutation, and Phase 2 guard probe requires the three-vars unset sequence before command openclaw.

Sequence Diagram(s)

sequenceDiagram
  participant UserShell
  participant NemoclawWatcher
  participant Helper_run
  participant SandboxOpenClaw
  participant OpenClawBinary
  UserShell->>NemoclawWatcher: trigger auto-pair approve
  NemoclawWatcher->>Helper_run: run(strip_gateway_env=True)
  Helper_run->>SandboxOpenClaw: unset OPENCLAW_GATEWAY_URL/PORT/TOKEN
  SandboxOpenClaw->>OpenClawBinary: exec "openclaw devices approve"
  OpenClawBinary-->>SandboxOpenClaw: approval result
  SandboxOpenClaw-->>UserShell: return result (caller env unchanged)

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related issues

• nightly-e2e: devices approve guard leaks OPENCLAW_GATEWAY_PORT/TOKEN #4575: Modifies the same devices approve guard behavior to unset OPENCLAW_GATEWAY_PORT and OPENCLAW_GATEWAY_TOKEN alongside OPENCLAW_GATEWAY_URL; tests and wrappers updated accordingly.

Poem

🐰 Three secrets tucked away with care,
URL, port, and token vanish there,
The sandbox hops, the watcher sighs,
Approve runs clean beneath safe skies,
Little rabbit claps its paws in the air.

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly and concisely summarizes the main change: fixing the devices approve guard to unset OPENCLAW_GATEWAY_PORT and TOKEN in addition to OPENCLAW_GATEWAY_URL.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch fix/nightly-e2e-gateway-env-approve-guard-a25b393

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

PR Review Advisor

Findings: 0 needs attention, 0 worth checking, 0 nice ideas
Since last review: 3 prior items resolved, 0 still apply, 0 new items found

Workflow run details

This is an automated advisory review. A human maintainer must make the final merge decision.

[github-actions]

E2E Advisor Recommendation

Required E2E: issue-4462-scope-upgrade-approval-e2e
Optional E2E: issue-4462-gateway-pinned-approval-characterization-e2e, device-auth-health-e2e

Dispatch hint: issue-4462-scope-upgrade-approval-e2e

Auto-dispatched E2E: issue-4462-scope-upgrade-approval-e2e via nightly-e2e.yaml at f47c0c466c14f3bb51b547833571d0fcd9543096 — nightly run

Workflow run

Full advisor summary

E2E Recommendation Advisor

Base: origin/main
Head: HEAD
Confidence: high

Required E2E

• issue-4462-scope-upgrade-approval-e2e (high (~60 min, real sandbox, NVIDIA_API_KEY)): Required because this PR changes the exact OpenClaw CLI scope-upgrade approval deadlocks and forces openclaw agent into embedded fallback #4462 real-sandbox path: low-scope CLI pairing, later openclaw agent scope-upgrade approval, the in-sandbox devices approve guard, and gateway URL/port/token environment stripping. This existing job is the targeted positive proof that approval succeeds and the final agent run stays on the gateway path.

Optional E2E

• issue-4462-gateway-pinned-approval-characterization-e2e (high (~60 min, real sandbox, NVIDIA_API_KEY)): Useful non-blocking diagnostic companion because the PR changes the workaround for gateway-pinned approval. This job characterizes the legacy gateway-pinned failure mode and verifies recovery through the fixed guard, but the workflow comments mark it as diagnostic rather than the fix gate.
• device-auth-health-e2e (medium-high (~30 min, real sandbox, NVIDIA_API_KEY)): Optional adjacent confidence for gateway/device-auth behavior because the PR changes gateway token and port environment handling inside the sandbox. It does not specifically exercise scope-upgrade approval, so it should not block merge if the targeted OpenClaw CLI scope-upgrade approval deadlocks and forces openclaw agent into embedded fallback #4462 E2E passes.

