fix(messaging): resolve the Discord per-account proxy so the gateway WebSocket connects#5248
Merged
cv merged 4 commits intoJun 13, 2026
Conversation
Contributor
📝 WalkthroughWalkthroughThis PR makes discordProxyUrl resolve to an HTTP proxy URL derived from environment variables (NEMOCLAW_PROXY_HOST / NEMOCLAW_PROXY_PORT) with default host/port fallbacks, and updates tests and config-generator expectations to assert the Discord account-level proxy is populated. ChangesDiscord Proxy URL Implementation
Estimated code review effort🎯 3 (Moderate) | ⏱️ ~20 minutes Poem
🚥 Pre-merge checks | ✅ 4 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (4 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Comment |
…connects
channels.discord.accounts.default.proxy is rendered from {{discordProxyUrl}},
but the Discord template-resolver resolved that reference to undefined, so the
Discord account was emitted with no proxy. The Discord gateway client honors
only the per-account proxy (it ignores the managed env proxy), so the gateway
WebSocket could not egress the deny-by-default sandbox network namespace: the
bot sent via the Discord REST API but never established the gateway socket and
received zero inbound events.
Resolve discordProxyUrl to the sandbox proxy URL (NEMOCLAW_PROXY_HOST/PORT,
default http://10.200.0.1:3128), mirroring how the telegram resolver resolves
its proxyUrl. Telegram already routed its per-account proxy this way; Discord
was the lone gap.
Closes NVIDIA#5075
Signed-off-by: latenighthackathon <latenighthackathon@users.noreply.github.com>
latenighthackathon
force-pushed
the
fix/discord-proxy-template-resolver
branch
from
54265be to
0b51186
Compare
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
Caution
Some comments are outside the diff and can’t be posted inline due to platform limitations.
⚠️ Outside diff range comments (1)
test/generate-openclaw-config.test.ts (1)
661-671:⚠️ Potential issue | 🟡 MinorRemove/rename
NEMOCLAW_DISCORD_PROXY_PORTin the OpenShell loopback proxy test
NEMOCLAW_DISCORD_PROXY_PORTis only set intest/generate-openclaw-config.test.tsand is not read by the Discord proxy resolver (src/lib/messaging/channels/discord/template-resolver.tsuses onlyNEMOCLAW_PROXY_HOST/NEMOCLAW_PROXY_PORT).- If the intent is to ensure
OPENSHELL_LOOPBACK_PROXY_URLdoesn’t affect the managed proxy, dropNEMOCLAW_DISCORD_PROXY_PORTor replace it withNEMOCLAW_PROXY_PORT(orNEMOCLAW_PROXY_HOST) as the negative control.🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@test/generate-openclaw-config.test.ts` around lines 661 - 671, The test sets NEMOCLAW_DISCORD_PROXY_PORT which is not used by the Discord proxy resolver; update the test (the runConfigScript call in the spec) to remove NEMOCLAW_DISCORD_PROXY_PORT or replace it with the real control env var NEMOCLAW_PROXY_PORT (and/or NEMOCLAW_PROXY_HOST) so the negative-control assertion verifies that OPENSHELL_LOOPBACK_PROXY_URL is ignored; ensure the test still asserts config.proxy.proxyUrl and config.channels.discord.accounts.default.proxy remain the managed proxy value and reference the resolver logic in src/lib/messaging/channels/discord/template-resolver.ts to match expected env names.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Outside diff comments:
In `@test/generate-openclaw-config.test.ts`:
- Around line 661-671: The test sets NEMOCLAW_DISCORD_PROXY_PORT which is not
used by the Discord proxy resolver; update the test (the runConfigScript call in
the spec) to remove NEMOCLAW_DISCORD_PROXY_PORT or replace it with the real
control env var NEMOCLAW_PROXY_PORT (and/or NEMOCLAW_PROXY_HOST) so the
negative-control assertion verifies that OPENSHELL_LOOPBACK_PROXY_URL is
ignored; ensure the test still asserts config.proxy.proxyUrl and
config.channels.discord.accounts.default.proxy remain the managed proxy value
and reference the resolver logic in
src/lib/messaging/channels/discord/template-resolver.ts to match expected env
names.
