fix(cli): resolve sandbox env for global status service lookup

[Thabhelo]

Summary

Global nemoclaw status and status --json now resolve the target sandbox the same way as nemoclaw start / stop, so host service PID lookup honors SANDBOX_NAME, NEMOCLAW_SANDBOX, and NEMOCLAW_SANDBOX_NAME when set.

Fixes #1077

Changes

• Use resolveDefaultSandboxName in showStatusCommand and getStatusReport
• Unit tests for env wiring; integration tests in services.test.ts use real PID dirs under /tmp/nemoclaw-services-*

Test plan

• npm test -- src/lib/inventory/index.test.ts
• npm test -- src/lib/tunnel/services.test.ts -t '#1077'
• Manual DGX/WSL steps: comment

---

Signed-off-by: Thabhelo 50872400+Thabhelo@users.noreply.github.com

Summary by CodeRabbit

• Bug Fixes

  • Improved accuracy of default sandbox identification in status reports.
  • Enhanced service status detection for better reliability.

• Tests

  • Added comprehensive test coverage for sandbox-name resolution in status workflows and service status reporting.

[copy-pr-bot]

This pull request requires additional validation before any workflows can run on NVIDIA's runners.

Pull request vetters can view their responsibilities here.

Contributors can view more details about this message here.

[coderabbitai]

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

• @coderabbitai resume to resume automatic reviews.
• @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

• ▶️ Resume reviews
• 🔍 Trigger review

📝 Walkthrough

Walkthrough

The PR integrates environment-variable based default sandbox resolution into inventory status flows. It adds resolveDefaultSandboxName import usage to compute the effective default sandbox from environment variables, propagates the resolved default through status reporting and service monitoring, and validates the behavior with comprehensive tests covering both inventory and tunnel PID-directory scenarios.

Changes

Default Sandbox Resolution Integration

Layer / File(s)	Summary
Add resolveDefaultSandboxName imports src/lib/inventory/index.ts, src/lib/tunnel/services.test.ts	Import resolveDefaultSandboxName to enable environment-driven default sandbox resolution in both inventory status flows and tunnel service tests.
Refactor inventory status flows to use resolved defaults src/lib/inventory/index.ts	Compute resolvedDefault via resolveDefaultSandboxName in getStatusReport and showStatusCommand; propagate the resolved default through service status selection (showServiceStatus, getServiceStatuses), messaging-bridge health checks, and gateway log retrieval (readGatewayLog).
Inventory sandbox resolution test coverage src/lib/inventory/index.test.ts	Add Vitest cases validating that showStatusCommand and getStatusReport reuse listSandboxes snapshots when resolving defaults, and that environment variables SANDBOX_NAME and NEMOCLAW_SANDBOX_NAME drive the resolved default for status selection and report content, with proper env cleanup.
Tunnel service PID-directory matching tests (#1077) src/lib/tunnel/services.test.ts	Add integration helpers defining sandbox-specific PID directories and a #1077 test suite that seeds cloudflared.pid files, snapshots/restores environment variables, and asserts getServiceStatuses and showStatus correctly report running/stopped state when the resolved sandbox name matches the active PID directory.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Suggested labels

NemoClaw CLI, fix, area: cli, Sandbox

Suggested reviewers

• cv
• prekshivyas

🐰 A sandbox named, a service found,
When env vars guide the status round,
No more lost rabbits in the dark—
Default resolved, a clarifying spark! 🌟

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 20.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly summarizes the main change: resolving sandbox environment variables for global status service lookup, which directly addresses the linked issue.
Linked Issues check	✅ Passed	The PR implementation fully addresses issue #1077 by ensuring nemoclaw status resolves sandbox names using environment variables (SANDBOX_NAME, NEMOCLAW_SANDBOX_NAME) consistently with start/stop commands.
Out of Scope Changes check	✅ Passed	All changes are scoped to status sandbox resolution: adding resolveDefaultSandboxName usage in status commands, updating test coverage, and adding integration tests for PID directory validation.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 3

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@src/lib/inventory/index.test.ts`:
- Around line 546-565: The test for SANDBOX_NAME should also isolate
higher-precedence environment variables NEMOCLAW_SANDBOX_NAME and
NEMOCLAW_SANDBOX to avoid flakiness: in the test wrapping the call to
showStatusCommand (the "resolves service status sandbox from SANDBOX_NAME env"
case), save current values of process.env.NEMOCLAW_SANDBOX_NAME and
process.env.NEMOCLAW_SANDBOX before setting process.env.SANDBOX_NAME, then clear
or delete those NemoClaw variables for the duration of the test, call
showStatusCommand as before, and finally restore the original
NEMOCLAW_SANDBOX_NAME and NEMOCLAW_SANDBOX values in the same finally block
along with SANDBOX_NAME to ensure the environment is fully restored.

