perf(onboard): add deadline-based gateway wait

[HOYALIM]

Summary

Adds a reusable deadline-based wait primitive and applies it to gateway startup health polling as a scoped first step for #2001.
The rebased implementation keeps the existing health-poll environment knobs compatible and preserves the dual readiness gate: OpenShell metadata must be healthy and the host HTTP endpoint must be serving.

Related Issue

Refs #2001.

Changes

• Extend src/lib/core/wait.ts with waitUntil(...), waitUntilAsync(...), absolute deadlines, configurable backoff, injectable clock/sleeper hooks, and optional attempt caps.
• Extract gateway startup health polling into src/lib/onboard/gateway-health-wait.ts, keeping src/lib/onboard.ts net smaller for the growth guardrail.
• Preserve NEMOCLAW_HEALTH_POLL_COUNT and NEMOCLAW_HEALTH_POLL_INTERVAL behavior by using fixed intervals and maxAttempts; per-probe shell/HTTP runtime is not consumed by a startup deadline.
• Add deterministic coverage for the wait primitive and direct regression coverage for waitForGatewayHealth(...) call ordering, metadata repair refresh, dual readiness, attempt limits, final-attempt sleep behavior, and zero-attempt behavior.

Type of Change

• Code change (feature, bug fix, or refactor)
• Code change with doc updates
• Doc only (prose changes, no code sample modifications)
• Doc only (includes code sample changes)

Verification

• npx prek run --all-files passes via make check
• npm test passes
• Tests added or updated for new or changed behavior
• No secrets, API keys, or credentials committed
• Docs updated for user-facing behavior changes
• make docs builds without warnings (doc changes only)
• Doc pages follow the style guide (doc changes only)
• New doc pages include SPDX header and frontmatter (new pages only)

Additional validation run locally:

• npm run build:cli passes
• npm run typecheck:cli passes
• npx vitest run src/lib/onboard/gateway-health-wait.test.ts test/wait.test.ts passes
• make check passes

Notes:

• This intentionally avoids the larger perf: investigate and reduce networking latency during onboard and validation #2001 follow-up areas: adaptive network calibration, curl connection reuse, and onboard orchestration parallelism.
• This should not auto-close perf: investigate and reduce networking latency during onboard and validation #2001 or perf(onboard): replace remaining fixed readiness polls with deadline-based waits #3768; it remains a foundation step for the broader onboard latency work.

AI Disclosure

• AI-assisted — tool: OpenAI Codex

---

Signed-off-by: Ho Lim subhoya@gmail.com

Summary by CodeRabbit

• Refactor

  • Gateway health polling mechanism during startup refactored from manual loop-based approach to a retry-driven method with configurable timing intervals, exponential backoff strategy, and maximum attempt limits.

• Tests

  • Significantly expanded test coverage for retry and polling behavior, including deadline handling, exponential backoff behavior, maximum attempt limits, and various edge cases.

• Chores

  • Updated test environment configuration for token rotation integration tests.

[copy-pr-bot]

This pull request requires additional validation before any workflows can run on NVIDIA's runners.

Pull request vetters can view their responsibilities here.

Contributors can view more details about this message here.

[coderabbitai]

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

• @coderabbitai resume to resume automatic reviews.
• @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

• ▶️ Resume reviews
• 🔍 Trigger review

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: ca593f2e-4391-4a69-b518-ab24d95b9395

📥 Commits

Reviewing files that changed from the base of the PR and between 38350a1 and ff86b84.

📒 Files selected for processing (1)

• .github/workflows/nightly-e2e.yaml

💤 Files with no reviewable changes (1)

• .github/workflows/nightly-e2e.yaml

---

📝 Walkthrough

Walkthrough

Gateway health polling during onboard transitions from a manual for/sleep loop to a waitUntil-driven retry mechanism with consistent millisecond-based timing. Test coverage for the wait utility expands from sleep functions to comprehensive waitUntil scenarios. Discord token fixtures in the CI workflow are simplified.

