fix(doctor): use gateway health status for memory search key check by therk · Pull Request #22327 · openclaw/openclaw

therk · 2026-02-21T01:50:15Z

Problem

openclaw doctor falsely warned about a missing Gemini API key even when memory search was fully functional. The key is loaded into the gateway process env via sops at startup, but noteMemorySearchHealth ran a static check against the CLI process env — which never has those secrets.

Additionally, the suggested fix (openclaw auth add --provider gemini) referenced a command that does not exist.

Changes

src/commands/doctor-memory-search.ts

Added opts?: { gatewayHealthOk?: boolean } parameter
When gatewayHealthOk: true and static key check fails, shows a softer informational note instead of an error: "The key may be loaded by the running gateway (e.g. via secrets.env). Verify: openclaw memory status --deep"
Replaced all instances of openclaw auth add --provider <X> with openclaw configure (the correct command)

src/commands/doctor.ts

Moved noteMemorySearchHealth call to run after checkGatewayHealth so gateway status is known
Passes { gatewayHealthOk: healthOk } to the health check

src/commands/doctor-memory-search.test.ts

Updated existing call signatures to match new optional parameter
Added test: gateway healthy + no CLI key → soft note with "may be loaded by the running gateway"
Added test: gateway down + no CLI key → full warning with openclaw configure (not auth add)
Preserved upstream mistral auth test; switched mockClear → mockReset with default rejection for test isolation

AI-assisted disclosure 🤖

Built with Claude (Sonnet 4.6) via OpenClaw
Lightly tested — ran doctor-memory-search.test.ts (8/8 pass) and pnpm build locally; full pnpm test not run
Author understands what the code does and reviewed all changes

therk · 2026-02-21T01:59:20Z

The initial CI failure was not caused by this PR. Our 3 changed files (doctor-memory-search.ts, doctor-memory-search.test.ts, doctor.ts) all passed — 7/7 tests green in both bun and node runners.

The failing tests (web/media, discord/send.components, media-understanding, msteams) were already broken on the upstream commit this branch was based on (105a630), and were subsequently fixed in main. Rebased onto latest main — CI should be clean now.

therk · 2026-02-21T19:10:12Z

Re-checked CI: the 3 failing test jobs (checks (node, test), checks (bun, test), checks-windows (node, test)) are pre-existing failures unrelated to this PR. They all fail on src/web/media.test.ts with a Windows temp path issue (LocalMediaAccessError: Local media path is not under an allowed directory: C:\Users\RUNNER~1\...) — a short-path resolution bug in assertLocalMediaAllowed that exists on main independently of these changes.

therk · 2026-02-23T16:14:36Z

Rebased on current main.

Conflict resolution: upstream added voyage/mistral to the provider list in the auto-mode fallback message and a mistral auth test — both preserved. Our changes (openclaw configure fix, mockReset with default rejection, gateway health tests) merged cleanly on top.

All 8 doctor-memory-search tests passing locally. CI running.

therk · 2026-02-23T16:16:00Z

Hi @gumadeiras — friendly ping! Just rebased on current main (conflict resolution: preserved upstream's voyage/mistral additions + mistral auth test). CI re-running. Small focused fix for a false-positive openclaw doctor warning when keys are loaded via gateway sops. Happy to address any feedback.

therk · 2026-02-23T16:18:22Z

Heads up on overlapping PRs: Found a few open PRs that touch the same file for the same auth add issue (#24220): #24470 (openclaw configure) and #24266 (openclaw onboard), plus #24485 which also modifies doctor-memory-search.ts.

To clarify scope: the auth add → configure replacement in this PR is a secondary fix bundled with the main change. The core of this PR (fixing #18062) is the gateway health status check — making noteMemorySearchHealth aware of whether the gateway is healthy before deciding to warn or not. That logic is not present in any of the overlapping PRs.

Happy to drop the auth add fixup from this PR if the maintainers prefer it land via one of those dedicated PRs — the gateway health logic stands on its own either way.

gumadeiras · 2026-02-23T16:21:21Z

@therk yea please keep one issue per PR; can you drop anything unrelated to the gateway health please; then i'll take a look
if you could also share a screenshot of the error that would be great

therk · 2026-02-23T17:43:43Z

✅ CI fully green — all checks passing after rebase.

…penclaw#18062)

gumadeiras · 2026-02-23T19:07:19Z

Merged via squash.

Prepared head SHA: 2f02ec9
Merge commit: 8d69251

Thanks @therk!

@rrenamed

* upstream/main: (1467 commits) fix(doctor): use gateway health status for memory search key check (openclaw#22327) refactor: harden reset notice + cron delivery target flow refactor(exec): simplify env-prefixed wrapper modifier check fix(skills): support multiline frontmatter fallback without PyYAML fix(skills): make quick_validate work without PyYAML fix(exec): bind env-prefixed shell wrappers to full approval text fix(browser): derive relay auth token from gateway token in Chrome extension Browser relay: accept raw gateway token in extension auth fix(gateway): include platform and reason in node command rejection error CLI: fix gateway restart health ownership for child listener pids (openclaw#24696) docs: detail per-agent prompt caching configuration fix(config): tighten bedrock cache-retention type narrowing feat(agents): add per-agent stream params overrides for cache tuning (openclaw#17470) (thanks @rrenamed) fix(providers): support Bedrock Anthropic cacheRetention defaults/pass-through (openclaw#22303) (thanks @snese) fix(providers): disable Bedrock prompt caching for non-Anthropic models (openclaw#20866) (thanks @pierreeurope) docs(changelog): note /new and /reset auth-label removal (openclaw#24409) fix(reply): omit auth labels in /new and /reset docs(changelog): correct kimi issue references test(tools): fix kimi web_search mock typing feat(media): add moonshot video provider and wiring ... # Conflicts: # ui/src/ui/app-render.ts # ui/src/ui/controllers/agents.ts

@gumadeiras