vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-03-30 03:11:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(gateway): restore loopback detail probes and identity fallback (#51087)

Browse Source 
Merged via squash.

Prepared head SHA: f8a66ffde2
Co-authored-by: heavenlost <70937055+heavenlost@users.noreply.github.com>
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Reviewed-by: @mbelinky
This commit is contained in:
heavenlost
2026-03-27 15:09:41 +08:00
committed by GitHub
parent 6f92148da9
commit 3cbd4de95c
13 changed files with 469 additions and 70 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
src/cli/daemon-cli.coverage.test.ts
View File

@@ -3,7 +3,7 @@ import { afterEach, beforeEach, describe, expect, it, vi } from "vitest";
import { captureEnv } from "../test-utils/env.js";
import { createCliRuntimeCapture } from "./test-runtime-capture.js";
const callGateway = vi.fn(async (..._args: unknown[]) => ({ ok: true }));
const probeGatewayStatus = vi.fn(async (..._args: unknown[]) => ({ ok: true }));
const resolveGatewayProgramArguments = vi.fn(async (_opts?: unknown) => ({
programArguments: ["/bin/node", "cli", "gateway", "--port", "18789"],
}));
@@ -36,8 +36,8 @@ const buildGatewayInstallPlan = vi.fn(
const { runtimeLogs, defaultRuntime, resetRuntimeCapture } = createCliRuntimeCapture();
vi.mock("../gateway/call.js", () => ({
callGateway: (opts: unknown) => callGateway(opts),
vi.mock("./daemon-cli/probe.js", () => ({
probeGatewayStatus: (opts: unknown) => probeGatewayStatus(opts),
}));
vi.mock("../gateway/probe-auth.js", () => ({
@@ -146,19 +146,21 @@ describe("daemon-cli coverage", () => {
it("probes gateway status by default", async () => {
resetRuntimeCapture();
callGateway.mockClear();
probeGatewayStatus.mockClear();
await runDaemonCommand(["daemon", "status"]);
expect(callGateway).toHaveBeenCalledTimes(1);
expect(callGateway).toHaveBeenCalledWith(expect.objectContaining({ method: "status" }));
expect(probeGatewayStatus).toHaveBeenCalledTimes(1);
expect(probeGatewayStatus).toHaveBeenCalledWith(
expect.objectContaining({ url: "ws://127.0.0.1:18789" }),
);
expect(findExtraGatewayServices).toHaveBeenCalled();
expect(inspectPortUsage).toHaveBeenCalled();
});
it("derives probe URL from service args + env (json)", async () => {
resetRuntimeCapture();
callGateway.mockClear();
probeGatewayStatus.mockClear();
inspectPortUsage.mockClear();
serviceReadCommand.mockResolvedValueOnce({
@@ -174,10 +176,9 @@ describe("daemon-cli coverage", () => {
await runDaemonCommand(["daemon", "status", "--json"]);
expect(callGateway).toHaveBeenCalledWith(
expect(probeGatewayStatus).toHaveBeenCalledWith(
expect.objectContaining({
url: "ws://127.0.0.1:19001",
method: "status",
}),
);
expect(inspectPortUsage).toHaveBeenCalledWith(19001);

113
src/cli/daemon-cli/probe.test.ts Normal file
View File

@@ -0,0 +1,113 @@
import { describe, expect, it, vi } from "vitest";
const callGatewayMock = vi.hoisted(() => vi.fn());
const probeGatewayMock = vi.hoisted(() => vi.fn());
vi.mock("../../gateway/call.js", () => ({
callGateway: (...args: unknown[]) => callGatewayMock(...args),
}));
vi.mock("../../gateway/probe.js", () => ({
probeGateway: (...args: unknown[]) => probeGatewayMock(...args),
}));
vi.mock("../progress.js", () => ({
withProgress: async (_opts: unknown, fn: () => Promise<unknown>) => await fn(),
}));
const { probeGatewayStatus } = await import("./probe.js");
describe("probeGatewayStatus", () => {
it("uses lightweight token-only probing for daemon status", async () => {
callGatewayMock.mockReset();
probeGatewayMock.mockResolvedValueOnce({ ok: true });
const result = await probeGatewayStatus({
url: "ws://127.0.0.1:19191",
token: "temp-token",
tlsFingerprint: "abc123",
timeoutMs: 5_000,
json: true,
});
expect(result).toEqual({ ok: true });
expect(callGatewayMock).not.toHaveBeenCalled();
expect(probeGatewayMock).toHaveBeenCalledWith({
url: "ws://127.0.0.1:19191",
auth: {
token: "temp-token",
password: undefined,
},
tlsFingerprint: "abc123",
timeoutMs: 5_000,
includeDetails: false,
});
});
it("uses a real status RPC when requireRpc is enabled", async () => {
callGatewayMock.mockReset();
probeGatewayMock.mockReset();
callGatewayMock.mockResolvedValueOnce({ status: "ok" });
const result = await probeGatewayStatus({
url: "ws://127.0.0.1:19191",
token: "temp-token",
tlsFingerprint: "abc123",
timeoutMs: 5_000,
json: true,
requireRpc: true,
configPath: "/tmp/openclaw-daemon/openclaw.json",
});
expect(result).toEqual({ ok: true });
expect(probeGatewayMock).not.toHaveBeenCalled();
expect(callGatewayMock).toHaveBeenCalledWith({
url: "ws://127.0.0.1:19191",
token: "temp-token",
password: undefined,
tlsFingerprint: "abc123",
method: "status",
timeoutMs: 5_000,
configPath: "/tmp/openclaw-daemon/openclaw.json",
});
});
it("surfaces probe close details when the handshake fails", async () => {
callGatewayMock.mockReset();
probeGatewayMock.mockReset();
probeGatewayMock.mockResolvedValueOnce({
ok: false,
error: null,
close: { code: 1008, reason: "pairing required" },
});
const result = await probeGatewayStatus({
url: "ws://127.0.0.1:19191",
timeoutMs: 5_000,
});
expect(result).toEqual({
ok: false,
error: "gateway closed (1008): pairing required",
});
});
it("surfaces status RPC errors when requireRpc is enabled", async () => {
callGatewayMock.mockReset();
probeGatewayMock.mockReset();
callGatewayMock.mockRejectedValueOnce(new Error("missing scope: operator.admin"));
const result = await probeGatewayStatus({
url: "ws://127.0.0.1:19191",
token: "temp-token",
timeoutMs: 5_000,
requireRpc: true,
});
expect(result).toEqual({
ok: false,
error: "missing scope: operator.admin",
});
expect(probeGatewayMock).not.toHaveBeenCalled();
});
});