Changes

Polling refactor and test expansion

Layer / File(s)	Summary
Gateway health polling refactor src/lib/onboard.ts	startGatewayWithOptions replaces the manual polling loop with waitUntil, performing per-attempt bootstrap repair, metadata attachment, re-selection, and health probing (via status, gateway info -g, gateway info) until isGatewayHealthy() returns true. Timing converts to milliseconds with initialIntervalMs/maxIntervalMs matching the converted healthPollInterval, backoffFactor: 1, and maxAttempts: healthPollCount. A high deadlineMs prevents slow commands from truncating attempts. Falls through to throw Error("Gateway failed to start") if health is unreached.
Wait utility test expansion test/wait.test.ts	Test suite extends from covering sleepMs/sleepSeconds to validating waitUntil behavior, including immediate success, immediate failure on expired deadline, TypeError on non-finite deadline without attempt cap, repeated polling with exact sleep interval verification, deadline-based truncation with final short sleep, exponential backoff sequence accuracy, termination via maxAttempts with and without zero-length intervals, and deadline-constrained unbounded retry progress.
Discord token fixture update .github/workflows/nightly-e2e.yaml	token-rotation-e2e job environment variables for fake Discord tokens (DISCORD_BOT_TOKEN_A, DISCORD_BOT_TOKEN_B) are changed to simplified strings (discord-a, discord-b).

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Possibly related PRs

• NVIDIA/NemoClaw#5119: Both PRs tie to startGatewayWithOptions's health-polling/probing flow: the main PR refactors the health-poll retry loop in src/lib/onboard.ts (now via waitUntil), while the retrieved PR adds/updates tests to assert the Docker-unreachable path exits before any health polling/status/gateway-info probes run.

Suggested reviewers

• cv
• ericksoa

Poem

🐰 From loops of sleep and counting tries,
The gateway now retries more wise,
With waitUntil and zero back,
We polish timeouts off the track.
Discord tokens simplified—
A rabbit's test-run satisfied! ✨

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Out of Scope Changes check	⚠️ Warning	The Discord token environment variable changes in nightly-e2e.yaml appear unrelated to the deadline-based wait implementation or issue #2001 objectives.	Clarify whether the Discord token changes are necessary for this PR or should be separated into a distinct pull request focused on test environment configuration.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately summarizes the main change: introducing a deadline-based gateway wait mechanism to improve onboard performance.
Linked Issues check	✅ Passed	The PR implements foundational deadline-based wait primitives that address Phase 2 optimization goals (replace sleeps with event-driven waits) from issue #2001, specifically applied to gateway health polling.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[Copilot]

Pull request overview

This PR introduces a reusable, synchronous, deadline-based polling helper and applies it to the gateway startup health wait loop as part of the onboard latency work (refs #2001), while aiming to preserve existing health poll env knob behavior.

Changes:

• Added waitUntil(...) to src/lib/wait.ts with deadline, backoff, injectable clock/sleeper hooks, and optional attempt cap.
• Replaced the gateway startup health polling loop in src/lib/onboard.ts with the new waitUntil(...) helper.
• Expanded test/wait.test.ts with focused unit tests for waitUntil(...) behavior (immediate success, retries, deadline, backoff, and attempt caps).

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 2 comments.

File	Description
test/wait.test.ts	Adds unit coverage for the new waitUntil(...) helper.
src/lib/wait.ts	Introduces the waitUntil(...) synchronous polling primitive and options.
src/lib/onboard.ts	Switches gateway health polling to use waitUntil(...) with existing poll count/interval inputs.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (1)

test/wait.test.ts (1)

42-172: Add a contract test for invalid deadlineMs.

Please add a test that asserts waitUntil throws TypeError for non-finite deadlineMs (e.g., NaN), so the input validation path is locked in.

