refactor(cli): centralize oclif exit helpers

[cv]

Summary

Centralizes common oclif command exit handling in NemoClawCommand now that the command base is shared. This keeps command adapters from throwing oclif ExitErrors for action-style results and standardizes multi-line failure output across command-owned failure paths.

Changes

• Added setExitCode, applyExitResult, and failWithLines helpers to NemoClawCommand.
• Replaced duplicated internal command result handling with applyExitResult(...).
• Updated credentials, removed connect-flag, inference, skill, debug, uninstall, and config-usage command failures to record exit codes instead of hard-exiting.
• Added unit coverage for shared command exit/failure helpers and updated command tests to assert exit-code recording.

Type of Change

• Code change (feature, bug fix, or refactor)
• Code change with doc updates
• Doc only (prose changes, no code sample modifications)
• Doc only (includes code sample changes)

Verification

• npx prek run --all-files passes
• npm test passes
• Tests added or updated for new or changed behavior
• No secrets, API keys, or credentials committed
• Docs updated for user-facing behavior changes
• make docs builds without warnings (doc changes only)
• Doc pages follow the style guide (doc changes only)
• New doc pages include SPDX header and frontmatter (new pages only)

---

Signed-off-by: Carlos Villela cvillela@nvidia.com

Summary by CodeRabbit

• Refactor
  • Centralized CLI exit and error handling for more consistent termination and user-facing messages across commands.
• New Features
  • Added a standardized command exit-result format to unify status/code/message reporting.
• Bug Fixes
  • Commands now set process exit codes and emit multiline failure guidance without abruptly terminating the process.
• Tests
  • Updated/added tests validating exit-code behavior, failure message emission, and parser failure handling.

[coderabbitai]

📝 Walkthrough

Walkthrough

This PR centralizes CLI exit handling by adding a CommandExitResult type and NemoClawCommand helpers (setExitCode, failWithLines, applyExitResult), migrates multiple commands to use those helpers instead of direct process.exit/console.error patterns, and updates tests to assert via process.exitCode.

Changes

Unified exit-result framework and adoption

Layer / File(s)	Summary
Core exit-result type and base-command helpers src/lib/cli/nemoclaw-oclif-command.ts	Exports CommandExitResult and adds setExitCode(), failWithLines(), and applyExitResult() on NemoClawCommand.
Tests for CommandExitResult and helper methods src/lib/cli/nemoclaw-oclif-command.test.ts	Vitest suite verifying applyExitResult and failWithLines behavior and exit-code recording.
Internal commands adopt applyExitResult src/commands/internal/dev/npm-link-or-shim.ts, src/commands/internal/dns/fix-coredns.ts, src/commands/internal/dns/setup-proxy.ts, src/commands/internal/uninstall/run-plan.ts, src/lib/commands/maintenance/update.ts	Replace manual process.exit and ad-hoc exit handling with this.applyExitResult(result) where appropriate.
Gateway-token command uses setExitCode src/lib/commands/gateway-token.ts	Use this.setExitCode(0) for EPIPE and this.setExitCode(exitCode) after command run instead of direct process termination or assignments.
Credentials recovery and commands src/lib/commands/credentials/common.ts, src/lib/commands/credentials/list.ts, src/lib/commands/credentials/reset.ts	Add credentialsGatewayRecoveryFailureLines(), refactor recoverGatewayOrExit() to return boolean and accept a failure reporter, and use this.failWithLines(...) + early returns for failures and validations.
Credential tests & utilities test/credentials-cli-command.test.ts	Replace process.exit mocking with expectExitCode helper and update credential tests to assert process.exitCode; remove ProcessExitError-based helpers.
Sandbox connect & skill updates src/lib/commands/sandbox/connect.ts, src/lib/commands/sandbox/skill.ts, src/lib/commands/sandbox/skill.test.ts	Set this.parsed = true where needed, use failWithLines([...], 2) for missing sandboxName, and add tests asserting parser-style exit code behavior.
Inference commands and adapter tests src/lib/commands/inference/get.ts, src/lib/commands/inference/set.ts, src/lib/commands/global-oclif-command-adapters.test.ts	Handle InferenceGetError/InferenceSetError via failWithLines([msg], exitCode) and update tests/mocks to assert errors set process.exitCode and log messages without throwing oclif ExitError.
Debug, config usage, uninstall adapters src/lib/commands/debug.ts, src/lib/commands/sandbox/config/get.ts, src/lib/commands/uninstall.ts	Change helpers to set process.exitCode / call setExitCode() and return, avoiding immediate process.exit() calls while preserving messaging and types where applicable.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

