nav/Fabric.OpenclawPlugin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: nav:fix/presence-sync-tick-mutex
Branches Tags
nav:main nav:feat/dynamic-account-subscription nav:fix/routing-use-binding-accountid nav:fix/describe-account-stops-default-restart-loop nav:fix/socket-auth-callback-refresh nav:fix/presence-sync-tick-mutex nav:fix/presence-sync-api-prefix nav:fix/fabric-dm-routing-by-xtype nav:feat/expose-channel-type nav:feat/fabric-send-and-discover-tools nav:feat/triage-on-call-gate-and-queue nav:feat/inbound-listen-push-events nav:fix/inbound-dynamic-channel-sync
...
compare: nav:b659dadb9e0935ab29bc9e56f0a902fe9a3dba87
Branches Tags
nav:main nav:feat/dynamic-account-subscription nav:fix/routing-use-binding-accountid nav:fix/describe-account-stops-default-restart-loop nav:fix/socket-auth-callback-refresh nav:fix/presence-sync-tick-mutex nav:fix/presence-sync-api-prefix nav:fix/fabric-dm-routing-by-xtype nav:feat/expose-channel-type nav:feat/fabric-send-and-discover-tools nav:feat/triage-on-call-gate-and-queue nav:feat/inbound-listen-push-events nav:fix/inbound-dynamic-channel-sync

5 Commits
fix/presen ... b659dadb9e

Author SHA1 Message Date
h z
b659dadb9e Merge pull request 'fix(channel): add describeAccount so health-monitor sees real configured state' (#10) from fix/describe-account-stops-default-restart-loop into main 2026-05-26 15:49:21 +00:00
hzhang
20e55849eb fix(channel): add describeAccount so health-monitor sees real configured 
openclaw's `channelManager.getRuntimeSnapshot()` — called every minute
by the channel-health-monitor — runs accounts through
`applyDescribedAccountFields(next, plugin.config.describeAccount?.(...))`.
When the callback is missing it defaults `configured: true`. Fabric
never defined it, so every health-monitor cycle:

  snapshot = { enabled: true, configured: true, running: false }

For fabric's synthetic 'default' account (returned by
`listFabricAccountIds` when `channels.fabric.accounts` is empty —
the prod shape, where per-agent api-keys live in
`~/.openclaw/fabric-identity.json` and the channel framework never
runs `startAccount` so `running` stays false):

  isManagedAccount({enabled:true, configured:true}) === true
  -> not-running -> 'stopped' -> restart every ~10 min, logging
  '[fabric:default] health-monitor: restarting (reason: stopped)'

The restart is a no-op (fabric's `gateway.startAccount` is absent so
`startChannelInternal` returns early), but the log is loud and
operators chasing real outages keep wasting time on it.

Mirror `isConfigured` from describeAccount so the snapshot
truthfully reports configured:false for any account without a
fabricApiKey. The fabric plugin still self-manages real agents via
`gateway_start` -> `FabricInbound.start()`; the framework just no
longer thinks 'default' is something it should restart.

Verified in sim (this patch alone, no debug instrumentation):
- gateway up 8+ minutes, 0 restart events
- pre-patch sim with same config restarted at 5min mark
- evaluateChannelHealth snapshot for both 'default' and 'recruiter'
  accountId reads configured:false (instrumented with temporary
  console.log in channel-health-policy, since reverted)

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-05-26 16:48:53 +01:00
h z
d47d3467df Merge pull request 'fix(inbound): refresh socket.io auth on (re)connect via callback' (#9) from fix/socket-auth-callback-refresh into main 2026-05-26 12:51:04 +00:00
hzhang
7dc70522d1 fix(inbound): refresh socket.io auth on (re)connect via callback 
Backend issues short-lived guildAccessToken (TTL=900s). The previous
`auth: { token: tok }` shape captured the JWT once in connectAgent's
closure: after socket.io's auto-reconnect the backend kept getting the
same expired JWT and silently rejected the handshake at the application
layer (RealtimeGateway logs 'socket rejected: <id>'). The client's
'connect' event still fired (TCP succeeded) so the plugin happily ran
the channel-resync, emitted join_channel into the void, and logged
'joined N channel(s)' while the backend was actually broadcasting
message.created to a room with zero subscribers. End-user symptom:
DMs/group messages to agents silently dropped 15 min after gateway
start, with no error anywhere on the agent side.