New E2E recommendations

• Auto-pair watcher approval environment (medium): The updated OpenClaw CLI scope-upgrade approval deadlocks and forces openclaw agent into embedded fallback #4462 E2E deterministically verifies the interactive shell devices approve guard strips URL/port/token, while auto-pair stripping is primarily covered by unit tests and may be non-deterministic in the current real-sandbox approval job if the watcher approves before inspection. A dedicated E2E mode or probe for the auto-pair watcher would close that gap.
  • Suggested test: Add a deterministic real-sandbox auto-pair approval probe that records the environment seen by the watcher’s openclaw devices approve subprocess and asserts OPENCLAW_GATEWAY_URL, OPENCLAW_GATEWAY_PORT, and OPENCLAW_GATEWAY_TOKEN are unset while devices list remains gateway-pinned.

Dispatch hint

• Workflow: .github/workflows/nightly-e2e.yaml
• jobs input: issue-4462-scope-upgrade-approval-e2e

[github-actions]

E2E Scenario Advisor Recommendation

Required scenario E2E: ubuntu-repo-cloud-openclaw
Optional scenario E2E: wsl-repo-cloud-openclaw, gpu-repo-local-ollama-openclaw

Dispatch required scenario E2E:

• gh workflow run e2e-scenarios.yaml --ref <pr-head-ref> --field scenarios=ubuntu-repo-cloud-openclaw

Workflow run

Full scenario advisor summary

E2E Scenario Advisor

Base: origin/main
Head: HEAD
Confidence: high

Required scenario E2E

• ubuntu-repo-cloud-openclaw: scripts/nemoclaw-start.sh changes the OpenClaw sandbox startup/runtime proxy environment and auto-pair approval behavior. The Ubuntu repo cloud OpenClaw scenario is the primary standard-runner path that installs the current branch, launches the Docker sandbox, starts the gateway/OpenClaw environment, and exercises the affected smoke/onboarding surface.
  • Dispatch: gh workflow run e2e-scenarios.yaml --ref <pr-head-ref> --field scenarios=ubuntu-repo-cloud-openclaw

Optional scenario E2E

• wsl-repo-cloud-openclaw: Optional adjacent platform coverage for the same repo-current cloud OpenClaw onboarding/startup surface under WSL. This uses a special Windows/WSL runner, so keep it optional unless WSL-specific startup behavior is suspected.
  • Dispatch: gh workflow run e2e-scenarios.yaml --ref <pr-head-ref> --field scenarios=wsl-repo-cloud-openclaw
• gpu-repo-local-ollama-openclaw: Optional adjacent OpenClaw sandbox startup coverage for the local Ollama/GPU onboarding path. It may exercise the same start script and gateway environment handling with a different provider/runtime, but it requires a special GPU runner.
  • Dispatch: gh workflow run e2e-scenarios.yaml --ref <pr-head-ref> --field scenarios=gpu-repo-local-ollama-openclaw

Relevant changed files

• scripts/nemoclaw-start.sh

[github-actions]

Selective E2E Results — ❌ Some jobs failed

Run: 26731727341
Target ref: 738eb6f7c
Workflow ref: main
Requested jobs: issue-4462-scope-upgrade-approval-e2e
Summary: 0 passed, 1 failed, 0 skipped

Job	Result
issue-4462-scope-upgrade-approval-e2e	❌ failure

Failed jobs: issue-4462-scope-upgrade-approval-e2e. Check run artifacts for logs.

[github-actions]

Selective E2E Results — ❌ Some jobs failed

Run: 26731778496
Target ref: 738eb6f7c491a43dd3594b21ee798f04aa839adc
Workflow ref: main
Requested jobs: issue-4462-scope-upgrade-approval-e2e
Summary: 0 passed, 1 failed, 0 skipped

Job	Result
issue-4462-scope-upgrade-approval-e2e	❌ failure

Failed jobs: issue-4462-scope-upgrade-approval-e2e. Check run artifacts for logs.

[github-actions]

Selective E2E Results — ✅ All requested jobs passed

Run: 26732000225
Target ref: f64533e9fd2eb691224033e17d8190ebf94e2c67
Workflow ref: main
Requested jobs: issue-4462-scope-upgrade-approval-e2e
Summary: 1 passed, 0 failed, 0 skipped

Job	Result
issue-4462-scope-upgrade-approval-e2e	✅ success

[coderabbitai]

Actionable comments posted: 1

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

test/e2e/test-issue-4462-scope-upgrade-approval.sh (1)

387-394: 🛠️ Refactor suggestion | 🟠 Major | ⚡ Quick win

Expand caller environment verification to include PORT and TOKEN.

