fix(sessions): report ACP-runtime metadata for ACP-keyed sessions

efpiva · web-flow · commit 983064f5f819 · 2026-05-13T19:03:50.000-07:00
Report ACP control-plane session runtime metadata from persisted ACP session metadata/backend, and keep ACP-shaped bridge sessions on normal configured model/runtime metadata.

Proof: focused sessions runtime/model-display tests, core prod/test typechecks, touched-file format check, seeded openclaw sessions --json behavior proof, and passing relevant CI. Known unrelated red check: checks-fast-contracts-plugins-d plugin SDK documentation contract for codex helper subpaths.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -13,6 +13,7 @@ Docs: https://docs.openclaw.ai
 - Codex startup: treat selectable configured OpenAI agent models as Codex runtime requirements during plugin auto-enable, startup planning, and doctor install repair, so Anthropic-primary configs can still switch to OpenAI/Codex cleanly.
 - Agents: preserve source-reply delivery metadata when merging tool-returned media into the final reply, keeping message-tool-only replies deliverable and mirrored. Thanks @pashpashpash and @vincentkoc.
 - Sessions/status: classify ACP spawn-child sessions as `kind: "spawn-child"` instead of `"direct"` in `openclaw sessions` and status output; extract the duplicated session-kind classifier into a shared helper (`src/sessions/classify-session-kind.ts`) so both surfaces stay in sync. Fixes catalog #19. (#79544)
+- Sessions/Gateway: report `agentRuntime.id: "acpx"` (or stored backend id) with `source: "session-key"` for ACP control-plane session rows in `openclaw sessions --json`, `openclaw status`, and Gateway session RPC responses instead of the incorrect `"auto"` / `"pi"` implicit fallback. Fixes catalog #18. (#79550)
 - Telegram: delete tool-progress-only draft bubbles before rotating to the real answer, preventing orphaned progress messages in streamed replies.
 - Codex app-server: keep per-agent `CODEX_HOME` isolation without rewriting `HOME` by default, so Codex-run subprocesses can still find normal user-home config, tokens, and CLI state unless the launch explicitly overrides `HOME`. Thanks @pashpashpash.
 - ACP: preserve redacted numeric JSON-RPC `RequestError` details in runtime failure text, so backend diagnostics are visible instead of only `Internal error`. Fixes #81126. (#81188) Thanks @vyctorbrzezowski.
diff --git a/src/agents/acp-runtime-overlay.ts b/src/agents/acp-runtime-overlay.ts
@@ -0,0 +1,44 @@
+import { isAcpSessionKey } from "../routing/session-key.js";
+
+/**
+ * Leaf type for agent runtime classification. Defined here so that
+ * agent-runtime-metadata.ts can import applyAcpRuntimeOverlay without
+ * creating a circular dependency (agent-runtime-metadata → acp-runtime-overlay
+ * → agent-runtime-metadata).  agent-runtime-metadata.ts re-exports this type
+ * so all existing consumers remain unaffected.
+ */
+export type AgentRuntimeMetadata = {
+  id: string;
+  source: "implicit" | "model" | "provider" | "session-key";
+};
+
+/**
+ * When a session key and persisted session metadata identify an ACP
+ * control-plane session, override the resolved runtime metadata to report the
+ * ACP runtime id with a "session-key" source — regardless of what the
+ * agent-config policy resolved to.
+ *
+ * Callers that already have model/provider context (resolveModelAgentRuntimeMetadata)
+ * still benefit here because the model-runtime policy chain does not inspect session
+ * keys for the ACP indicator.
+ *
+ * Key shape alone is not sufficient: ACP bridge sessions may use ACP-shaped
+ * keys without persisted SessionAcpMeta and still run the configured model.
+ *
+ * When `acpBackend` is provided and non-empty, it is used as the runtime id so that
+ * sessions backed by a configured non-default ACP backend (e.g. a custom registered
+ * backend) are reported faithfully instead of always being labelled "acpx".
+ * Falls back to "acpx" when no backend is known.
