fix: avoid doctor token regeneration on invalid repairs
This commit is contained in:
Peter Steinberger
@@ -8,6 +8,7 @@ Docs: https://docs.openclaw.ai
|
||||
|
||||
### Fixes
|
||||
|
||||
- Commands/Doctor: avoid rewriting invalid configs with new `gateway.auth.token` defaults during repair and only write when real config changes are detected, preventing accidental token duplication and backup churn.
|
||||
- Sandbox/Registry: serialize container and browser registry writes with shared file locks and atomic replacement to prevent lost updates and delete rollback races from desyncing `sandbox list`, `prune`, and `recreate --all`. Thanks @kexinoh.
|
||||
|
||||
## 2026.2.17
|
||||
|
||||
@@ -1,12 +1,13 @@
|
||||
import type { ZodIssue } from "zod";
|
||||
import fs from "node:fs/promises";
|
||||
import path from "node:path";
|
||||
import type { ZodIssue } from "zod";
|
||||
import type { OpenClawConfig } from "../config/config.js";
|
||||
import type { DoctorOptions } from "./doctor-prompter.js";
|
||||
import {
|
||||
isNumericTelegramUserId,
|
||||
normalizeTelegramAllowFromEntry,
|
||||
} from "../channels/telegram/allow-from.js";
|
||||
import { formatCliCommand } from "../cli/command-format.js";
|
||||
import type { OpenClawConfig } from "../config/config.js";
|
||||
import {
|
||||
OpenClawSchema,
|
||||
CONFIG_PATH,
|
||||
@@ -18,7 +19,6 @@ import { listTelegramAccountIds, resolveTelegramAccount } from "../telegram/acco
|
||||
import { note } from "../terminal/note.js";
|
||||
import { isRecord, resolveHomeDir } from "../utils.js";
|
||||
import { normalizeLegacyConfigValues } from "./doctor-legacy-config.js";
|
||||
import type { DoctorOptions } from "./doctor-prompter.js";
|
||||
import { autoMigrateLegacyStateDir } from "./doctor-state-migrations.js";
|
||||
|
||||
type UnrecognizedKeysIssue = ZodIssue & {
|
||||
@@ -927,5 +927,10 @@ export async function loadAndMaybeMigrateDoctorConfig(params: {
|
||||
|
||||
noteOpencodeProviderOverrides(cfg);
|
||||
|
||||
return { cfg, path: snapshot.path ?? CONFIG_PATH, shouldWriteConfig };
|
||||
return {
|
||||
cfg,
|
||||
path: snapshot.path ?? CONFIG_PATH,
|
||||
shouldWriteConfig,
|
||||
sourceConfigValid: snapshot.valid,
|
||||
};
|
||||
}
|
||||
|
||||
@@ -42,6 +42,44 @@ describe("doctor command", () => {
|
||||
expect(written.routing).toBeUndefined();
|
||||
});
|
||||
|
||||
it("does not add a new gateway auth token while fixing legacy issues on invalid config", async () => {
|
||||
mockDoctorConfigSnapshot({
|
||||
config: {
|
||||
routing: { allowFrom: ["+15555550123"] },
|
||||
gateway: { remote: { token: "legacy-remote-token" } },
|
||||
},
|
||||
parsed: {
|
||||
routing: { allowFrom: ["+15555550123"] },
|
||||
gateway: { remote: { token: "legacy-remote-token" } },
|
||||
},
|
||||
valid: false,
|
||||
issues: [{ path: "routing.allowFrom", message: "legacy" }],
|
||||
legacyIssues: [{ path: "routing.allowFrom", message: "legacy" }],
|
||||
});
|
||||
|
||||
const { doctorCommand } = await import("./doctor.js");
|
||||
const runtime = createDoctorRuntime();
|
||||
|
||||
migrateLegacyConfig.mockReturnValue({
|
||||
config: {
|
||||
channels: { whatsapp: { allowFrom: ["+15555550123"] } },
|
||||
gateway: { remote: { token: "legacy-remote-token" } },
|
||||
},
|
||||
changes: ["Moved routing.allowFrom → channels.whatsapp.allowFrom."],
|
||||
});
|
||||
|
||||
await doctorCommand(runtime, { repair: true });
|
