feat(cli): add sandbox sessions and agents subcommand groups#4615
Merged
Conversation
Signed-off-by: Tinson Lai <tinsonl@nvidia.com>
Signed-off-by: Tinson Lai <tinsonl@nvidia.com>
Signed-off-by: Tinson Lai <tinsonl@nvidia.com>
Signed-off-by: Tinson Lai <tinsonl@nvidia.com>
Signed-off-by: Tinson Lai <tinsonl@nvidia.com>
Signed-off-by: Tinson Lai <tinsonl@nvidia.com>
Signed-off-by: Tinson Lai <tinsonl@nvidia.com>
Signed-off-by: Tinson Lai <tinsonl@nvidia.com>
Signed-off-by: Tinson Lai <tinsonl@nvidia.com>
Signed-off-by: Tinson Lai <tinsonl@nvidia.com>
Contributor
|
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review info⚙️ Run configurationConfiguration used: Path: .coderabbit.yaml Review profile: CHILL Plan: Enterprise Run ID: 📒 Files selected for processing (9)
🚧 Files skipped from review as they are similar to previous changes (8)
📝 WalkthroughWalkthroughAdds sandboxed CLI commands and helpers for OpenClaw agents and sessions, gateway-RPC parsing/calls, session key validation, public-display layout, unit and E2E tests, documentation, and a nightly E2E workflow job. ChangesSessions and Agents CLI
Estimated code review effort🎯 3 (Moderate) | ⏱️ ~25 minutes Suggested labels
Suggested reviewers
Poem
🚥 Pre-merge checks | ✅ 4 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (4 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches📝 Generate docstrings
🧪 Generate unit tests (beta)
Comment |
Contributor
|
🌿 Preview your docs: https://nvidia-preview-pr-4615.docs.buildwithfern.com/nemoclaw |
Contributor
E2E Advisor RecommendationRequired E2E: Dispatch hint: Full advisor summaryE2E Recommendation AdvisorBase: Required E2E
Optional E2E
New E2E recommendations
Dispatch hint
|
Contributor
E2E Scenario Advisor RecommendationRequired scenario E2E: Dispatch required scenario E2E:
Full scenario advisor summaryE2E Scenario AdvisorBase: Required scenario E2E
Optional scenario E2E
Relevant changed files
|
Contributor
PR Review AdvisorFindings: 2 needs attention, 4 worth checking, 0 nice ideas Review findings🛠️ Needs attention
🔎 Worth checking
🌱 Nice ideas
Since last review detailsCurrent findings:
This is an automated advisory review. A human maintainer must make the final merge decision. |
Contributor
There was a problem hiding this comment.
Actionable comments posted: 1
Caution
Some comments are outside the diff and can’t be posted inline due to platform limitations.
⚠️ Outside diff range comments (1)
.github/workflows/nightly-e2e.yaml (1)
476-482:⚠️ Potential issue | 🟠 Major | ⚡ Quick winIncorrect comment block - describes the wrong job.
The comment block describes "Channels add/remove lifecycle E2E (
#3462Test 2)" and discusses Telegram network policy presets, but the job that follows issessions-agents-cli-e2e, which tests the sessions and agents CLI surface.This appears to be a copy-paste error from the
channels-add-remove-e2ejob definition.📝 Proposed fix
Replace the incorrect comment with:
- # ── Channels add/remove lifecycle E2E (`#3462` Test 2) ──────────────── - # Regression coverage for `#3437` (channels add must auto-apply the matching - # network policy preset so the bridge boots with egress to its upstream API) - # and `#3671` (channels remove must detach providers, un-apply the preset, - # and survive a follow-up rebuild without being silently re-added from - # shell env). Telegram-only — the other paste-token channels walk the same - # KNOWN_CHANNELS + preset lookup code path. + # ── Sessions and Agents CLI E2E (`#834`) ──────────────────────── + # Validates the host-side CLI surface for managing OpenClaw agents and + # conversation sessions within sandboxes. Covers sessions list/reset/delete + # via gateway RPC and agents add/delete passthrough commands. sessions-agents-cli-e2e:🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In @.github/workflows/nightly-e2e.yaml around lines 476 - 482, The comment above the sessions-agents-cli-e2e job is incorrect and describes the channels-add-remove-e2e test; replace that copy-pasted block with a short, accurate comment describing the sessions-agents-cli-e2e job purpose (sessions and agents CLI E2E), ensuring references to the job name sessions-agents-cli-e2e are preserved and removing any Telegram/network policy/preset mentions that belong to channels-add-remove-e2e.