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Enterprise
Run ID: 299d4b31-65ac-4b6f-b762-31fd09da5735
📒 Files selected for processing (3)
src/lib/messaging/channels/discord/template-resolver.tstest/discord-template-resolver-proxy.test.tstest/generate-openclaw-config.test.ts
🚧 Files skipped from review as they are similar to previous changes (1)
- src/lib/messaging/channels/discord/template-resolver.ts
wscurran
added
area: messaging
Contributor
|
✨ Related open issues: |
cv
approved these changes
Jun 13, 2026
12 tasks
cv
pushed a commit
that referenced
this pull request
Jun 13, 2026
## Summary Updates the messaging providers E2E M9b assertion so Discord now expects `channels.discord.accounts.default.proxy` to match the sandbox proxy while the top-level managed proxy remains configured. This aligns the test with the Discord proxy behavior restored by PR #5248 for issue #5075. ## Changes - Updated `test/e2e/test-messaging-providers.sh` M9b comments and pass/fail messages to describe per-account Discord proxy routing. - Changed the M9b assertion to require both `account.proxy` and `proxy.proxyUrl` to equal the expected sandbox proxy URL. - Reviewed `docs/` and found no user-facing docs update needed because this is a stale E2E expectation change with no product behavior change. ## Type of Change - [x] Code change (feature, bug fix, or refactor) - [ ] Code change with doc updates - [ ] Doc only (prose changes, no code sample modifications) - [ ] Doc only (includes code sample changes) ## Verification - [ ] `npx prek run --all-files` passes - [ ] `npm test` passes - [x] Tests added or updated for new or changed behavior - [x] No secrets, API keys, or credentials committed - [ ] Docs updated for user-facing behavior changes - [ ] `npm run docs` builds without warnings (doc changes only) - [ ] Doc pages follow the [style guide](https://github.com/NVIDIA/NemoClaw/blob/main/docs/CONTRIBUTING.md) (doc changes only) - [ ] New doc pages include SPDX header and frontmatter (new pages only) Additional verification: - `bash -n test/e2e/test-messaging-providers.sh` passed. - `shellcheck test/e2e/test-messaging-providers.sh` passed. - `npx prek run --files test/e2e/test-messaging-providers.sh` passed. - `npx vitest run --project cli test/discord-template-resolver-proxy.test.ts test/generate-openclaw-config.test.ts` passed. - Docs review completed: no docs changes needed. - Full `npx prek run --all-files` and `npm test` were attempted and fail in unrelated existing suites outside this change. --- Signed-off-by: San Dang <sdang@nvidia.com> <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Tests** * Updated Discord proxy configuration validation in end-to-end tests to reflect current proxy-wiring expectations during configuration patching. <!-- end of auto-generated comment: release notes by coderabbit.ai --> Signed-off-by: San Dang <sdang@nvidia.com>
13 tasks
cv
pushed a commit
that referenced
this pull request
Jun 17, 2026
## Summary Refreshes release-prep documentation for NemoClaw v0.0.65. Adds the v0.0.65 release-notes section and refreshes generated `nemoclaw-user-*` skills from the Fern MDX source docs. ## Changes - Added the v0.0.65 release notes to `docs/about/release-notes.mdx` with links to the deeper docs pages for lifecycle, troubleshooting, inference, CLI commands, messaging, credentials, network policy, Hermes, and sub-agents. - Regenerated the `nemoclaw-user-*` skills with `scripts/docs-to-skills.py` so release-prep skill output matches the merged source docs. - Used the v0.0.65 announcement discussion as release context: #5472. ## Source Summary - #2492 -> `docs/about/release-notes.mdx`: Documents deadline-based gateway wait reliability in the v0.0.65 recovery summary. - #4958 -> `docs/about/release-notes.mdx`: Documents re-execed OpenClaw gateway health check recovery in the sandbox recovery