• NVIDIA/NemoClaw#3611: Both PRs touch the same command implementations—e.g., internal/dns/fix-coredns.ts and internal/dns/setup-proxy.ts—where the retrieved work migrates them to NemoClawCommand base class while the main PR updates their run() logic to route exit/error handling through applyExitResult.
• NVIDIA/NemoClaw#3424: Both PRs modify the nemoclaw inference get command’s run() error path—handling InferenceGetError termination/output logic (via failWithLines/exit behavior)—so the main PR’s changes are directly related to the retrieved inference-get work.

Suggested labels

NemoClaw CLI, status: rfr

Suggested reviewers

• jyaunches
• cjagwani

Poem

🐰 A rabbit's note on tidy exits:

Gone are scattered process.exit cries,
A single helper now applies.
Lines are logged, codes set with care,
Tests expect the code's new lair,
CLI hops forward, neat and wise.

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'refactor(cli): centralize oclif exit helpers' accurately describes the main objective of the pull request, which centralizes common oclif command exit handling in the shared NemoClawCommand base class.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch refactor/oclif-exit-helper-conventions

Warning

There were issues while running some tools. Please review the errors and either fix the tool's configuration or disable the tool if it's a critical failure.

🔧 ESLint

If the error stems from missing dependencies, add them to the package.json file. For unrecoverable errors (e.g., due to private dependencies), disable the tool in the CodeRabbit configuration.

ESLint skipped: no ESLint configuration detected in root package.json. To enable, add eslint to devDependencies.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

E2E Advisor Recommendation

Required E2E: diagnostics-e2e, openclaw-inference-switch-e2e, inference-routing-e2e, sandbox-operations-e2e, cloud-onboard-e2e, skill-agent-e2e
Optional E2E: shields-config-e2e, credential-sanitization-e2e, openshell-gateway-upgrade-e2e

Dispatch hint: diagnostics-e2e,openclaw-inference-switch-e2e,inference-routing-e2e,sandbox-operations-e2e,cloud-onboard-e2e,skill-agent-e2e

Auto-dispatched E2E: diagnostics-e2e, openclaw-inference-switch-e2e, inference-routing-e2e, sandbox-operations-e2e, cloud-onboard-e2e, skill-agent-e2e via nightly-e2e.yaml at d782eadd27de720095a6cf386f66b4518ae7da58 — nightly run

Workflow run

Full advisor summary

E2E Recommendation Advisor

Base: origin/main
Head: HEAD
Confidence: high

Required E2E

• diagnostics-e2e (medium): Covers changed diagnostics and credential commands in a real installed environment: debug --quick, debug tarball sanitization, credentials list/reset, and sandbox config inspection. This is the strongest existing coverage for the credentials/debug/config command exit-path changes.
• openclaw-inference-switch-e2e (medium): Required because inference set command behavior changed. This job runs nemoclaw inference set against a live OpenClaw sandbox and verifies the OpenShell route, sandbox config patch, config hash, and live inference after the switch.
• inference-routing-e2e (medium): Required for inference-routing risk: it validates credential isolation and classified failure behavior for invalid credentials/unreachable endpoints. The PR changes typed inference command failure handling, so this checks real route/security outcomes.
• sandbox-operations-e2e (high): Required because sandbox connect/operator command behavior changed. This job exercises live sandbox lifecycle operations, recovery-sensitive access paths, list/status/logs/destroy, and multi-sandbox isolation.
• cloud-onboard-e2e (medium): Required because internal DNS setup/fix command exit handling can affect sandbox DNS proxy and inference.local availability during onboarding. This job validates install/onboard, security checks, and inference.local HTTP reachability.
• skill-agent-e2e (medium): Required because sandbox skill dispatch changed. This is the existing real assistant skill-flow E2E, injecting a skill fixture and verifying the agent can read and use it.