🧹 Nitpick comments (1)
test/e2e/test-sessions-agents-cli.sh (1)
213-215: 💤 Low valueConsider breaking down the complex Python one-liner for better readability.
This three-line pipeline combines CLI invocation, JSON parsing, list comprehension, and string filtering in a single expression. If the session discovery fails, debugging will be challenging.
Consider refactoring to separate steps or adding intermediate variables for clarity.
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@test/e2e/test-sessions-agents-cli.sh` around lines 213 - 215, The current three-line pipeline that sets the variable key (running nemoclaw "$SANDBOX_NAME" sessions list --agent "$TEST_AGENT_ID" --json piped into a python3 -c one-liner) is hard to read and debug; refactor by splitting it into clear steps: capture the raw JSON output from the nemoclaw command into an intermediate variable (e.g., raw_sessions), then parse/filter that JSON in a separate, small python or jq step to extract the desired session key (assign result to key), and ensure you preserve the same fallback behavior (suppressing errors and defaulting to empty when not found); update references to the python3 -c snippet and the key variable so logs or set -x can show intermediate values for easier debugging.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@docs/reference/commands.mdx`:
- Around line 852-855: Replace the inline console code blocks that include
prompt markers with copyable shell code blocks: for each code block showing "$
nemoclaw my-assistant ..." (the console blocks containing the two example
commands and the other mentioned blocks), change the fenced block language from
"console" to "bash" (or "sh") and remove the leading "$ " prompt from each line
so the block contains just the commands (e.g., "nemoclaw my-assistant agents
add" and "nemoclaw my-assistant agents add work --model gpt-4o"). Apply the same
conversion to all other newly added command-only console blocks listed in the
comment.
---
Outside diff comments:
In @.github/workflows/nightly-e2e.yaml:
- Around line 476-482: The comment above the sessions-agents-cli-e2e job is
incorrect and describes the channels-add-remove-e2e test; replace that
copy-pasted block with a short, accurate comment describing the
sessions-agents-cli-e2e job purpose (sessions and agents CLI E2E), ensuring
references to the job name sessions-agents-cli-e2e are preserved and removing
any Telegram/network policy/preset mentions that belong to
channels-add-remove-e2e.
