openclaw status fails on Telegram file SecretRef while resolving allowlist metadata

[coolmanns]

Summary

On 2026.4.27, openclaw status can hard-fail when the Telegram bot token is configured via a file-backed SecretRef, even though the gateway is live and openclaw secrets audit reports the SecretRef as resolved.

Observed error:

channels.telegram.botToken: unresolved SecretRef "file:filemain:/telegram/botToken". Resolve this command against an active gateway runtime snapshot before reading it.

Impact

The status command becomes unusable for a valid Telegram configuration using botToken: { source: "file", provider: "filemain", id: "/telegram/botToken" }.

Likely cause

Telegram already has a read-only inspector (extensions/telegram/src/account-inspect.ts) that marks non-env configured secrets as configured_unavailable instead of strict-resolving them.

But extensions/telegram/src/shared.ts wires createScopedChannelConfigAdapter without a Telegram-specific resolveAccessorAccount, so metadata/accessor paths such as resolveAllowFrom fall back to strict resolveAccount. That dereferences botToken while building status/allowlist metadata.

Slack/Discord appear to already use a config-accessor pattern for this split.

Repro shape

Telegram config shape:

{
  "secrets": {
    "providers": {
      "filemain": { "source": "file", "path": "/path/to/secrets.json" }
    }
  },
  "channels": {
    "telegram": {
      "botToken": { "source": "file", "provider": "filemain", "id": "/telegram/botToken" },
      "allowFrom": ["8197233951"]
    }
  }
}

Then run:

openclaw status

Suggested fix

Add a Telegram resolveAccessorAccount that uses config-only merged account data (mergeTelegramAccountConfig) for allowFrom / defaultTo, without resolving botToken. Runtime resolveAccount should stay strict.

I have a tested patch locally and will open a PR.

Validation from local patch

pnpm exec vitest run extensions/telegram/src/shared.test.ts extensions/telegram/src/account-inspect.test.ts --config test/vitest/vitest.extension-telegram.config.ts
# 2 files, 15 tests passed

NODE_OPTIONS=--max-old-space-size=8192 pnpm exec tsc -p tsconfig.extensions.test.json --noEmit --pretty false
# passed

Adjacent related work: #71024 (Mattermost read-only SecretRef status), #66936 (older Telegram SecretRef CLI failure/hang).

[clawsweeper]

Codex review: keeping this open for maintainer follow-up; there is still a little grit to resolve.

Summary
Keep open. Current main and the verified v2026.5.2 release contain the Telegram config-only accessor behavior and regression coverage, but open PR #74833 still references this issue with closing syntax, so cleanup should wait for that PR to merge or be explicitly closed as superseded.

Reproducibility: yes. The report gives a concrete file-backed Telegram botToken SecretRef config, and current regression coverage exercises the same read-only accessor path without resolving the token; I did not run openclaw status in this read-only sweep.

Next step
No repair lane because PR #74833 is already the paired implementation candidate; maintainer disposition of that PR should happen before issue cleanup.

Review details

Best possible solution:

Resolve PR #74833 first, then close this issue as implemented by the shipped Telegram read-only accessor behavior.

Do we have a high-confidence way to reproduce the issue?

Yes. The report gives a concrete file-backed Telegram botToken SecretRef config, and current regression coverage exercises the same read-only accessor path without resolving the token; I did not run openclaw status in this read-only sweep.

Is this the best way to solve the issue?

Yes. The config-only accessor is the narrow maintainable fix because it reads allowlist/default-target metadata without dereferencing botToken, while runtime token resolution remains strict.

What I checked:

• Current Telegram accessor split: telegramConfigAdapter provides resolveAccessorAccount: resolveTelegramConfigAccessorAccount, and that resolver returns merged config data for allowlist/default-target accessors instead of calling the strict runtime account resolver. (extensions/telegram/src/shared.ts:107, 8af6add03b0d)
• Regression coverage: The Telegram shared test configures a file-backed botToken SecretRef and asserts resolveAllowFrom and resolveDefaultTo return metadata without resolving the token. (extensions/telegram/src/shared.test.ts:170, 8af6add03b0d)
• Runtime token path remains strict: Telegram runtime token resolution still keeps non-env SecretRefs on the strict path, so the read-only accessor behavior does not weaken runtime credential use. (extensions/telegram/src/token.ts:86, 8af6add03b0d)
• Read-only SecretRef command contract: The secrets docs say read-only command paths such as openclaw status should degrade with diagnostics instead of aborting when a targeted SecretRef is unavailable in that command path. Public docs: docs/gateway/secrets.md. (docs/gateway/secrets.md:428, 8af6add03b0d)
• Release proof: The v2026.5.2 tag contains the same Telegram accessor hookup, and the changelog records the channels/status fix for Telegram, Slack, and Google Chat read-only accessors avoiding SecretRef-backed runtime credential resolution. (CHANGELOG.md:644, 8b2a6e57fef6)
• Open paired implementation PR: The provided GitHub context shows PR fix(telegram): avoid resolving secrets for status accessors #74833 is open, unmerged, authored by the reporter, and links this issue with closing syntax. (0109652a64f9)

Likely related people:

• steipete: Local history shows Peter Steinberger carried the Telegram plugin-base and scoped channel config adapter refactors that own this accessor surface. (role: feature-history owner and recent maintainer; confidence: high; commits: 3cc1c7ba836d, cd5c2f4cb2c2, 05603e4e6ce6; files: extensions/telegram/src/shared.ts, src/plugin-sdk/channel-config-helpers.ts)
• joshavant: Josh Avant authored nearby SecretRef inspect/strict behavior work and recent external channel SecretRef contract work, both adjacent to read-only versus runtime SecretRef resolution. (role: adjacent SecretRef semantics owner; confidence: medium; commits: 1769fb2aa1d6, b1f8172867f3; files: extensions/telegram/src/token.ts, src/plugin-sdk/secret-input.ts, src/plugin-sdk/channel-config-helpers.ts)
• eusine: The changelog credits @eusine for the channels/status accessor change covering Telegram read-only SecretRef-backed runtime credentials. (role: credited contributor to shipped accessor behavior; confidence: medium; commits: 8b2a6e57fef6; files: CHANGELOG.md, extensions/telegram/src/shared.ts)
• vincentkoc: Current blame in this sparse checkout attributes the current Telegram accessor/test lines to a recent formatting/mainline maintenance commit, and nearby plugin-boundary work also touches the Telegram surface. (role: recent maintainer on current file state; confidence: low; commits: b1d7901a7996, 952862b9e2b0; files: extensions/telegram/src/shared.ts, extensions/telegram/src/shared.test.ts)

Remaining risk / open question:

• PR fix(telegram): avoid resolving secrets for status accessors #74833 remains open with closing syntax, so closing this issue now could split the paired contributor workflow even though the implementation is already present in main and release.

Codex review notes: model gpt-5.5, reasoning high; reviewed against 8af6add03b0d; fix evidence: release v2026.5.2, commit 8b2a6e57fef6.