fix(setup): use dynamic sandbox name instead of hardcoded 'nemoclaw'

[kagura-agent]

Summary

Replace all hardcoded nemoclaw sandbox name references in setup.sh with a $SANDBOX_NAME variable that resolves dynamically.

Problem

The onboard wizard (bin/lib/onboard.js) prompts for a custom sandbox name and stores it in ~/.nemoclaw/sandboxes.json. However, scripts/setup.sh hardcodes --name nemoclaw everywhere, creating a split-brain situation:

• NemoClaw's internal registry stores the custom name
• OpenShell's actual sandbox is always named nemoclaw
• Every subsequent command using the custom name fails with "sandbox not found"

Fix

The SANDBOX_NAME variable now resolves in this order:

1. First CLI argument (./scripts/setup.sh my-sandbox)
2. First key from ~/.nemoclaw/sandboxes.json (the onboard wizard's registry)
3. Default: nemoclaw

All 6 hardcoded references to the sandbox name in setup.sh have been replaced.

Testing

• Default behavior unchanged: running ./scripts/setup.sh without arguments still creates a nemoclaw sandbox
• Custom name via CLI: ./scripts/setup.sh my-bot creates a sandbox named my-bot
• After onboarding: if the user chose my-assistant during nemoclaw onboard, running ./scripts/setup.sh now reads that name from the registry

Fixes #197

Summary by CodeRabbit

• New Features

  • Support for custom sandbox names via argument or config; all setup, readiness checks and messages use the chosen name
  • Gateway health verification after startup with clear guidance on failure
  • CoreDNS patching preserved for Colima environments

• Chores

  • Improved readiness checks with exact sandbox lookups and clearer error/status messages during setup

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 2326da55-30f0-4edf-a16f-99d48ae7c458

📥 Commits

Reviewing files that changed from the base of the PR and between 6468740 and 7ba6721.

📒 Files selected for processing (1)

• scripts/setup.sh

---

📝 Walkthrough

Walkthrough

The setup.sh script now resolves SANDBOX_NAME from an optional arg, ~/.nemoclaw/sandboxes.json, or a default; replaces hardcoded "nemoclaw" uses; adds gateway health checks, conditional CoreDNS patching for Colima, and provider preconfiguration using the dynamic name.

Changes

Cohort / File(s)	Summary
Sandbox name resolution & usage scripts/setup.sh	Adds SANDBOX_NAME resolution (arg → ~/.nemoclaw/sandboxes.json → default), replaces hardcoded nemoclaw across create/delete/get/list/readiness checks and user messages; uses exact-name lookup for readiness and detail queries.
Gateway lifecycle & health checks scripts/setup.sh	Starts gateway and performs a health-check loop after start; fails with explicit guidance if gateway is not healthy.
Environment patches & provider setup scripts/setup.sh	Keeps conditional CoreDNS patch for Colima; updates provider setup messaging and uses SANDBOX_NAME in provider delete/create and readiness checks (nvidia-nim, vllm-local, Ollama conditional).

Sequence Diagram(s)

sequenceDiagram
  participant User
  participant Setup as scripts/setup.sh
  participant Config as "~/.nemoclaw/sandboxes.json"
  participant Gateway
  participant OpenShell
  participant CoreDNS
  participant Providers

  User->>Setup: run setup.sh [optional SANDBOX_NAME]
  Setup->>Config: read sandbox entry (if present)
  alt arg provided
    Setup->>Setup: SANDBOX_NAME = arg
  else config present
    Setup->>Setup: SANDBOX_NAME = config value
  else
    Setup->>Setup: SANDBOX_NAME = "nemoclaw"
  end
  Setup->>Gateway: start gateway
  Gateway-->>Setup: started
  loop health check
    Setup->>Gateway: poll /health
    Gateway-->>Setup: healthy? (yes/no)
  end
  alt Colima
    Setup->>CoreDNS: apply CoreDNS patch
    CoreDNS-->>Setup: patched
  end
  Setup->>Providers: configure providers using SANDBOX_NAME
  Providers-->>Setup: providers ready
  Setup->>OpenShell: sandbox create/get/delete using SANDBOX_NAME
  OpenShell-->>Setup: sandbox status/details
  Setup-->>User: final messages referencing SANDBOX_NAME