+ */
+export function applyAcpRuntimeOverlay(
+  meta: AgentRuntimeMetadata,
+  sessionKey: string | undefined | null,
+  acpRuntime: boolean | undefined,
+  acpBackend?: string,
+): AgentRuntimeMetadata {
+  if (acpRuntime === true && isAcpSessionKey(sessionKey)) {
+    const id = acpBackend && acpBackend.length > 0 ? acpBackend : "acpx";
+    return { id, source: "session-key" };
+  }
+  return meta;
+}
diff --git a/src/agents/agent-runtime-metadata.ts b/src/agents/agent-runtime-metadata.ts
@@ -1,11 +1,9 @@
 import type { OpenClawConfig } from "../config/types.openclaw.js";
+import { applyAcpRuntimeOverlay, type AgentRuntimeMetadata } from "./acp-runtime-overlay.js";
 import { resolveAgentHarnessPolicy } from "./harness/policy.js";
 import { resolveDefaultModelForAgent } from "./model-selection.js";
 
-type AgentRuntimeMetadata = {
-  id: string;
-  source: "implicit" | "model" | "provider";
-};
+export type { AgentRuntimeMetadata };
 
 export function resolveAgentRuntimeMetadata(
   _cfg: OpenClawConfig,
@@ -24,6 +22,19 @@ export function resolveModelAgentRuntimeMetadata(params: {
   provider?: string;
   model?: string;
   sessionKey?: string;
+  /**
+   * True when the loaded session entry has persisted ACP metadata. ACP-shaped
+   * keys without this marker can be bridge sessions that use the configured
+   * model/runtime.
+   */
+  acpRuntime?: boolean;
+  /**
+   * The ACP backend identifier stored on the session entry (`entry.acp.backend`).
+   * When provided for an ACP-keyed session, the overlay reports this value as the
+   * runtime id instead of the generic fallback "acpx", so sessions backed by a
+   * non-default registered ACP backend are classified correctly.
+   */
+  acpBackend?: string;
 }): AgentRuntimeMetadata {
   const resolved =
     params.provider && params.model
@@ -36,8 +47,9 @@ export function resolveModelAgentRuntimeMetadata(params: {
     agentId: params.agentId,
     sessionKey: params.sessionKey,
   });
-  return {
+  const meta: AgentRuntimeMetadata = {
     id: policy.runtime,
     source: policy.runtimeSource ?? "implicit",
   };
+  return applyAcpRuntimeOverlay(meta, params.sessionKey, params.acpRuntime, params.acpBackend);
 }
diff --git a/src/agents/tools/agents-list-tool.ts b/src/agents/tools/agents-list-tool.ts
@@ -22,7 +22,7 @@ type AgentListEntry = {
   model?: string;
   agentRuntime?: {
     id: string;
-    source: "env" | "agent" | "defaults" | "model" | "provider" | "implicit";
+    source: "env" | "agent" | "defaults" | "model" | "provider" | "implicit" | "session-key";
   };
 };
 
diff --git a/src/commands/sessions.acp-runtime-metadata.test.ts b/src/commands/sessions.acp-runtime-metadata.test.ts
@@ -0,0 +1,222 @@
+import { describe, expect, it } from "vitest";
+import { resolveModelAgentRuntimeMetadata } from "../agents/agent-runtime-metadata.js";
+import type { OpenClawConfig } from "../config/types.openclaw.js";
+import { parseAgentSessionKey } from "../routing/session-key.js";
+
+/**
+ * Catalog #18 — `openclaw sessions --json` reports `agentRuntime.id: "pi"` for
+ * ACP sessions because `resolveAgentRuntimeMetadata` only consults agent-config
+ * policies (env / agent / defaults / implicit fallback to "pi"). The session
+ * key clearly carries the ACP runtime indicator (the `:acp:` segment), but
+ * `sessions.ts:294` ignores it and just calls `resolveAgentRuntimeMetadata(cfg, agentId)`.
+ *
+ * Empirical observation from a deployed openclaw container against a copilot
+ * agent that has no explicit `agentRuntime.id` policy:
+ *
+ *   {
+ *     "key": "agent:copilot:acp:86b7b5af-3773-4a56-b244-069d6c5d3db9",
+ *     "agentId": "copilot",
+ *     "agentRuntime": { "id": "pi", "source": "implicit" },
+ *     "kind": "direct"
+ *   }
+ *
+ * That is wrong: this session is plainly ACP, not PI. The runtime field is
+ * supposed to be a faithful classifier of how this session is actually being
+ * run; instead, every ACP session in the JSON output is mislabelled as `pi`.