Switch to the callback form, which socket.io re-evaluates on every
(re)connect — same call site we already use for the HTTP path via
freshGuildToken/tokenCache.

Verified in sim (commit 2acb084 + this patch):
1. Connect new DM channel + post msg -> dispatch + reply ✓
2. `docker restart fabric-backend-guild` to force socket disconnect
3. Plugin reconnects automatically and logs
   'fabric: agent recruiter joined 12 channel(s) on sim-guild-1' ✓
   (without the fix this reconnect was silently rejected; sim used to
    log 'WARN socket rejected: <id>' on the guild backend)

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-05-26 13:50:24 +01:00
h z
2acb084ee4 fix(presence-sync): tick mutex (#8) 2026-05-26 02:06:21 +00:00
4 changed files with 62 additions and 2 deletions
Expand all files Collapse all files

13
dist/fabric/src/channel.js vendored
View File

@@ -117,6 +117,19 @@ export const fabricChannelPlugin = createChatChannelPlugin({
resolveAccount: (cfg, accountId) => resolveFabricAccount(cfg, accountId), resolveAccount: (cfg, accountId) => resolveFabricAccount(cfg, accountId),
defaultAccountId: (cfg) => resolveDefaultFabricAccountId(cfg), defaultAccountId: (cfg) => resolveDefaultFabricAccountId(cfg),
isConfigured: (account) => Boolean(account.fabricApiKey), isConfigured: (account) => Boolean(account.fabricApiKey),
// openclaw's channelManager.getRuntimeSnapshot() — called every minute
// by the channel-health-monitor — defaults `configured: true` when the
// plugin doesn't expose describeAccount (see applyDescribedAccountFields
// in server-channels). Without this, fabric's synthetic 'default'
// account (returned by listFabricAccountIds when channels.fabric.accounts
// is empty — the prod shape) gets snapshot {enabled:true, configured:true,
// running:false} → isManagedAccount=true → not-running → restart loop
// every ~10 min, logging `[fabric:default] health-monitor: restarting`.
// Mirror isConfigured here so the snapshot truthfully reports false for
// any account without a fabricApiKey.
describeAccount: (account) => ({
configured: Boolean(account.fabricApiKey),
}),
}, },
// Minimal setup adapter: Fabric is configured directly under // Minimal setup adapter: Fabric is configured directly under
// channels.fabric.* (no interactive wizard). applyAccountConfig is the // channels.fabric.* (no interactive wizard). applyAccountConfig is the

19
dist/fabric/src/inbound.js vendored
View File

@@ -261,9 +261,26 @@ export class FabricInbound {
const tok = session.guildAccessTokens.find((t) => t.guildNodeId === g.nodeId)?.token; const tok = session.guildAccessTokens.find((t) => t.guildNodeId === g.nodeId)?.token;
if (!tok) if (!tok)
continue; continue;
// Use the *callback* form of `auth` so socket.io re-evaluates the JWT
// on every (re)connect. The single-shot `auth: { token: tok }` shape
// captured the token in closure: after socket.io's silent auto-reconnect
// the backend got the same JWT that expired ~15 min into the session
// (guildAccessToken TTL = 900s) and silently rejected the handshake at
// the application layer. The client's `connect` event still fired (TCP
// succeeded), so the plugin happily ran the channel-resync, emitted
// `join_channel` into the void, and logged "joined N channel(s)" while
// the backend was actually broadcasting message.created to a room with
// zero subscribers. End user symptom: DMs to agents silently dropped.
const socket = io(`${g.endpoint}/realtime`, { const socket = io(`${g.endpoint}/realtime`, {
transports: ['websocket'], transports: ['websocket'],
auth: { token: tok }, auth: (cb) => {
// Best-effort fresh token; on transient failure fall back to the
// last known good one. tokenCache also keeps HTTP calls (attachment
// download / reply post) from 401'ing in the same window.
this.freshGuildToken(agentId, g.nodeId, session)
.then((fresh) => cb({ token: fresh ?? tok }))
.catch(() => cb({ token: tok }));
},
autoConnect: false, autoConnect: false,
}); });
// Tracked socket.io rooms for this (agent, guild). The initial fetch // Tracked socket.io rooms for this (agent, guild). The initial fetch