---
Nitpick comments:
In `@test/e2e/test-sessions-agents-cli.sh`:
- Around line 213-215: The current three-line pipeline that sets the variable
key (running nemoclaw "$SANDBOX_NAME" sessions list --agent "$TEST_AGENT_ID"
--json piped into a python3 -c one-liner) is hard to read and debug; refactor by
splitting it into clear steps: capture the raw JSON output from the nemoclaw
command into an intermediate variable (e.g., raw_sessions), then parse/filter
that JSON in a separate, small python or jq step to extract the desired session
key (assign result to key), and ensure you preserve the same fallback behavior
(suppressing errors and defaulting to empty when not found); update references
to the python3 -c snippet and the key variable so logs or set -x can show
intermediate values for easier debugging.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Enterprise
Run ID: a9b750aa-a851-44f2-8d15-292ac2889a65
📒 Files selected for processing (23)
.github/workflows/nightly-e2e.yamldocs/reference/commands.mdxsrc/commands/sandbox/agents/add.tssrc/commands/sandbox/agents/delete.tssrc/commands/sandbox/sessions.tssrc/commands/sandbox/sessions/delete.tssrc/commands/sandbox/sessions/list.tssrc/commands/sandbox/sessions/reset.tssrc/lib/actions/sandbox/agents/passthrough.tssrc/lib/actions/sandbox/sessions/delete.tssrc/lib/actions/sandbox/sessions/gateway-rpc-envelope.tssrc/lib/actions/sandbox/sessions/gateway-rpc.test.tssrc/lib/actions/sandbox/sessions/gateway-rpc.tssrc/lib/actions/sandbox/sessions/passthrough.tssrc/lib/actions/sandbox/sessions/paths.test.tssrc/lib/actions/sandbox/sessions/paths.tssrc/lib/actions/sandbox/sessions/reset.tssrc/lib/cli/command-registry.test.tssrc/lib/cli/public-display-agents.tssrc/lib/cli/public-display-defaults.tssrc/lib/cli/public-display-layout.tssrc/lib/cli/public-display-sessions.tstest/e2e/test-sessions-agents-cli.sh
Signed-off-by: Tinson Lai <tinsonl@nvidia.com>
Signed-off-by: Tinson Lai <tinsonl@nvidia.com>
Signed-off-by: Tinson Lai <tinsonl@nvidia.com>
Contributor
There was a problem hiding this comment.
Caution
Some comments are outside the diff and can’t be posted inline due to platform limitations.
⚠️ Outside diff range comments (1)
.github/workflows/nightly-e2e.yaml (1)
489-507:⚠️ Potential issue | 🟠 Major | ⚡ Quick winAdd missing
.coderabbit.yamlpath_instructionsforsessions-agents-cli-e2e
.coderabbit.yamlcurrently has nopath_instructions(and nosessions-agents-cli-e2ereference) coveringtest/e2e/test-sessions-agents-cli.shor the sessions/agents sandbox source paths for this job—so those changes won’t get routed to the intended E2E review. Add a matchingpath_instructionsentry for the job’s covered paths (including the script undertest/e2e/).🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In @.github/workflows/nightly-e2e.yaml around lines 489 - 507, Add a path_instructions entry in .coderabbit.yaml for the sessions-agents-cli-e2e job so changes to the test script and related sandbox sources trigger the E2E review: locate the job name sessions-agents-cli-e2e in the workflow and add a path_instructions block that includes the test script path test/e2e/test-sessions-agents-cli.sh plus relevant sessions/ and agents/ source paths (e.g., sessions/**, agents/** or other repo-specific dirs used by the sandbox) so those files are routed to this E2E review.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Outside diff comments:
In @.github/workflows/nightly-e2e.yaml:
- Around line 489-507: Add a path_instructions entry in .coderabbit.yaml for the
sessions-agents-cli-e2e job so changes to the test script and related sandbox
sources trigger the E2E review: locate the job name sessions-agents-cli-e2e in
the workflow and add a path_instructions block that includes the test script
path test/e2e/test-sessions-agents-cli.sh plus relevant sessions/ and agents/
source paths (e.g., sessions/**, agents/** or other repo-specific dirs used by
the sandbox) so those files are routed to this E2E review.
