fix(gateway): accept port for health and probe#94687
Conversation
|
Codex review: found issues before merge. Reviewed June 21, 2026, 11:15 PM ET / 03:15 UTC. Summary PR surface: Source +96, Tests +238, Docs +10. Total +344 across 13 files. Reproducibility: yes. Current main source registers Review metrics: 1 noteworthy metric.
Stored data model Root-cause cluster Members:
Proposal only: this assessment does not dispatch repair, suppress jobs, mutate sibling items, close, or merge anything. Merge readiness Overall follows the weaker of proof and patch quality, so missing proof can cap an otherwise strong patch. Rank-up moves:
Risk before merge
Maintainer options:
Next step before merge
Security Review findings
Review detailsBest possible solution: Keep this PR as the canonical implementation path, patch the health auth diagnostic to preserve the explicit selected port, then continue maintainer review/automerge on the exact head. Do we have a high-confidence way to reproduce the issue? Yes. Current main source registers Is this the best way to solve the issue? No, not yet. Adding the option at the CLI boundary and carrying an explicit local port through health/probe resolution is the right shape, but the health auth diagnostic must use the same selected port before this is the best fix. Full review comments:
Overall correctness: patch is incorrect AGENTS.md: found and applied where relevant. Codex review notes: model internal, reasoning high; reviewed against a1828110704f. Label changesLabel changes:
Label justifications:
Evidence reviewedPR surface: Source +96, Tests +238, Docs +10. Total +344 across 13 files. View PR surface stats
What I checked:
Likely related people:
What the crustacean ranks mean
Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics. How this review workflow works
|
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 22c8762612
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
|
@clawsweeper re-review |
|
🦞🧹 I asked ClawSweeper to review this item again. |
22c8762 to
6ba0afb
Compare
|
Addressed the env precedence finding in 6ba0afb. @clawsweeper re-review |
|
🦞🧹 I asked ClawSweeper to review this item again. |
6ba0afb to
9cbd92a
Compare
|
Clownfish 🐠 reef automerge status This pass ended as a no-op: no narrow repair surfaced, so Clownfish left the branch untouched. Target: #94687 Worker actions:
Nothing moved downstream from this pass: no branch update, replacement PR, merge, or re-review. fish notes: model gpt-5.5, reasoning medium. |
77d81a9 to
a4ea987
Compare
|
Clownfish 🐠 reef update Thanks for the work on this. Clownfish could write to this branch, so it kept the fix in the original PR instead of making a new one. Source PR: #94687 fish notes: model gpt-5.5, reasoning medium; reviewed against b0a0c8f. |
36a040a to
b0a0c8f
Compare
|
🦞✅ Source: Why human review is needed: What the maintainer can do as a next step: I added |
b0a0c8f to
f0cbaf4
Compare
|
Clownfish 🐠 reef update Thanks for the contribution here. Clownfish gave the branch a tidy little reef repair and kept this PR as the main lane. Source PR: #94687 fish notes: model gpt-5.5, reasoning medium; reviewed against 2c91dba. |
55f8d6f to
2c91dba
Compare
* fix(gateway): accept port for health and probe * fix(gateway): repair health port override * fix(gateway): repair health port override * fix(gateway): accept port for health and probe --------- Co-authored-by: openclaw-clownfish[bot] <280122609+openclaw-clownfish[bot]@users.noreply.github.com>
Summary
gateway health --portnow targets a local gateway on the requested port instead of rejecting the option.gateway probe --portnow uses the requested port for the local loopback probe target and SSH tunnel remote port.gateway runstyle validation, so invalid values fail before transport.--portfor both commands.Out of scope: no remote URL behavior changes, no gateway runtime changes, and no auth changes.
Review focus: CLI option inheritance, local target selection, and the new regression tests.
Linked context
Closes #79100
Related #91907
Was this requested by a maintainer or owner? No. The issue is labeled source-repro and queueable.
Real behavior proof (required for external PRs)
openclaw gateway health --port ...andopenclaw gateway probe --port ...no longer fail at option parsing and target the selected local gateway port.HOME, live local gateway on loopback port 19082.pnpm openclaw gateway run --dev --allow-unconfigured --auth none --bind loopback --port 19082 --force --verbosepnpm openclaw gateway health --port 19082 --json --token test-tokenpnpm openclaw gateway probe --port 19082 --json --timeout 3000 --token test-token{ "command": "pnpm openclaw gateway health --port 19082 --json --token test-token", "ok": true, "durationMs": 51, "plugins": { "loaded": ["acpx", "bonjour", "browser", "canvas", "device-pair", "file-transfer", "memory-core", "phone-control", "talk-voice"], "errors": [] }, "defaultAgentId": "dev" }{ "command": "pnpm openclaw gateway probe --port 19082 --json --timeout 3000 --token test-token", "ok": true, "capability": "read_only", "primaryTargetId": "localLoopback", "network": { "localLoopbackUrl": "ws://127.0.0.1:19082" }, "targets": [ { "id": "localLoopback", "kind": "localLoopback", "url": "ws://127.0.0.1:19082", "connect": { "ok": true, "rpcOk": true, "error": null }, "health": { "ok": true } } ] }--port, connect to the live gateway onws://127.0.0.1:19082, and return successful health/probe results. The proof token was a disposable test value used only in the isolated temp setup.gateway healthandgateway probereject--portwhilegateway runaccepts it.Tests and validation
Focused coverage added:
--portinto local gateway config--portinto status command optionsCommands run:
node scripts/run-vitest.mjs src/cli/gateway-port-option.test.ts src/cli/gateway-cli/register.option-collisions.test.ts src/commands/gateway-status/helpers.test.ts src/commands/gateway-status.test.tspnpm exec oxfmt --check --threads=1 src/cli/gateway-port-option.ts src/cli/gateway-port-option.test.ts src/cli/gateway-cli/register.ts src/cli/gateway-cli/register.option-collisions.test.ts src/commands/gateway-status.ts src/commands/gateway-status.test.ts src/commands/gateway-status/helpers.ts src/commands/gateway-status/helpers.test.ts docs/cli/gateway.mdpnpm exec oxlint src/cli/gateway-cli/register.ts src/cli/gateway-port-option.ts src/commands/gateway-status.ts src/commands/gateway-status/helpers.ts src/cli/gateway-cli/register.option-collisions.test.ts src/cli/gateway-port-option.test.ts src/commands/gateway-status.test.ts src/commands/gateway-status/helpers.test.tsgit diff --checkpnpm changed:lanes --jsonenv OPENCLAW_CHECK_CHANGED_REMOTE_CHILD=1 OPENCLAW_CHANGED_LANES_RAW_SYNC=1 CI=1 PNPM_CONFIG_VERIFY_DEPS_BEFORE_RUN=false corepack pnpm check:changedValidation output:
Test Files 4 passed (4),Tests 54 passed (54),passed 3 Vitest shards.All matched files use the correct format.core,coreTests, anddocs.What failed before this fix: command registration did not define
--porton health or probe, so Commander rejected the option before the command reached gateway transport.Risk checklist
Did user-visible behavior change? Yes
Did config, environment, or migration behavior change? No
Did security, auth, secrets, network, or tool execution behavior change? No
What is the highest-risk area? Local gateway target selection for health and probe.
How is that risk mitigated? The change only applies when
--portis explicitly provided. Health still rejects--urlwith--port, and probe continues to preserve explicit remote URL behavior while adding the local port override.Current review state
Ready for review. Waiting on ClawSweeper re-review and maintainer review.