+ *
+ * This test mirrors the exact computation `sessionsCommand` performs at
+ * `src/commands/sessions.ts:294` and proves the bug in two parts:
+ *
+ *   - RED: ACP-keyed session resolves to `id: "pi"`, `source: "implicit"`.
+ *   - GREEN control: a non-ACP `agent:main:main` session resolves to the
+ *     same implicit-pi metadata, which IS correct in that case. The control
+ *     proves the assertion infrastructure is not masking the RED case.
+ *
+ * Fix shape (see the third test): when the session key is ACP-style,
+ * agentRuntime.id should report `acpx` (or whatever runtime id is actually
+ * driving the session) so that the JSON faithfully classifies the session.
+ * The fix likely belongs at the caller (sessions.ts:294 and the other
+ * call sites in `src/gateway/server-methods/sessions.ts`,
+ * `src/gateway/session-utils.ts`) so it can pass session-key context to
+ * `resolveAgentRuntimeMetadata`, OR `resolveAgentRuntimeMetadata` itself
+ * gains an optional `sessionKey` parameter and applies a session-key-aware
+ * override.
+ */
+
+const ACP_SESSION_KEY = "agent:copilot:acp:86b7b5af-3773-4a56-b244-069d6c5d3db9";
+const NON_ACP_SESSION_KEY = "agent:main:main";
+
+/**
+ * Build a minimal `OpenClawConfig` that mirrors the deployed scenario:
+ * - a copilot agent exists in the agents.list
+ * - it has NO explicit `agentRuntime.id` policy
+ * - no top-level `agents.defaults.agentRuntime` either
+ *
+ * Result: `resolveAgentRuntimeMetadata(cfg, "copilot")` falls through to the
+ * implicit "pi" branch — which is the bug under test.
+ */
+function buildConfigWithoutAgentRuntimePolicy(): OpenClawConfig {
+  return {
+    agents: {
+      list: [
+        {
+          id: "copilot",
+          // Intentionally no `agentRuntime` field, no `runtime` descriptor.
+        },
+        {
+          id: "main",
+        },
+      ],
+      // No `defaults.agentRuntime` either.
+      defaults: {},
+    },
+  } as OpenClawConfig;
+}
+
+/**
+ * Mirror the per-row computation from `src/commands/sessions.ts:290-298`:
+ *   const agentId = parseAgentSessionKey(row.key)?.agentId ?? target.agentId;
+ *   const agentRuntime = resolveModelAgentRuntimeMetadata({ cfg, agentId, sessionKey: row.key });
+ *
+ * Returns the same shape that ends up serialized to `--json` output.
+ * After commit 02fe0d8978, the production path goes through resolveModelAgentRuntimeMetadata
+ * (not resolveAgentRuntimeMetadata which is now a stub returning { id: "auto", source: "implicit" }).
+ */
+function computeSessionAgentRuntime(params: {
+  cfg: OpenClawConfig;
+  sessionKey: string;
+  fallbackAgentId: string;
+  /** Mirrors `entry?.acp != null` passed from loaded session rows. */
+  acpRuntime?: boolean;
+  /** Mirrors `entry?.acp?.backend` passed from the session store entry. */
+  acpBackend?: string;
+}): ReturnType<typeof resolveModelAgentRuntimeMetadata> {
+  const agentId = parseAgentSessionKey(params.sessionKey)?.agentId ?? params.fallbackAgentId;
+  return resolveModelAgentRuntimeMetadata({
+    cfg: params.cfg,
+    agentId,
+    sessionKey: params.sessionKey,
+    acpRuntime: params.acpRuntime,
+    acpBackend: params.acpBackend,
+  });
+}
+
+describe("sessions --json agentRuntime classifier (catalog #18)", () => {
+  it("RED→GREEN: ACP session key is no longer misclassified (overlay applies)", () => {
+    const cfg = buildConfigWithoutAgentRuntimePolicy();
+    const agentRuntime = computeSessionAgentRuntime({
+      cfg,
+      sessionKey: ACP_SESSION_KEY,
+      fallbackAgentId: "copilot",
+      acpRuntime: true,
+    });
+
+    // The bug was: the session key plainly contains `:acp:` and yet the
+    // resolved metadata said id="pi", source="implicit".