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Enterprise
Run ID: c455d86b-a503-4f47-8438-d413e37caf84
📒 Files selected for processing (4)
.github/workflows/nightly-e2e.yamlsrc/lib/actions/sandbox/sessions/gateway-rpc.test.tssrc/lib/actions/sandbox/sessions/reset.tstest/e2e/test-sessions-agents-cli.sh
🚧 Files skipped from review as they are similar to previous changes (3)
- src/lib/actions/sandbox/sessions/gateway-rpc.test.ts
- src/lib/actions/sandbox/sessions/reset.ts
- test/e2e/test-sessions-agents-cli.sh
Signed-off-by: Tinson Lai <tinsonl@nvidia.com>
…docs Signed-off-by: Tinson Lai <tinsonl@nvidia.com>
Contributor
Selective E2E Results — ❌ Some jobs failedRun: 26805558920
|
Signed-off-by: Tinson Lai <tinsonl@nvidia.com>
Contributor
Selective E2E Results — ❌ Some jobs failedRun: 26811158348
|
Signed-off-by: Tinson Lai <tinsonl@nvidia.com>
Contributor
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@test/e2e/test-sessions-agents-cli.sh`:
- Around line 275-290: The loop in test_sessions_reset_main enables errexit
unintentionally by using set +e ... set -e around the command substitution;
remove both set +e and set -e so capturing out="$(nemoclaw ...)" and
exit_code=$? works without changing global errexit state (alternatively
save/restore errexit, but simplest fix is to drop the toggles around the
nemoclaw call in the while loop).
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Enterprise
Run ID: b71e181a-b38b-4393-ab1d-016f798479c6
📒 Files selected for processing (1)
test/e2e/test-sessions-agents-cli.sh
Contributor
Selective E2E Results — ❌ Some jobs failedRun: 26812181955
|
Signed-off-by: Tinson Lai <tinsonl@nvidia.com>
Contributor
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@src/lib/actions/sandbox/sessions/gateway-rpc-envelope.ts`:
- Around line 85-107: The current logic only attempts one slice from the first
"{" to the last "}", which can merge multiple pretty-printed JSON blocks and
make JSON.parse fail; update the block extraction to enumerate all candidate
blocks instead: collect every index where lines[i].trim() === "{" and for each
start index, search forward for each subsequent index where lines[j].trim() ===
"}" and attempt JSON.parse(lines.slice(start, j+1).join("\n")), then pass the
parsed object to normalisePayload and return the first truthy
GatewayCallEnvelope<T> result; replace the single blockStart/blockEnd approach
(using variables trimmed, lines, normalisePayload, GatewayCallEnvelope) with
this exhaustive start/end pairing and early-return on the first valid parse.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Enterprise
Run ID: 9c71299a-d698-4f2d-b905-1be364ede15b
📒 Files selected for processing (3)
src/lib/actions/sandbox/sessions/gateway-rpc-envelope.tssrc/lib/actions/sandbox/sessions/gateway-rpc.test.tstest/e2e/test-sessions-agents-cli.sh
🚧 Files skipped from review as they are similar to previous changes (1)
- test/e2e/test-sessions-agents-cli.sh
Contributor
Selective E2E Results — ✅ All requested jobs passedRun: 26813211715
|
…yload Signed-off-by: Tinson Lai <tinsonl@nvidia.com>
Contributor
Selective E2E Results — ✅ All requested jobs passedRun: 26814058813
|
Contributor
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@src/lib/actions/sandbox/sessions/delete.test.ts`:
- Around line 113-117: The test title misstates the
payload—gatewayMock.mockReturnValue returns { ok: true, removedTranscript: true
} which triggers the typeof payload.key !== "string" branch, not the ok !== true
branch; update the it(...) description string in this test (the "rejects an
unexpected payload..." test) to accurately reflect the case (e.g., "rejects an
unexpected payload (missing key) and exits non-zero" or "rejects when
payload.key is missing/not a string") so the test name matches the payload used
by gatewayMock.mockReturnValue.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Enterprise
Run ID: 9c3ab3cd-1d9c-4518-bf94-93708ea5eb1b
📒 Files selected for processing (8)
src/lib/actions/sandbox/sessions/delete.test.tssrc/lib/actions/sandbox/sessions/delete.tssrc/lib/actions/sandbox/sessions/gateway-rpc-envelope.tssrc/lib/actions/sandbox/sessions/gateway-rpc.test.tssrc/lib/actions/sandbox/sessions/gateway-rpc.tssrc/lib/actions/sandbox/sessions/reset.test.tssrc/lib/actions/sandbox/sessions/reset.tstest/e2e/test-sessions-agents-cli.sh
🚧 Files skipped from review as they are similar to previous changes (2)
- src/lib/actions/sandbox/sessions/reset.test.ts
- test/e2e/test-sessions-agents-cli.sh
Signed-off-by: Tinson Lai <tinsonl@nvidia.com>
prekshivyas
approved these changes
Jun 2, 2026
prekshivyas
left a comment
Contributor
There was a problem hiding this comment.