Optional E2E

• shields-config-e2e (medium): Useful adjacent confidence for nemoclaw <sandbox> config get, including JSON output, dotpath extraction, and no credential leakage. The changed config file only affects usage/exit handling, so this is optional rather than blocking.
• credential-sanitization-e2e (medium): Optional security confidence for credential non-leakage in a running sandbox after credentials command changes. diagnostics-e2e is the merge-blocking credential command coverage.
• openshell-gateway-upgrade-e2e (high): Optional adjacent coverage for update/upgrade/install lifecycle behavior. The PR changes update/uninstall wrapper exit semantics but does not change the core upgrade action implementation.

New E2E recommendations

• CLI subprocess exit semantics (high): This PR intentionally replaces direct exits/ExitErrors with process.exitCode across many commands. Existing E2Es mostly validate successful real flows, not CLI subprocess exit codes and stderr for failure paths across adapters.
  • Suggested test: Add a lightweight CLI-exit-smoke E2E that installs/builds the CLI, invokes representative commands as subprocesses, and asserts exact exit codes plus clean stderr/no stack traces for credentials gateway-down, inference get/set typed errors, sandbox skill missing-name, gateway-token pipe/EPIPE, internal DNS action failure, update check failure, and uninstall dry/failure paths.
• gateway-token security command (medium): sandbox:gateway:token changed its EPIPE and exit-code path, but no existing E2E was found that directly runs nemoclaw <sandbox> gateway-token and validates token output/warnings without leaking stack traces.
  • Suggested test: Add a gateway-token E2E phase to diagnostics-e2e or a dedicated job that onboards a sandbox, runs nemoclaw <name> gateway-token and --quiet, verifies stdout contains only the token in quiet mode, stderr warning behavior is correct, and piped consumers do not produce stack traces.
• update and uninstall oclif wrappers (medium): The PR changes nemoclaw update, nemoclaw uninstall, and internal uninstall run-plan exit plumbing, while existing upgrade/uninstall coverage is indirect and often uses shell scripts rather than the oclif wrappers.
  • Suggested test: Add an update-uninstall-wrapper E2E that runs nemoclaw update --check and nemoclaw uninstall --yes --keep-openshell in an isolated install, asserting clean output and exit status without thrown oclif stack traces.

Dispatch hint

• Workflow: nightly-e2e.yaml
• jobs input: diagnostics-e2e,openclaw-inference-switch-e2e,inference-routing-e2e,sandbox-operations-e2e,cloud-onboard-e2e,skill-agent-e2e

[github-actions]

Selective E2E Results — ✅ All requested jobs passed

Run: 25933769295
Target ref: a8b11640981095b6395ca22e417aac0de2caa2b0
Workflow ref: main
Requested jobs: cloud-e2e,diagnostics-e2e,sandbox-operations-e2e
Summary: 0 passed, 0 failed, 0 skipped

Job	Result
cloud-e2e	⚠️ cancelled
diagnostics-e2e	⚠️ cancelled
sandbox-operations-e2e	⚠️ cancelled

[github-actions]

Selective E2E Results — ✅ All requested jobs passed

Run: 25933940120
Target ref: 5312349fdea3cd15618a2a13c340e2ae10f0b56d
Workflow ref: main
Requested jobs: diagnostics-e2e,sandbox-operations-e2e,cloud-inference-e2e
Summary: 2 passed, 0 failed, 0 skipped

Job	Result
cloud-inference-e2e	✅ success
diagnostics-e2e	✅ success
sandbox-operations-e2e	⚠️ cancelled

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@src/lib/commands/sandbox/skill.test.ts`:
- Around line 16-27: The test sets a spy `const error = vi.spyOn(console,
"error")` but never restores it, which can leak into other tests; update the
finally block in this test to restore the spy (e.g., call `error.mockRestore()`
or `error.mockReset()` in the finally alongside restoring `process.exitCode`) so
the global `console.error` is returned to its original behavior after calling
`SkillCliCommand.run([], rootDir)` and assertions involving
`sandboxSkillInstall`.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: d231a642-e0b6-4be0-96f2-e5bead8ff83a

📥 Commits

Reviewing files that changed from the base of the PR and between a8b1164 and de69afb.