The approve_request function verifies that OPENCLAW_GATEWAY_URL is preserved in the caller's shell before and after running openclaw devices approve (lines 387, 394, 418-427). However, since Line 745 now verifies that the guard unsets all three credentials (OPENCLAW_GATEWAY_URL, OPENCLAW_GATEWAY_PORT, OPENCLAW_GATEWAY_TOKEN), this verification should be expanded to confirm that PORT and TOKEN are also preserved in the caller's environment.

Currently, if the guard incorrectly leaks PORT or TOKEN mutations back to the caller shell, this test won't catch it.

🔍 Suggested expansion

 output=$(sandbox_exec_sh_script 90 '
 set -u
 request_id="$1"
 if [ ! -r /tmp/nemoclaw-proxy-env.sh ]; then
   echo "missing /tmp/nemoclaw-proxy-env.sh" >&2
   exit 2
 fi
 # shellcheck source=/dev/null
 . /tmp/nemoclaw-proxy-env.sh
 printf "__URL_BEFORE__=%s\n" "${OPENCLAW_GATEWAY_URL-unset}"
+printf "__PORT_BEFORE__=%s\n" "${OPENCLAW_GATEWAY_PORT-unset}"
+printf "__TOKEN_BEFORE__=%s\n" "${OPENCLAW_GATEWAY_TOKEN-unset}"
 set +e
 approve_output="$(openclaw devices approve "$request_id" --json 2>&1)"
 approve_rc=$?
 set -e
 printf "__APPROVE_RC__=%s\n" "$approve_rc"
 printf "__APPROVE_OUTPUT_BEGIN__\n%s\n__APPROVE_OUTPUT_END__\n" "$approve_output"
 printf "__URL_AFTER__=%s\n" "${OPENCLAW_GATEWAY_URL-unset}"
+printf "__PORT_AFTER__=%s\n" "${OPENCLAW_GATEWAY_PORT-unset}"
+printf "__TOKEN_AFTER__=%s\n" "${OPENCLAW_GATEWAY_TOKEN-unset}"
 exit "$approve_rc"

Then add corresponding extraction and verification logic similar to lines 418-427 for PORT and TOKEN.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@test/e2e/test-issue-4462-scope-upgrade-approval.sh` around lines 387 - 394,
The test's approve_request check only captures OPENCLAW_GATEWAY_URL before/after
the approve command; extend this to also capture OPENCLAW_GATEWAY_PORT and
OPENCLAW_GATEWAY_TOKEN by printing their values before running approve (similar
to the existing printf "__URL_BEFORE__=...") and after (similar to
"__URL_AFTER__=..."), and then add extraction and assertions (following the
pattern used in the block around lines 418-427) to ensure OPENCLAW_GATEWAY_PORT
and OPENCLAW_GATEWAY_TOKEN are unchanged in the caller shell after running
openclaw devices approve; update variable names (e.g., PORT_BEFORE/PORT_AFTER,
TOKEN_BEFORE/TOKEN_AFTER) and comparison logic in the approve_request function
accordingly.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@scripts/nemoclaw-start.sh`:
- Line 1872: The auto-pair approval path still only unsets OPENCLAW_GATEWAY_URL,
allowing approvals to use the gateway via OPENCLAW_GATEWAY_PORT or
OPENCLAW_GATEWAY_TOKEN; update the auto-pair "devices approve" invocation to
mirror the shell guard by unsetting all three environment variables
(OPENCLAW_GATEWAY_URL, OPENCLAW_GATEWAY_PORT, OPENCLAW_GATEWAY_TOKEN) before
running the approval command so approvals cannot route via the gateway.

---

Outside diff comments:
In `@test/e2e/test-issue-4462-scope-upgrade-approval.sh`:
- Around line 387-394: The test's approve_request check only captures
OPENCLAW_GATEWAY_URL before/after the approve command; extend this to also
capture OPENCLAW_GATEWAY_PORT and OPENCLAW_GATEWAY_TOKEN by printing their
values before running approve (similar to the existing printf
"__URL_BEFORE__=...") and after (similar to "__URL_AFTER__=..."), and then add
extraction and assertions (following the pattern used in the block around lines
418-427) to ensure OPENCLAW_GATEWAY_PORT and OPENCLAW_GATEWAY_TOKEN are
unchanged in the caller shell after running openclaw devices approve; update
variable names (e.g., PORT_BEFORE/PORT_AFTER, TOKEN_BEFORE/TOKEN_AFTER) and
comparison logic in the approve_request function accordingly.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: 1a8264ae-fe62-4ecd-87c9-fc8c05a22ce7

📥 Commits

Reviewing files that changed from the base of the PR and between a25b393 and f64533e.