APPROVE. Reviewed the full command/action/test surface.
Security: clean. execSandbox is spawnSync(binary, argv[]) with no shell, so passthrough args can't inject; reset/delete additionally validate keys against shell metacharacters and guard the agent: canonical prefix (paths.ts:1375-1426). Output exposes only gateway session keys/entries — no secrets. Authz is delegated to the in-sandbox gateway; the host never touches sessions.json, and enumeration is scoped per-agent.
Tests/docs: per-subcommand unit coverage is solid (happy path, --agent mismatch refusal, gateway error + unexpected-payload, --json, --keep-transcript, alias→canonical) with mocks only at the gateway/sandbox boundary; the e2e asserts real post-conditions (key/agent actually gone), not just exit codes. All six commands are documented in commands.mdx with flag tables; SPDX headers present. CI green on 2de6506, all 4 CodeRabbit threads resolved. Closes #834 (and exceeds it — reset + delete/list + agents group).
Non-blocking nits: (1) --verbose only gates entry output in non-JSON mode; in --json mode entry is always emitted (delete.ts:962, reset.ts:1736) — harmless inconsistency; (2) runAgentsPassthrough/runSessionsPassthrough argv builders have no dedicated unit test — covered transitively by e2e + translation tests, but a small direct argv assertion would close the loop.
Signed-off-by: Prekshi Vyas prekshiv@nvidia.com
cv
pushed a commit
that referenced
this pull request
Jun 3, 2026
## Summary - Add the missing `v0.0.57` release-notes section with links to the detailed docs pages for command, inference, onboarding, messaging, status, installer, and policy changes. - Remove public references to docs-skip terms from source docs and regenerate the NemoClaw user skills from the current Fern MDX docs. - Carry forward generated references for the per-agent documentation split, including Hermes-specific reference files. ## Source summary - #4615 and #4653 -> `docs/about/release-notes.mdx`, `docs/reference/commands.mdx`: Release notes now cover host-side `sessions` and `agents` commands plus `NEMOCLAW_EXTRA_AGENTS_JSON` secondary-agent baking. - #4163, #4204, #4611, #4619, and #4676 -> `docs/about/release-notes.mdx`, `docs/inference/use-local-inference.mdx`: Release notes now cover managed vLLM progress/readiness, DGX Spark model default changes, local Ollama streaming usage, and inference route divergence warnings. - #4267, #4601, #4609, #4642, #4645, and #4661 -> `docs/about/release-notes.mdx`, `docs/reference/commands.mdx`: Release notes now cover UFW auto-remediation, local-inference reachability gates, gateway reuse/binding, cancel rollback, and policy selection persistence. - #4577, #4582, #4607, and #4660 -> `docs/about/release-notes.mdx`, `docs/manage-sandboxes/messaging-channels.mdx`: Release notes now cover Slack validation, atomic `channels add`, WhatsApp QR diagnostics, and Slack placeholder normalization. - #4388, #4600, #4646, and #4647 -> `docs/about/release-notes.mdx`, `docs/reference/commands.mdx`: Release notes now cover status failure layers, paused-container hints, Docker-driver doctor behavior, and non-destructive stale-registry recovery. - #4569, #4579, and #4678 -> `docs/about/release-notes.mdx`, `docs/manage-sandboxes/lifecycle.mdx`, `docs/network-policy/integration-policy-examples.mdx`: Release notes now cover installer tag pinning, PyPI `uv` policy access, and observable Jira validation. - #4632 -> `.agents/skills/`: Regenerated user skills from the current per-agent docs source, including newly generated Hermes reference files. ## Verification - `python3 scripts/docs-to-skills.py docs/ .agents/skills/ --prefix nemoclaw-user --doc-platform fern-mdx` - `rg "permissive mode|shields down|shields up|shields status|config rotate-token|rotate-token" docs --glob "*.mdx"` - `rg "permissive mode|shields down|shields up|shields status|config rotate-token|rotate-token" .agents/skills --glob "*.md"` - `npm run docs` - `npm run build:cli` - Commit hooks: markdownlint, docs-to-skills verification, gitleaks, skills YAML, commitlint <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Documentation** * Restructured documentation to clearly distinguish OpenClaw and Hermes agent variants throughout user guides. * Enhanced security, credential storage, and deployment guidance with clearer setup flows. * Added Hermes plugin installation and ecosystem documentation. * Improved workspace, messaging, and policy management references with variant-specific command examples. * Refined troubleshooting and CLI reference sections for clarity. <!-- end of auto-generated comment: release notes by coderabbit.ai -->
12 tasks