✅ Suggested test

+  it("waitUntil throws when deadlineMs is non-finite", () => {
+    expect(() =>
+      waitUntil(() => false, {
+        deadlineMs: Number.NaN,
+      }),
+    ).toThrow(TypeError);
+  });

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@test/wait.test.ts` around lines 42 - 172, Add a new test in wait.test.ts
using the existing waitUntil harness that verifies passing a non-finite
deadlineMs (e.g., NaN) causes waitUntil to throw a TypeError: call waitUntil
with a simple predicate and options including deadlineMs: NaN plus the same now
and sleep mocks used in other tests, and assert with expect(() =>
waitUntil(...)).toThrow(TypeError) so the input validation path for deadlineMs
is locked in.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@src/lib/onboard.ts`:
- Around line 3512-3541: The deadline calculation (healthDeadlineMs) only
accounts for sleep budget and can expire while each waitUntil attempt runs
multiple shell-outs (repairGatewayBootstrapSecrets, runCaptureOpenshell,
isGatewayHealthy), shortening the effective retry window; fix by extending or
removing the deadline: either compute healthDeadlineMs to also include an
allowance for per-attempt probe runtime (e.g., add healthPollCount *
probeTimeoutMs or add a conservative maxProbeRuntimeMs) so the deadline >= total
sleep budget + total probe runtime, or omit deadlineMs from the waitUntil call
to rely solely on maxAttempts/healthPollCount; update the healthDeadlineMs
computation or the waitUntil invocation accordingly (references:
healthPollIntervalMs, healthDeadlineMs, healthPollCount, waitUntil,
repairGatewayBootstrapSecrets, runCaptureOpenshell, isGatewayHealthy).

In `@src/lib/wait.ts`:
- Around line 98-99: The loop can hot-spin when intervalMs (or maxIntervalMs) is
0 and maxAttempts is unbounded; change the sleeper call and interval update to
enforce a minimum non-zero sleep (e.g., MIN_SLEEP_MS = 1) so you never call
sleeper(0). Specifically, in the block using sleeper(Math.min(intervalMs,
deadlineMs - currentMs)) and intervalMs = Math.min(maxIntervalMs, intervalMs *
backoffFactor), clamp the sleep duration with Math.max(MIN_SLEEP_MS, ...) and
ensure intervalMs is also floored to at least MIN_SLEEP_MS after applying
backoff so the loop yields CPU even when initialIntervalMs/maxIntervalMs are
zero (references: sleeper, intervalMs, maxIntervalMs, backoffFactor, deadlineMs,
currentMs).

---

Nitpick comments:
In `@test/wait.test.ts`:
- Around line 42-172: Add a new test in wait.test.ts using the existing
waitUntil harness that verifies passing a non-finite deadlineMs (e.g., NaN)
causes waitUntil to throw a TypeError: call waitUntil with a simple predicate
and options including deadlineMs: NaN plus the same now and sleep mocks used in
other tests, and assert with expect(() => waitUntil(...)).toThrow(TypeError) so
the input validation path for deadlineMs is locked in.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: 88a34e7e-6332-4895-82d8-e2cfc9f03551

📥 Commits

Reviewing files that changed from the base of the PR and between 1f615e2 and 2b8bc08.

📒 Files selected for processing (3)

• src/lib/onboard.ts
• src/lib/wait.ts
• test/wait.test.ts

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@src/lib/wait.ts`:
- Around line 94-108: The loop currently calls condition() even after the
deadline guard because the deadline check (using now() and deadlineMs) comes
after condition(); move the deadline/time check so it runs before invoking
condition() (and keep the existing attempts checks), ensuring you check
Number.isFinite(currentMs) and currentMs >= deadlineMs prior to calling
condition() to avoid the extra probe; update the loop in src/lib/wait.ts
(references: attempts, maxAttempts, deadlineMs, now(), condition()) accordingly.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: d13eeb32-c6e5-4ffb-bbea-dae420740d03

📥 Commits

Reviewing files that changed from the base of the PR and between 49316b4 and 26b594e.

📒 Files selected for processing (2)

• src/lib/wait.ts
• test/wait.test.ts

[coderabbitai]

♻️ Duplicate comments (1)

src/lib/wait.ts (1)

93-109: ⚠️ Potential issue | 🟠 Major

Honor an already-expired deadline before the first probe.

Line 95 only checks the deadline after at least one attempt, so condition() on Line 107 still runs once when deadlineMs <= now() at entry. For callers using this to drive real health probes, that is still one probe past the requested budget. Please move the deadline guard out of the attempts > 0 branch and add a regression test for an already-expired deadline.