📒 Files selected for processing (5)

• src/lib/commands/global-oclif-command-adapters.test.ts
• src/lib/commands/inference/get.ts
• src/lib/commands/inference/set.ts
• src/lib/commands/sandbox/skill.test.ts
• src/lib/commands/sandbox/skill.ts

✅ Files skipped from review due to trivial changes (1)

• src/lib/commands/inference/get.ts

[coderabbitai]

⚠️ Potential issue | 🟡 Minor | ⚡ Quick win

Restore the console.error spy in test cleanup.

The test currently restores process.exitCode but leaves the global console.error spy active, which can leak into subsequent tests if global restore behavior changes.

Suggested fix

     } finally {
+      error.mockRestore();
       process.exitCode = previousExitCode;
     }

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@src/lib/commands/sandbox/skill.test.ts` around lines 16 - 27, The test sets a
spy `const error = vi.spyOn(console, "error")` but never restores it, which can
leak into other tests; update the finally block in this test to restore the spy
(e.g., call `error.mockRestore()` or `error.mockReset()` in the finally
alongside restoring `process.exitCode`) so the global `console.error` is
returned to its original behavior after calling `SkillCliCommand.run([],
rootDir)` and assertions involving `sandboxSkillInstall`.

[github-actions]

Selective E2E Results — ✅ All requested jobs passed

Run: 25934788619
Target ref: de69afbed6a15846c66fc2e2dca2518ffe521efa
Workflow ref: main
Requested jobs: cloud-onboard-e2e,credential-migration-e2e,openclaw-inference-switch-e2e,sandbox-operations-e2e,network-policy-e2e
Summary: 2 passed, 0 failed, 0 skipped

Job	Result
cloud-onboard-e2e	✅ success
credential-migration-e2e	⚠️ cancelled
network-policy-e2e	⚠️ cancelled
openclaw-inference-switch-e2e	✅ success
sandbox-operations-e2e	⚠️ cancelled

[coderabbitai]

🧹 Nitpick comments (1)

src/lib/commands/credentials/list.ts (1)

31-35: ⚡ Quick win

Reuse centralized credentials failure lines to avoid message drift.

This branch duplicates gateway recovery guidance text that now exists in credentialsGatewayRecoveryFailureLines("query"). Reusing the helper keeps credentials flows consistent.

Suggested diff

-import { isBridgeProviderName, recoverGatewayOrExit } from "./common";
+import {
+  credentialsGatewayRecoveryFailureLines,
+  isBridgeProviderName,
+  recoverGatewayOrExit,
+} from "./common";
@@
     if (result.status !== 0) {
-      this.failWithLines([
-        "  Could not query OpenShell gateway. Is it running?",
-        `  Run 'openshell gateway start --name nemoclaw' or '${CLI_NAME} onboard' first.`,
-      ]);
+      this.failWithLines(credentialsGatewayRecoveryFailureLines("query"));
       return;
     }

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@src/lib/commands/credentials/list.ts` around lines 31 - 35, The failure
branch in list.ts duplicates gateway recovery text; replace the hard-coded array
passed to this.failWithLines([...]) with a call to
credentialsGatewayRecoveryFailureLines("query") so the command reuses the
centralized message; locate the failing branch that currently calls
this.failWithLines and swap its argument to
this.failWithLines(credentialsGatewayRecoveryFailureLines("query")) (keeping the
early return) to ensure consistency.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Nitpick comments:
In `@src/lib/commands/credentials/list.ts`:
- Around line 31-35: The failure branch in list.ts duplicates gateway recovery
text; replace the hard-coded array passed to this.failWithLines([...]) with a
call to credentialsGatewayRecoveryFailureLines("query") so the command reuses
the centralized message; locate the failing branch that currently calls
this.failWithLines and swap its argument to
this.failWithLines(credentialsGatewayRecoveryFailureLines("query")) (keeping the
early return) to ensure consistency.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: 22f3dea5-2dae-4b88-a00b-99df1742178d

📥 Commits

Reviewing files that changed from the base of the PR and between de69afb and 3d6f7b4.