cv
pushed a commit
that referenced
this pull request
Jun 9, 2026
## Summary Adds `nemoclaw <name> agents list` as a thin pass-through to `openclaw agents list` via `openshell sandbox exec`. This finishes the host-side agent lifecycle surface — `add` and `delete` shipped in #4615; declarative seeding is already covered by the bake-time `NEMOCLAW_EXTRA_AGENTS_JSON` path from #4560. ## Related Issue Closes #2854. ## Changes - `src/commands/sandbox/agents/list.ts`: new oclif command, mirrors the `sessions list` and `agents add`/`delete` shape. - `src/lib/actions/sandbox/agents/passthrough.ts`: `AgentsPassthroughVerb` extended to `"add" | "delete" | "list"`; parent help now lists the third subcommand. - `src/commands/sandbox/agents.ts`: parent examples include `agents list alpha --json`. - `src/lib/cli/public-display-agents.ts`: registers `sandbox:agents:list` under Sandbox Management at order 16.4 (ahead of add/delete to match lifecycle order). - `src/lib/cli/command-registry.test.ts`: bumps sandbox-command count 43 -> 44 and updates the comment from "agents pair" to "agents trio". - `docs/reference/commands.mdx`: new `### nemoclaw <name> agents list` section before the existing `add` entry. - `test/e2e/test-sessions-agents-cli.sh`: new `TC-AGENT-03` between add and delete; calls `agents list --json` and asserts the seeded agent appears in the listing. ## Out of Scope `agents apply -f` from the original design is dropped — per-entry `agents add` (shipped via #4615) already covers operator workflows, and `NEMOCLAW_EXTRA_AGENTS_JSON` (shipped via #4560) already handles declarative bake-time seeding. No upstream `openclaw agents apply` verb or `agents.apply` gateway RPC exists, so a host-side reconcile would also need a new `agents update` CLI verb upstream first. ## Type of Change - [ ] Code change (feature, bug fix, or refactor) - [x] Code change with doc updates - [ ] Doc only (prose changes, no code sample modifications) - [ ] Doc only (includes code sample changes) ## Verification - [x] `npx prek run --all-files` passes - [x] `npm test` passes - [x] Tests added or updated for new or changed behavior - [x] No secrets, API keys, or credentials committed - [x] Docs updated for user-facing behavior changes - [ ] `npm run docs` builds without warnings (doc changes only) - [x] Doc pages follow the [style guide](https://github.com/NVIDIA/NemoClaw/blob/main/docs/CONTRIBUTING.md) (doc changes only) - [ ] New doc pages include SPDX header and frontmatter (new pages only) --- Signed-off-by: Tinson Lai <tinsonl@nvidia.com> <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Added a sandbox agents list command to list OpenClaw agents configured in a sandbox, supporting passthrough flags (including --json and --bindings). * **Documentation** * Updated command reference and help text; added docs for the agents list passthrough in both nemoclaw and nemohermes command sections. * **Tests** * Added end-to-end test coverage validating the agents list output (JSON and presence of added agent). <!-- end of auto-generated comment: release notes by coderabbit.ai --> --------- Signed-off-by: Tinson Lai <tinsonl@nvidia.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Adds two host-side sandbox-first subcommand groups:
nemoclaw <name> sessions(list / reset / delete) andnemoclaw <name> agents(add / delete).sessions listand theagentspair are thin pass-throughs toopenclawinside the sandbox viaopenshell sandbox exec.sessions resetandsessions deletego through the OpenClaw gatewaysessions.reset/sessions.deleteRPCs so the gateway owns archival, lock handling, and lifecycle events; the host never editssessions.jsondirectly.Related Issue
Closes #834.