In `@src/lib/inventory/index.ts`:
- Around line 403-404: The code computes resolvedDefault via
resolveDefaultSandboxName(deps.listSandboxes) but later uses raw defaultSandbox
for messaging health/logs, causing inconsistent sandbox selection; update all
code paths in showStatusCommand and the related health/logs branches (where
defaultSandbox is used — e.g., the blocks handling messaging health/logs and the
sandboxes length branch) to use resolvedDefault instead of defaultSandbox so the
same resolved sandbox is used for both table/service output and health/logs;
ensure any variable passed into functions that fetch health or logs (messaging
health, messaging logs) receives resolvedDefault and keep
resolveDefaultSandboxName(deps.listSandboxes) as the single source of truth.
- Around line 365-367: The destructured variable defaultSandbox in
getStatusReport is unused; update the destructuring of deps.listSandboxes() to
either remove defaultSandbox or rename it to _defaultSandbox to satisfy lint
rules, ensuring resolvedDefault continues to use
resolveDefaultSandboxName(deps.listSandboxes) and liveInference calculation
(sandboxes/getLiveInference) remains unchanged; adjust the const line that
currently declares { sandboxes, defaultSandbox } accordingly.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: e8a8385b-b28a-457b-9889-3b71eb04cbd2

📥 Commits

Reviewing files that changed from the base of the PR and between 17734b1 and 7e06f24.

📒 Files selected for processing (2)

• src/lib/inventory/index.test.ts
• src/lib/inventory/index.ts

[Thabhelo]

Manual repro (DGX / WSL — matches #1077 reports)

1. Onboard or use an existing sandbox (e.g. research); confirm nemoclaw list shows it as default (*).
2. export TELEGRAM_BOT_TOKEN=... if needed, then nemoclaw start (or nemoclaw tunnel start on current CLI).
3. Without env: unset SANDBOX_NAME NEMOCLAW_SANDBOX_NAME; nemoclaw status — host cloudflared line should reflect the registry default sandbox PID dir (/tmp/nemoclaw-services-<default>*).
4. With env (issue workaround): export SANDBOX_NAME=<your-sandbox>; nemoclaw status — should match step 3 when names align; fixes the case where env pointed at a different dir than status used to query.
5. dknos .nemoclaw_env pattern: set -a; source "$HOME/.nemoclaw_env"; set +a; nemoclaw status — must be sourced in the same shell; the CLI does not auto-load that file.

* On builds after host telegram-bridge removal (PR #1081), status host lines are cloudflared-only; the PID-dir bug class is the same.

Out of scope for this PR: early SANDBOX_NAME validation in bridge startup (dknos), and cases where export is set but status still shows stopped (raymondlo84 — needs separate triage).

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@src/lib/tunnel/services.test.ts`:
- Around line 149-159: The tests fail when an external NEMOCLAW_SANDBOX env var
interferes; update the suite to snapshot and restore the actual NEMOCLAW_SANDBOX
env var (not just NEMOCLAW_SANDBOX_NAME) so resolveDefaultSandboxName() uses the
expected env during tests: create a savedNemoclawSandbox (or extend
savedNemoclawSandboxName) variable at top, clear process.env.NEMOCLAW_SANDBOX in
the test setup/teardown and restore it in afterEach (mirror how savedSandboxName
/ process.env.SANDBOX_NAME are handled), and apply the same change in the other
affected blocks (the other afterEach/beforeEach locations referenced) so tests
consistently control NEMOCLAW_SANDBOX.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: 6a001269-81c0-45dd-becc-10c5739d3b8c

📥 Commits

Reviewing files that changed from the base of the PR and between 7e06f24 and 9ef88e6.

📒 Files selected for processing (1)

• src/lib/tunnel/services.test.ts

[wscurran]

✨ Thanks for submitting this detailed PR about fixing the sandbox env resolution for global status service lookup, which improves the consistency of the status and health flows. This proposes a bug fix in the CLI that affects the sandbox management and error reporting.

---

Related open issues:

• #1077 Telegram-Bridge Fails to start

[prekshivyas]

Approving. Verified the fix resolves #1077 correctly:

• Both status paths (getStatusReport, showStatusCommand) now use resolveDefaultSandboxName consistently — including the messaging-bridge-health and gateway-log calls — and it's the same resolver runStartCommand/runStopCommand use (NEMOCLAW_SANDBOX_NAME ?? NEMOCLAW_SANDBOX ?? SANDBOX_NAME, regex-validated, else the registry default). So global status/status --json now honor the env override exactly like start/stop, and the no-env case is unchanged (just hardened with the safe-name check).

A couple of non-blocking notes:

• The remaining raw-default use is in getSandboxInventory (line ~202), which backs nemoclaw list — a separate command from status. Leaving list on the registry default looks like an intentional scope boundary; flag only so it's a conscious decision. (This is what CodeRabbit's "consistency across status paths" comment is pointing at.)
• The new tests (index.test.ts:645, services.test.ts:162) don't snapshot/clear the higher-precedence env vars, so they could go flaky on a runner where NEMOCLAW_SANDBOX/NEMOCLAW_SANDBOX_NAME is set. CI is green today; worth a beforeEach/afterEach save-restore to harden them.

Neither blocks merge. Nice, well-scoped fix.

[Thabhelo]

Thanks @prekshivyas for the review and approval, glad the fix lines up with #1077.

I've noted the two non-blocking items.

Will address after this is merged.