summary. - #5163 -> `docs/about/release-notes.mdx`: Documents safer uninstall TTY confirmation behavior in the day-two CLI summary. - #5178 -> `docs/about/release-notes.mdx`: Documents fail-closed config restore merge behavior in the rebuild and restore summary. - #5179 -> `docs/about/release-notes.mdx`: Documents WeChat QR token redaction in the messaging summary. - #5182 -> `docs/about/release-notes.mdx`: Documents sustained gateway serving checks in the recovery summary. - #5194 -> `docs/about/release-notes.mdx`: Documents model-router teardown during uninstall in the day-two CLI summary. - #5195 -> `docs/about/release-notes.mdx`: Documents Shields auto-restore lock reconfirmation in the rebuild and restore summary. - #5198 -> `docs/about/release-notes.mdx`: Documents Docker Desktop WSL CDI injection failure handling in the onboarding diagnostics summary. - #5201 -> `docs/about/release-notes.mdx`: Documents sandbox download/upload wrappers and sessions export in the day-two CLI summary. - #5205 -> `docs/about/release-notes.mdx`: Documents reporter-owned model metadata preservation in the rebuild and restore summary. - #5214 -> `docs/about/release-notes.mdx`: Documents managed vLLM model preflight before side effects in the inference setup summary. - #5215 -> `docs/about/release-notes.mdx`: Documents managed vLLM extra serve arguments in the inference setup summary. - #5216 -> `docs/about/release-notes.mdx`: Documents silent OpenClaw runtime fallback surfacing in the onboarding diagnostics summary. - #5225 -> `docs/about/release-notes.mdx`: Documents persisted sandbox gateway lookup in the gateway recovery summary. - #5238 -> `docs/about/release-notes.mdx`: Documents sub-agent gateway dial-back through the sandbox interface in the Hermes and sub-agent summary. - #5248 -> `docs/about/release-notes.mdx`: Documents Discord per-account proxy resolution in the messaging summary. - #5264 -> `docs/about/release-notes.mdx`: Documents reserved Hermes port `8642` handling in the Hermes compatibility summary. - #5267 -> `docs/about/release-notes.mdx`: Documents the narrower Hermes baseline policy in the Hermes compatibility summary. - #5321 -> `docs/about/release-notes.mdx`: Documents restored gateway guard chains in the gateway recovery summary. - #5328 -> `docs/about/release-notes.mdx`: Documents compact persisted messaging plans in the messaging summary. - #5338 -> `docs/about/release-notes.mdx`: Documents manifest channel migration in the messaging summary. - #5352 -> `docs/about/release-notes.mdx`: Documents persisted agent preservation through registry recovery in the rebuild and restore summary. - #5371 -> `.agents/skills/nemoclaw-user-reference/references/commands.md`: Refreshes generated skill output for custom build cache and layer-ordering source docs. - #5379 -> `docs/about/release-notes.mdx`: Documents dashboard port allocation across multiple NemoClaw gateways in the recovery summary. - #5382 -> `docs/about/release-notes.mdx`: Documents recovery when an active gateway has no sandbox spec in the recovery summary. - #5389 -> `.agents/skills/nemoclaw-user-reference/references/troubleshooting.md`: Refreshes generated skill output for declared agent `forward_ports` recovery source docs. - #5400 -> `docs/about/release-notes.mdx`: Documents bounded compatible endpoint probes in the inference setup summary. - #5410 -> `docs/about/release-notes.mdx`: Documents provider credential hash removal from sandbox registry entries in the messaging summary. - #5418 -> `docs/about/release-notes.mdx`: Documents summarized inference validation failures in the onboarding diagnostics summary. - #5457 -> `docs/about/release-notes.mdx`: Documents context-window recomputation after runtime model switches in the inference setup summary. - #5463 -> `docs/about/release-notes.mdx`: Documents cleanup of hard-coded messaging channel