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Poem

A rabbit nudges files at dawn,
Names from a nook or arg are drawn,
It pings the gateway, patches DNS,
Aligns the providers, clears the mess,
Hooray — no more names hard-won! 🐇✨

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly identifies the main change: replacing hardcoded 'nemoclaw' with dynamic sandbox name handling in setup.sh.
Linked Issues check	✅ Passed	The PR fully addresses #197 by implementing dynamic sandbox name resolution (CLI arg, registry file, default) and replacing all hardcoded references, matching all stated objectives.
Out of Scope Changes check	✅ Passed	All changes in scripts/setup.sh directly address the hardcoded sandbox name issue; no out-of-scope modifications detected.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

📝 Coding Plan

• Generate coding plan for human review comments

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@scripts/setup.sh`:
- Around line 203-216: The readiness check is brittle because the inline grep in
SANDBOX_LINE can cause the script to exit under set -euo pipefail when the
sandbox isn't found and also allows substring matches; fix by capturing the full
sanitized output of openshell sandbox list into a variable (use 2>&1 and strip
ANSI), avoid piping directly into grep so the pipeline can't fail (append "||
true" where appropriate), then locate the exact sandbox row using awk equality
on the name column (e.g., awk '$<col> == "'"$SANDBOX_NAME"'" {print $0}') to set
SANDBOX_LINE, then handle the case where SANDBOX_LINE is empty by emitting a
clear warn/fail before proceeding to compute SANDBOX_PHASE and SB_DETAIL; update
references to SANDBOX_LINE, SANDBOX_PHASE and SB_DETAIL accordingly so the later
image-pull checks and final fail message run only when a row is found.
- Around line 77-85: The registry-read section currently runs node inline and
silently falls back to "nemoclaw" on any failure; add an explicit Node.js
availability check (e.g., command -v node or which node) before attempting the
node -e invocation and emit a clear warning to stderr if Node is missing, then
proceed to a documented fallback; additionally capture the node command's exit
status and stderr when setting _sb_name and, on parse/runtime errors, print a
warning mentioning the registry path and error, then either retain the current
SANDBOX_NAME fallback or exit non‑zero per desired behavior. Update the block
that sets SANDBOX_NAME/_sb_name so it checks for node, warns on missing node,
runs node only when available, captures failures from the node -e call, and
prints those failures to stderr instead of silently defaulting.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: dc0adf61-c986-4f0f-a65e-345506721ec7

📥 Commits

Reviewing files that changed from the base of the PR and between 1e23347 and 5352c8d.

📒 Files selected for processing (1)

• scripts/setup.sh

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@scripts/setup.sh`:
- Around line 214-221: The current pipeline assigns SANDBOX_LINE by running
"openshell sandbox list" with "|| true", which hides command failures and treats
them the same as "no sandbox found"; instead run the raw command first capturing
both its stdout into a temp variable (e.g., raw_list) and its exit status, then
if the exit status is non-zero log/fail with the command error (including
stderr) before attempting to parse; only after a successful list (exit code 0)
run the sed/awk filtering to set SANDBOX_LINE and then fail with the existing
"Sandbox ... not found" message if that filtered result is empty. Reference the
SANDBOX_LINE assignment, the "openshell sandbox list" invocation, the "|| true"
suppression, and the final fail call so you can locate and replace the logic
accordingly.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 31574961-f304-4a19-a9c9-441f61e03b25

📥 Commits

Reviewing files that changed from the base of the PR and between 5352c8d and 6468740.

📒 Files selected for processing (1)

• scripts/setup.sh

[kagura-agent]

Addressed the remaining CodeRabbit review feedback:

1. Node.js availability check (comment on registry parsing): Already implemented — command -v node check gates registry parsing, with descriptive warnings when Node is missing or parsing fails. No silent fallback.

2. Brittle readiness check (grep vs awk): Already fixed in 7ba6721 — uses awk for exact name matching and separates openshell sandbox list exit code from 'not found' logic, so CLI/gateway failures surface properly.

Both issues were caught and fixed before these reviews landed. Thanks CodeRabbit! 🤖

[kagura-agent]

Closing — upstream merged #340 which fully addresses #197 with a cleaner approach (passing sandbox name via $1 from nemoclaw.js). Our registry-reading approach is now redundant. Thanks for the fix! 🎉