13
src/channel.ts
View File

@@ -153,6 +153,19 @@ export const fabricChannelPlugin = createChatChannelPlugin<ResolvedFabricAccount
resolveAccount: (cfg, accountId) => resolveFabricAccount(cfg as never, accountId), resolveAccount: (cfg, accountId) => resolveFabricAccount(cfg as never, accountId),
defaultAccountId: (cfg) => resolveDefaultFabricAccountId(cfg as never), defaultAccountId: (cfg) => resolveDefaultFabricAccountId(cfg as never),
isConfigured: (account: ResolvedFabricAccount) => Boolean(account.fabricApiKey), isConfigured: (account: ResolvedFabricAccount) => Boolean(account.fabricApiKey),
// openclaw's channelManager.getRuntimeSnapshot() — called every minute
// by the channel-health-monitor — defaults `configured: true` when the
// plugin doesn't expose describeAccount (see applyDescribedAccountFields
// in server-channels). Without this, fabric's synthetic 'default'
// account (returned by listFabricAccountIds when channels.fabric.accounts
// is empty — the prod shape) gets snapshot {enabled:true, configured:true,
// running:false} → isManagedAccount=true → not-running → restart loop
// every ~10 min, logging `[fabric:default] health-monitor: restarting`.
// Mirror isConfigured here so the snapshot truthfully reports false for
// any account without a fabricApiKey.
describeAccount: (account: ResolvedFabricAccount) => ({
configured: Boolean(account.fabricApiKey),
}),
}, },
// Minimal setup adapter: Fabric is configured directly under // Minimal setup adapter: Fabric is configured directly under
// channels.fabric.* (no interactive wizard). applyAccountConfig is the // channels.fabric.* (no interactive wizard). applyAccountConfig is the

19
src/inbound.ts
View File

@@ -325,9 +325,26 @@ export class FabricInbound {
for (const g of session.guilds) { for (const g of session.guilds) {
const tok = session.guildAccessTokens.find((t) => t.guildNodeId === g.nodeId)?.token; const tok = session.guildAccessTokens.find((t) => t.guildNodeId === g.nodeId)?.token;
if (!tok) continue; if (!tok) continue;
// Use the *callback* form of `auth` so socket.io re-evaluates the JWT
// on every (re)connect. The single-shot `auth: { token: tok }` shape
// captured the token in closure: after socket.io's silent auto-reconnect
// the backend got the same JWT that expired ~15 min into the session
// (guildAccessToken TTL = 900s) and silently rejected the handshake at
// the application layer. The client's `connect` event still fired (TCP
// succeeded), so the plugin happily ran the channel-resync, emitted
// `join_channel` into the void, and logged "joined N channel(s)" while
// the backend was actually broadcasting message.created to a room with
// zero subscribers. End user symptom: DMs to agents silently dropped.
const socket = io(`${g.endpoint}/realtime`, { const socket = io(`${g.endpoint}/realtime`, {
transports: ['websocket'], transports: ['websocket'],
auth: { token: tok }, auth: (cb) => {
// Best-effort fresh token; on transient failure fall back to the
// last known good one. tokenCache also keeps HTTP calls (attachment
// download / reply post) from 401'ing in the same window.
this.freshGuildToken(agentId, g.nodeId, session)
.then((fresh) => cb({ token: fresh ?? tok }))
.catch(() => cb({ token: tok }));
},
autoConnect: false, autoConnect: false,
}); });
// Tracked socket.io rooms for this (agent, guild). The initial fetch // Tracked socket.io rooms for this (agent, guild). The initial fetch