📒 Files selected for processing (3)

• scripts/nemoclaw-start.sh
• test/e2e/test-issue-4462-scope-upgrade-approval.sh
• test/nemoclaw-start.test.ts

[github-actions]

Selective E2E Results — ✅ All requested jobs passed

Run: 26733382614
Target ref: f64533e9fd2eb691224033e17d8190ebf94e2c67
Workflow ref: main
Requested jobs: issue-4462-scope-upgrade-approval-e2e
Summary: 1 passed, 0 failed, 0 skipped

Job	Result
issue-4462-scope-upgrade-approval-e2e	✅ success

[coderabbitai]

🧹 Nitpick comments (1)

scripts/nemoclaw-start.sh (1)

1539-1543: Run the sandbox E2E matrix for this entrypoint-path change.

Please run:
gh workflow run nightly-e2e.yaml --ref <branch> -f jobs=sandbox-survival-e2e,sandbox-operations-e2e,cloud-e2e,openclaw-slack-pairing-e2e

As per coding guidelines: scripts/nemoclaw-start.sh is a sandbox entrypoint script whose changes affect boot behavior and are invisible to unit tests, with the listed E2E recommendations.

Also applies to: 1606-1606

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@scripts/nemoclaw-start.sh` around lines 1539 - 1543, The sandbox entrypoint
change in scripts/nemoclaw-start.sh (affecting the run function signature
run(*args, strip_gateway_env=False)) requires running the nightly E2E matrix to
validate boot behavior; trigger the GitHub Actions workflow by running gh
workflow run nightly-e2e.yaml --ref <branch> -f
jobs=sandbox-survival-e2e,sandbox-operations-e2e,cloud-e2e,openclaw-slack-pairing-e2e
(use the branch containing your changes) and verify the listed sandbox E2E jobs
pass to ensure the entrypoint change doesn't break runtime boot behavior.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Nitpick comments:
In `@scripts/nemoclaw-start.sh`:
- Around line 1539-1543: The sandbox entrypoint change in
scripts/nemoclaw-start.sh (affecting the run function signature run(*args,
strip_gateway_env=False)) requires running the nightly E2E matrix to validate
boot behavior; trigger the GitHub Actions workflow by running gh workflow run
nightly-e2e.yaml --ref <branch> -f
jobs=sandbox-survival-e2e,sandbox-operations-e2e,cloud-e2e,openclaw-slack-pairing-e2e
(use the branch containing your changes) and verify the listed sandbox E2E jobs
pass to ensure the entrypoint change doesn't break runtime boot behavior.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: 1f115b16-6c31-4872-bb2e-f2914f31b611

📥 Commits

Reviewing files that changed from the base of the PR and between f64533e and e749d4d.

📒 Files selected for processing (2)

• scripts/nemoclaw-start.sh
• test/nemoclaw-start.test.ts

[github-actions]

Selective E2E Results — ✅ All requested jobs passed

Run: 26733688513
Target ref: e749d4d2296d7bdaadb4fc6e73938d816df6a7c0
Workflow ref: main
Requested jobs: issue-4462-scope-upgrade-approval-e2e
Summary: 1 passed, 0 failed, 0 skipped

Job	Result
issue-4462-scope-upgrade-approval-e2e	✅ success

[github-actions]

Selective E2E Results — ✅ All requested jobs passed

Run: 26733865080
Target ref: f47c0c466c14f3bb51b547833571d0fcd9543096
Workflow ref: main
Requested jobs: issue-4462-scope-upgrade-approval-e2e
Summary: 1 passed, 0 failed, 0 skipped

Job	Result
issue-4462-scope-upgrade-approval-e2e	✅ success

[ericksoa]

Approving after verifying current head f47c0c4: hosted checks green, required E2E and scenario proof green, and the CodeRabbit thread is resolved.