48
src/cli/daemon-cli/probe.ts
View File

@@ -1,5 +1,3 @@
import { callGateway } from "../../gateway/call.js";
import { GATEWAY_CLIENT_MODES, GATEWAY_CLIENT_NAMES } from "../../utils/message-channel.js";
import { withProgress } from "../progress.js";
export async function probeGatewayStatus(opts: {
@@ -9,29 +7,53 @@ export async function probeGatewayStatus(opts: {
tlsFingerprint?: string;
timeoutMs: number;
json?: boolean;
requireRpc?: boolean;
configPath?: string;
}) {
try {
await withProgress(
const result = await withProgress(
{
label: "Checking gateway status...",
indeterminate: true,
enabled: opts.json !== true,
},
async () =>
await callGateway({
async () => {
if (opts.requireRpc) {
const { callGateway } = await import("../../gateway/call.js");
await callGateway({
url: opts.url,
token: opts.token,
password: opts.password,
tlsFingerprint: opts.tlsFingerprint,
method: "status",
timeoutMs: opts.timeoutMs,
...(opts.configPath ? { configPath: opts.configPath } : {}),
});
return { ok: true } as const;
}
const { probeGateway } = await import("../../gateway/probe.js");
return await probeGateway({
url: opts.url,
token: opts.token,
password: opts.password,
auth: {
token: opts.token,
password: opts.password,
},
tlsFingerprint: opts.tlsFingerprint,
method: "status",
timeoutMs: opts.timeoutMs,
clientName: GATEWAY_CLIENT_NAMES.CLI,
mode: GATEWAY_CLIENT_MODES.CLI,
...(opts.configPath ? { configPath: opts.configPath } : {}),
}),
includeDetails: false,
});
},
);
return { ok: true } as const;
if (result.ok) {
return { ok: true } as const;
}
const closeHint = result.close
? `gateway closed (${result.close.code}): ${result.close.reason}`
: null;
return {
ok: false,
error: result.error ?? closeHint ?? "gateway probe failed",
} as const;
} catch (err) {
return {
ok: false,

16
src/cli/daemon-cli/status.gather.test.ts
View File

@@ -196,6 +196,22 @@ describe("gatherDaemonStatus", () => {
expect(status.rpc?.ok).toBe(true);
});
it("forwards requireRpc and configPath to the daemon probe", async () => {
await gatherDaemonStatus({
rpc: {},
probe: true,
requireRpc: true,
deep: false,
});
expect(callGatewayStatusProbe).toHaveBeenCalledWith(
expect.objectContaining({
requireRpc: true,
configPath: "/tmp/openclaw-daemon/openclaw.json",
}),
);
});
it("does not force local TLS fingerprint when probe URL is explicitly overridden", async () => {
const status = await gatherDaemonStatus({
rpc: { url: "wss://override.example:18790" },

2
src/cli/daemon-cli/status.gather.ts
View File

@@ -284,6 +284,7 @@ export async function gatherDaemonStatus(
opts: {
rpc: GatewayRpcOpts;
probe: boolean;
requireRpc?: boolean;
deep?: boolean;
} & FindExtraGatewayServicesOptions,
): Promise<DaemonStatus> {
@@ -369,6 +370,7 @@ export async function gatherDaemonStatus(
: undefined,
timeoutMs,
json: opts.rpc.json,
requireRpc: opts.requireRpc,
configPath: daemonConfigSummary.path,
})
: undefined;

16
src/cli/daemon-cli/status.test.ts
View File

@@ -76,6 +76,22 @@ describe("runDaemonStatus", () => {
expect(printDaemonStatus).toHaveBeenCalledTimes(1);
});
it("forwards require-rpc to daemon status gathering", async () => {
await runDaemonStatus({
rpc: {},
probe: true,
requireRpc: true,
json: false,
});
expect(gatherDaemonStatus).toHaveBeenCalledWith({
rpc: {},
probe: true,
requireRpc: true,
deep: false,
});
});
it("rejects require-rpc when probing is disabled", async () => {
await expect(
runDaemonStatus({

1
src/cli/daemon-cli/status.ts
View File

@@ -14,6 +14,7 @@ export async function runDaemonStatus(opts: DaemonStatusOptions) {
const status = await gatherDaemonStatus({
rpc: opts.rpc,
probe: Boolean(opts.probe),
requireRpc: Boolean(opts.requireRpc),
deep: Boolean(opts.deep),
});
printDaemonStatus(status, { json: Boolean(opts.json) });