📒 Files selected for processing (7)

• src/lib/commands/credentials/common.ts
• src/lib/commands/credentials/list.ts
• src/lib/commands/credentials/reset.ts
• src/lib/commands/debug.ts
• src/lib/commands/sandbox/config/get.ts
• src/lib/commands/uninstall.ts
• test/credentials-cli-command.test.ts

🚧 Files skipped from review as they are similar to previous changes (2)

• src/lib/commands/credentials/reset.ts
• test/credentials-cli-command.test.ts

[github-actions]

Selective E2E Results — ✅ All requested jobs passed

Run: 25935331096
Target ref: 3d6f7b431e7c834e11c8458c2890946a5a9426c5
Workflow ref: main
Requested jobs: cloud-e2e,diagnostics-e2e,openclaw-inference-switch-e2e,issue-2478-crash-loop-recovery-e2e
Summary: 4 passed, 0 failed, 0 skipped

Job	Result
cloud-e2e	✅ success
diagnostics-e2e	✅ success
issue-2478-crash-loop-recovery-e2e	✅ success
openclaw-inference-switch-e2e	✅ success

[github-actions]

Selective E2E Results — ✅ All requested jobs passed

Run: 25939118076
Target ref: b740b4e77642c9bc14bffb6c4e7b74d020cb139b
Workflow ref: main
Requested jobs: diagnostics-e2e,openclaw-inference-switch-e2e,cloud-onboard-e2e,sandbox-operations-e2e
Summary: 4 passed, 0 failed, 0 skipped

Job	Result
cloud-onboard-e2e	✅ success
diagnostics-e2e	✅ success
openclaw-inference-switch-e2e	✅ success
sandbox-operations-e2e	✅ success

[github-actions]

Selective E2E Results — ✅ All requested jobs passed

Run: 25940218386
Target ref: 38e36324aba72a1ec1345f35dc3646a515c69eb8
Workflow ref: main
Requested jobs: cloud-e2e,credential-migration-e2e,inference-routing-e2e,openclaw-inference-switch-e2e,sandbox-operations-e2e,skill-agent-e2e
Summary: 5 passed, 0 failed, 0 skipped

Job	Result
cloud-e2e	✅ success
credential-migration-e2e	✅ success
inference-routing-e2e	✅ success
openclaw-inference-switch-e2e	✅ success
sandbox-operations-e2e	⚠️ cancelled
skill-agent-e2e	✅ success

[cjagwani]

Clean refactor — all four stated changes land cleanly and CI's green. Four small nits, none blocking:

1. src/lib/commands/debug.ts:67-70 — the exit closure is unreachable. runDebugCommandWithOptions never invokes parseDebugArgs, so it's dead today and becomes a footgun if anyone wires it back. Suggest dropping it.
2. uninstall.ts:32-35 + debug.ts:67 — return undefined as never lies to TS. Either keep process.exit(code) in the injected exit, or change runUninstallCommand / parseDebugArgs return types off never.
3. sandbox/skill.ts:17 + uninstall.ts:22 — this.parsed = true is oclif private-instance-field territory (suppresses the "did you forget to call parse()?" warning when reading this.argv directly). Worth a 1-line comment so it survives the next cleanup pass.
4. nemoclaw-oclif-command.test.ts:87-89 — Object.create(TestCommand.prototype) intentionally bypasses the oclif Command base constructor. Worth documenting that, or it'll get "fixed" later.

Happy to approve once these land or you tell me you're shipping as-is — none of them block.

[github-actions]

Selective E2E Results — ✅ All requested jobs passed

Run: 25940869135
Target ref: d782eadd27de720095a6cf386f66b4518ae7da58
Workflow ref: main
Requested jobs: diagnostics-e2e,openclaw-inference-switch-e2e,inference-routing-e2e,sandbox-operations-e2e,cloud-onboard-e2e,skill-agent-e2e
Summary: 6 passed, 0 failed, 0 skipped

Job	Result
cloud-onboard-e2e	✅ success
diagnostics-e2e	✅ success
inference-routing-e2e	✅ success
openclaw-inference-switch-e2e	✅ success
sandbox-operations-e2e	✅ success
skill-agent-e2e	✅ success