||||
|
||||
expect(writeConfigFile).toHaveBeenCalledTimes(1);
|
||||
const written = writeConfigFile.mock.calls[0]?.[0] as Record<string, unknown>;
|
||||
const gateway = (written.gateway as Record<string, unknown>) ?? {};
|
||||
const auth = gateway.auth as Record<string, unknown> | undefined;
|
||||
const remote = gateway.remote as Record<string, unknown>;
|
||||
|
||||
expect(remote.token).toBe("legacy-remote-token");
|
||||
expect(auth).toBeUndefined();
|
||||
});
|
||||
|
||||
it("skips legacy gateway services migration", { timeout: 60_000 }, async () => {
|
||||
mockDoctorConfigSnapshot();
|
||||
|
||||
|
||||
@@ -1,5 +1,7 @@
|
||||
import fs from "node:fs";
|
||||
import { intro as clackIntro, outro as clackOutro } from "@clack/prompts";
|
||||
import fs from "node:fs";
|
||||
import type { OpenClawConfig } from "../config/config.js";
|
||||
import type { RuntimeEnv } from "../runtime.js";
|
||||
import { resolveAgentWorkspaceDir, resolveDefaultAgentId } from "../agents/agent-scope.js";
|
||||
import { DEFAULT_MODEL, DEFAULT_PROVIDER } from "../agents/defaults.js";
|
||||
import { loadModelCatalog } from "../agents/model-catalog.js";
|
||||
@@ -9,14 +11,12 @@ import {
|
||||
resolveHooksGmailModel,
|
||||
} from "../agents/model-selection.js";
|
||||
import { formatCliCommand } from "../cli/command-format.js";
|
||||
import type { OpenClawConfig } from "../config/config.js";
|
||||
import { CONFIG_PATH, readConfigFileSnapshot, writeConfigFile } from "../config/config.js";
|
||||
import { logConfigUpdated } from "../config/logging.js";
|
||||
import { resolveGatewayService } from "../daemon/service.js";
|
||||
import { resolveGatewayAuth } from "../gateway/auth.js";
|
||||
import { buildGatewayConnectionDetails } from "../gateway/call.js";
|
||||
import { resolveOpenClawPackageRoot } from "../infra/openclaw-root.js";
|
||||
import type { RuntimeEnv } from "../runtime.js";
|
||||
import { defaultRuntime } from "../runtime.js";
|
||||
import { note } from "../terminal/note.js";
|
||||
import { stylePromptTitle } from "../terminal/prompt-style.js";
|
||||
@@ -98,6 +98,8 @@ export async function doctorCommand(
|
||||
confirm: (p) => prompter.confirm(p),
|
||||
});
|
||||
let cfg: OpenClawConfig = configResult.cfg;
|
||||
const cfgForPersistence = structuredClone(cfg);
|
||||
const sourceConfigValid = configResult.sourceConfigValid ?? true;
|
||||
|
||||
const configPath = configResult.path ?? CONFIG_PATH;
|
||||
if (!cfg.gateway?.mode) {
|
||||
@@ -123,7 +125,7 @@ export async function doctorCommand(
|
||||
if (gatewayDetails.remoteFallbackNote) {
|
||||
note(gatewayDetails.remoteFallbackNote, "Gateway");
|
||||
}
|
||||
if (resolveMode(cfg) === "local") {
|
||||
if (resolveMode(cfg) === "local" && sourceConfigValid) {
|
||||
const auth = resolveGatewayAuth({
|
||||
authConfig: cfg.gateway?.auth,
|
||||
tailscaleMode: cfg.gateway?.tailscale?.mode ?? "off",
|
||||
@@ -283,7 +285,8 @@ export async function doctorCommand(
|
||||
healthOk,
|
||||
});
|
||||
|
||||
const shouldWriteConfig = prompter.shouldRepair || configResult.shouldWriteConfig;
|
||||
const shouldWriteConfig =
|
||||
configResult.shouldWriteConfig || JSON.stringify(cfg) !== JSON.stringify(cfgForPersistence);
|
||||
if (shouldWriteConfig) {
|
||||
cfg = applyWizardMetadata(cfg, { command: "doctor", mode: resolveMode(cfg) });
|
||||
await writeConfigFile(cfg);
|
||||
|
||||
Reference in New Issue
Block a user