+    // After the fix (applyAcpRuntimeOverlay in resolveModelAgentRuntimeMetadata),
+    // the ACP session key overrides the runtime to id="acpx", source="session-key".
+    expect(
+      agentRuntime.id,
+      `ACP session ${ACP_SESSION_KEY} should no longer be misclassified as "auto" or "pi". ` +
+        `Got "${agentRuntime.id}". resolveModelAgentRuntimeMetadata must pass sessionKey to ` +
+        `applyAcpRuntimeOverlay so ACP sessions are classified as "acpx".`,
+    ).not.toBe("auto");
+    expect(
+      agentRuntime.source,
+      `ACP session ${ACP_SESSION_KEY} resolved with source="${agentRuntime.source}". ` +
+        `For an ACP-keyed session, the source should not be "implicit" — ` +
+        `the session key itself is an explicit signal that the runtime is ACP.`,
+    ).not.toBe("implicit");
+  });
+
+  it("GREEN control: non-ACP session is NOT overridden by ACP overlay", () => {
+    const cfg = buildConfigWithoutAgentRuntimePolicy();
+    const agentRuntime = computeSessionAgentRuntime({
+      cfg,
+      sessionKey: NON_ACP_SESSION_KEY,
+      fallbackAgentId: "main",
+    });
+
+    // For a non-ACP session, the overlay must NOT fire — the result must
+    // not be "acpx" and source must not be "session-key".  The control
+    // proves the overlay is gated on the `:acp:` segment in the session key.
+    // (The concrete id — "codex" for the default openai/gpt-5.5 provider —
+    // is determined by resolveAgentHarnessPolicy's Codex-routing rule;
+    // what matters here is the absence of the ACP override.)
+    expect(agentRuntime.id).not.toBe("acpx");
+    expect(agentRuntime.source).not.toBe("session-key");
+  });
+
+  it("FIX-SHAPE expectation: ACP session should resolve to 'acpx'", () => {
+    // What "fixed" should look like once the bug is addressed.
+    // RED today; GREEN once the fix lands.
+    //
+    // Note: the exact id ("acpx" vs another label) is a design choice for
+    // the fix author. What matters is that it is meaningfully different
+    // from "pi" and reflects the actual runtime driving the session.
+    // If the fix picks a different label, update this assertion to match —
+    // the structural point (session-key-aware classification) is the
+    // load-bearing part.
+    const cfg = buildConfigWithoutAgentRuntimePolicy();
+    const agentRuntime = computeSessionAgentRuntime({
+      cfg,
+      sessionKey: ACP_SESSION_KEY,
+      fallbackAgentId: "copilot",
+      acpRuntime: true,
+    });
+
+    expect(
+      agentRuntime.id,
+      `ACP session ${ACP_SESSION_KEY} should resolve to runtime id "acpx" (or the canonical ACP runtime label). ` +
+        `Got "${agentRuntime.id}". Fix candidates: ` +
+        `(a) override at the call site in src/commands/sessions.ts:294 once isAcpSessionKey(row.key) is true, or ` +
+        `(b) extend resolveAgentRuntimeMetadata to accept an optional sessionKey and apply the override centrally.`,
+    ).toBe("acpx");
+  });
+
+  it("backend override: ACP session with entry.acp.backend set reports that backend id, NOT 'acpx'", () => {
+    // When the session entry carries an explicit acp.backend (e.g. a registered
+    // non-default backend), the overlay must reflect the actual backend instead
+    // of the generic "acpx" fallback.