Suggested fix

   let attempts = 0;
   for (;;) {
-    if (attempts > 0) {
-      const currentMs = now();
-      if (!Number.isFinite(currentMs) || currentMs >= deadlineMs) {
-        return false;
-      }
+    const currentMs = now();
+    if (!Number.isFinite(currentMs) || currentMs >= deadlineMs) {
+      return false;
     }
 
     if (attempts >= maxAttempts) {
       return false;
     }

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@src/lib/wait.ts` around lines 93 - 109, The loop currently only checks the
deadline after the first probe (gated by attempts > 0), so move the deadline
guard to run on every iteration before invoking condition(): call const
currentMs = now(); if (!Number.isFinite(currentMs) || currentMs >= deadlineMs)
return false; (remove the attempts > 0 gate) so an already-expired deadline
causes an immediate false; also add a regression test that sets deadlineMs <=
now() and asserts the wait function returns false (and that condition() is not
invoked) to prevent regressions; refer to symbols attempts, now(), deadlineMs,
condition(), and maxAttempts when making changes.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Duplicate comments:
In `@src/lib/wait.ts`:
- Around line 93-109: The loop currently only checks the deadline after the
first probe (gated by attempts > 0), so move the deadline guard to run on every
iteration before invoking condition(): call const currentMs = now(); if
(!Number.isFinite(currentMs) || currentMs >= deadlineMs) return false; (remove
the attempts > 0 gate) so an already-expired deadline causes an immediate false;
also add a regression test that sets deadlineMs <= now() and asserts the wait
function returns false (and that condition() is not invoked) to prevent
regressions; refer to symbols attempts, now(), deadlineMs, condition(), and
maxAttempts when making changes.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: ab7479bd-599b-456e-8318-8c5f61cdf8fa

📥 Commits

Reviewing files that changed from the base of the PR and between 26b594e and 38350a1.

📒 Files selected for processing (2)

• src/lib/wait.ts
• test/wait.test.ts

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@src/lib/wait.ts`:
- Around line 95-116: The code uses currentMs captured before calling
condition(), which can be stale if condition() is slow; update the timestamp
after the condition() call and before computing remainingMs/sleepDurationMs so
the sleep budget respects deadlineMs and avoids sleeping past the deadline; in
the wait function recompute currentMs = now() (or equivalent) after condition()
returns and use that value to derive remainingMs, requestedSleepMs and to clamp
sleeper(...) (referencing currentMs, now(), deadlineMs, condition(),
remainingMs, requestedSleepMs, MIN_UNCAPPED_SLEEP_MS, hasAttemptCap, and
sleeper).

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: 3b8e8326-56d6-4585-bb6e-fa32ebce51cf

📥 Commits

Reviewing files that changed from the base of the PR and between 38350a1 and 44901e0.

📒 Files selected for processing (2)

• src/lib/wait.ts
• test/wait.test.ts

[wscurran]

✨ Thanks for submitting this pull request that proposes a way to improve the performance of NemoClaw's onboard process by introducing a deadline-based wait primitive.

---

Related open issues:

• #2001 perf: investigate and reduce networking latency during onboard and validation

[wscurran]

Sprint 5 planning update: we’re organizing this PR as the foundation PR for #3768, with #2001 remaining the umbrella tracker.

Relationship:

• perf: investigate and reduce networking latency during onboard and validation #2001 = parent performance/onboard latency program
• perf(onboard): replace remaining fixed readiness polls with deadline-based waits #3768 = direct Sprint 5 child issue for replacing remaining fixed readiness polls with deadline-based waits
• perf(onboard): add deadline-based gateway wait #2492 = first scoped implementation step, applying the deadline-based wait primitive to gateway startup health polling

This PR should be tracked for Sprint 5 review, but it should not auto-close #3768 or #2001 when merged. If it lands, #3768 should remain open for the remaining readiness paths called out there.

[cv]

@coderabbitai review

[coderabbitai]

✅ Action performed

Review finished.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.