stragglers in the messaging summary. ## Skipped - #5366 matched `docs/.docs-skip` entries through skipped experimental paths, so this PR does not add new release-note text for that commit. ## Type of Change - [ ] Code change (feature, bug fix, or refactor) - [ ] Code change with doc updates - [ ] Doc only (prose changes, no code sample modifications) - [x] Doc only (includes code sample changes) ## Verification - [x] Git hooks passed during commit and push, or `npx prek run --from-ref main --to-ref HEAD` passes - [ ] Targeted tests pass for changed behavior - [ ] Full `npm test` passes (broad runtime changes only) - [ ] Tests added or updated for new or changed behavior - [x] No secrets, API keys, or credentials committed - [x] Docs updated for user-facing behavior changes - [ ] `npm run docs` builds without warnings (doc changes only) - [x] Doc pages follow the [style guide](https://github.com/NVIDIA/NemoClaw/blob/main/docs/CONTRIBUTING.md) (doc changes only) - [ ] New doc pages include SPDX header and frontmatter (new pages only) Verification notes: - `npm run docs` passed after rerunning outside the sandbox. Fern reported 0 errors and 1 hidden warning. - The first sandboxed `npm run docs` attempt failed before validation because `tsx` could not create its local IPC pipe under sandbox restrictions. - `npm run build:cli` passed before push to refresh the local `dist/` artifacts used by the CLI typecheck hook. - `npm test` was not run because this is a docs-only release refresh. --- Signed-off-by: Miyoung Choi <miyoungc@nvidia.com> <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Released NemoClaw v0.0.65 with improved gateway/sandbox recovery, safer day-two workflows, and enhanced Hermes compatibility. * Added managed vLLM extra-arguments configuration via `NEMOCLAW_VLLM_EXTRA_ARGS_JSON`. * Added Hermes troubleshooting guidance for port forwarding and health checks. * **Documentation** * Updated NVIDIA Endpoints/NIM setup and examples to use `NVIDIA_INFERENCE_API_KEY`. * Refined NVIDIA network policy and Model Router API base configuration. * Expanded CLI/environment variable documentation (including sub-agent gateway connectivity) and plugin build performance tips. * **Tests** * Expanded Vitest-backed E2E release validation coverage. <!-- end of auto-generated comment: release notes by coderabbit.ai -->
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
A sandbox with the Discord channel comes up degraded: the bot sends via the Discord REST API but never establishes the gateway WebSocket, so it receives zero inbound events. This is the regression tracked in #5075 (originally #3894).
channels.discord.accounts.default.proxyis rendered from the{{discordProxyUrl}}template, butsrc/lib/messaging/channels/discord/template-resolver.tsresolved that reference toundefined, so the Discord account was emitted with no proxy. The Discord gateway client honors only the per-account proxy (it ignores the managed env proxy), so the gateway WebSocket cannot egress the deny-by-default sandbox network namespace.Telegram's resolver already resolves its
proxyUrlto the sandbox proxy; Discord was the lone gap.Related Issue
Closes #5075.
Changes
src/lib/messaging/channels/discord/template-resolver.ts: resolvediscordProxyUrlto the sandbox proxy URL (NEMOCLAW_PROXY_HOST/NEMOCLAW_PROXY_PORT, defaulthttp://10.200.0.1:3128) instead ofundefined, mirroring the telegram resolver.test/discord-template-resolver-proxy.test.ts: assertdiscordProxyUrlresolves to the default proxy and honors host/port overrides.Type of Change
Verification
npx vitest run --project cli test/discord-template-resolver-proxy.test.ts test/messaging-build-applier.test.ts— 18/18 passnpm run typecheck:cliandnpm run build:cli— cleanSigned-off-by: latenighthackathon latenighthackathon@users.noreply.github.com
Summary by CodeRabbit
New Features
Bug Fixes
Tests