Related: #4560 — complementary bake-time path for secondary agents via
NEMOCLAW_EXTRA_AGENTS_JSON.Changes
src/lib/actions/sandbox/sessions/: new action module split intopaths.ts(agent-id, session-key validators, canonical-key builder,parseAgentIdFromSessionKey,DEFAULT_AGENT_ID),gateway-rpc-envelope.ts(pure JSON-envelope parser),gateway-rpc.ts(openshell sandbox exec -- openclaw gateway call <method> --params <json> --jsondispatcher + shared error envelope),passthrough.ts(forwards toopenclaw sessions ...),reset.ts(gatewaysessions.resetadapter),delete.ts(gatewaysessions.deleteadapter).src/lib/actions/sandbox/agents/passthrough.ts: new action module forwarding toopenclaw agents add/openclaw agents deleteviaopenshell sandbox exec.src/commands/sandbox/sessions.ts+src/commands/sandbox/sessions/{list,reset,delete}.ts: four new oclif command adapters. The parent defaults toopenclaw sessions(list semantics).resetanddeleteaccept<key>plus--agent <id>to scope an alias to a non-default agent; mismatched--agent+ canonical-key pairs are refused.resetadds--reason new|reset,deleteadds--keep-transcript; both accept--jsonand--verbose.src/commands/sandbox/agents/{add,delete}.ts: two new oclif command adapters forwarding to the OpenClaw in-sandbox CLI.src/lib/actions/sandbox/sessions/{paths,gateway-rpc}.test.ts: 13 unit tests covering validator rejection of shell metacharacters, canonical-key composition, agent-id extraction from canonical keys, and the gateway-envelope parser's tolerance of noisy stdout.src/lib/cli/public-display-{layout,sessions,agents}.ts+src/lib/cli/public-display-defaults.ts: extract the layout type into a shared module and register display metadata for the six new commands under Sandbox Management.src/lib/cli/command-registry.test.ts: bump the hardcoded command counts (64 -> 70 total, 36 -> 42 sandbox, 52 -> 58 visible, 23 -> 25 action tokens) and addagents+sessionsto the expected sandbox-action set.docs/reference/commands.mdx: new### nemoclaw <name> {agents,sessions}sections with command grammar, examples, and the--agent/--reason/--keep-transcriptflag tables.test/e2e/test-sessions-agents-cli.sh+.github/workflows/nightly-e2e.yamlsessions-agents-cli-e2ejob: end-to-end coverage that onboards a sandbox, seeds a session, exercisessessions/sessions list/sessions reset/ agentsadd+deletepassthrough, and assertssessions deleteon a non-main session via the gateway.Type of Change
Verification
npx prek run --all-filespassesnpm testpassesnpm run docsbuilds without warnings (doc changes only)Signed-off-by: Tinson Lai tinsonl@nvidia.com
Summary by CodeRabbit
New Features
Documentation
Tests
Chores