+    const cfg = buildConfigWithoutAgentRuntimePolicy();
+    const agentRuntime = computeSessionAgentRuntime({
+      cfg,
+      sessionKey: ACP_SESSION_KEY,
+      fallbackAgentId: "copilot",
+      acpRuntime: true,
+      acpBackend: "custom-backend",
+    });
+
+    expect(agentRuntime.id).toBe("custom-backend");
+    expect(agentRuntime.source).toBe("session-key");
+  });
+
+  it("backend fallback: ACP session with entry.acp but no backend falls back to 'acpx'", () => {
+    // When the session entry has ACP metadata but no acp.backend, the overlay
+    // must fall back to the canonical "acpx" id.
+    const cfg = buildConfigWithoutAgentRuntimePolicy();
+    const agentRuntime = computeSessionAgentRuntime({
+      cfg,
+      sessionKey: ACP_SESSION_KEY,
+      fallbackAgentId: "copilot",
+      acpRuntime: true,
+      // acpBackend intentionally omitted — mirrors entry with no acp.backend
+    });
+
+    expect(agentRuntime.id).toBe("acpx");
+    expect(agentRuntime.source).toBe("session-key");
+  });
+
+  it("GREEN control: ACP-shaped bridge session without entry.acp is NOT overridden", () => {
+    const cfg = buildConfigWithoutAgentRuntimePolicy();
+    const agentRuntime = computeSessionAgentRuntime({
+      cfg,
+      sessionKey: ACP_SESSION_KEY,
+      fallbackAgentId: "copilot",
+      acpRuntime: false,
+    });
+
+    expect(agentRuntime.id).not.toBe("acpx");
+    expect(agentRuntime.source).not.toBe("session-key");
+  });
+});
diff --git a/src/commands/sessions.ts b/src/commands/sessions.ts
@@ -295,6 +295,8 @@ export async function sessionsCommand(
           provider: modelRef.provider,
           model: modelRef.model,
           sessionKey: row.key,
+          acpRuntime,
+          acpBackend: entry?.acp?.backend,
         });
         return Object.assign({}, row, {
           agentId,
diff --git a/src/commands/status.summary.runtime.ts b/src/commands/status.summary.runtime.ts
@@ -164,6 +164,8 @@ function resolveSessionRuntimeLabel(params: {
     provider: params.provider,
     model: params.model,
     sessionKey: params.sessionKey,
+    acpRuntime: params.entry?.acp != null,
+    acpBackend: params.entry?.acp?.backend,
   });
   const id = normalizeOptionalLowercaseString(runtime.id);
   const resolvedHarness = id && id !== "pi" && id !== "auto" ? id : undefined;
diff --git a/src/gateway/server-methods/sessions.ts b/src/gateway/server-methods/sessions.ts
@@ -1817,6 +1817,8 @@ export const sessionsHandlers: GatewayRequestHandlers = {
       provider: resolvedDisplayModel.provider,
       model: resolvedDisplayModel.model,
       sessionKey: target.canonicalKey ?? key,
+      acpRuntime: applied.entry?.acp != null,
+      acpBackend: applied.entry?.acp?.backend,
     });
     const result: SessionsPatchResult = {
       ok: true,
diff --git a/src/gateway/session-utils.ts b/src/gateway/session-utils.ts
@@ -1024,6 +1024,7 @@ export function listAgentsForGateway(cfg: OpenClawConfig): {
           provider: resolvedModel.provider,
           model: resolvedModel.model,
           sessionKey: resolveAgentMainSessionKey({ cfg, agentId: id }),
+          acpRuntime: false,
         }),
       },
       model ? { model } : {},
@@ -1735,6 +1736,8 @@ export function buildGatewaySessionRow(params: {
     provider: rowModelProvider,
     model: rowModel,
     sessionKey: key,
+    acpRuntime: entry?.acp != null,
+    acpBackend: entry?.acp?.backend,
   });
   const estimatedCostUsd = lightweight
     ? resolveNonNegativeNumber(entry?.estimatedCostUsd)
diff --git a/src/shared/session-types.ts b/src/shared/session-types.ts
@@ -14,7 +14,7 @@ export type GatewayAgentModel = {
 export type GatewayAgentRuntime = {
   id: string;
   fallback?: "pi" | "none";
-  source: "env" | "agent" | "defaults" | "model" | "provider" | "implicit";
+  source: "env" | "agent" | "defaults" | "model" | "provider" | "implicit" | "session-key";
 };
 
 export type GatewayAgentRow = {
