Skip to content

Revert "ci(images): extend base image build timeout (#3881)" #3928

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
jyaunches wants to merge 2 commits into from
+9 −6
Closed

Revert "ci(images): extend base image build timeout (#3881)" #3928

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
e86399c
Revert "ci(images): extend base image build timeout (#3881)"
jyaunches May 20, 2026
2ca60b1
fix(docker): tolerate removed OpenClaw timeout constant
jyaunches May 20, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions .github/workflows/base-image.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,7 @@ jobs:
build-and-push:
if: github.repository == 'NVIDIA/NemoClaw'
runs-on: ubuntu-latest
timeout-minutes: 45
timeout-minutes: 15
steps:
- name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
Expand Down Expand Up @@ -94,7 +94,7 @@ jobs:
build-and-push-hermes:
if: github.repository == 'NVIDIA/NemoClaw'
runs-on: ubuntu-latest
timeout-minutes: 45
timeout-minutes: 15
steps:
- name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
Expand Down
11 changes: 7 additions & 4 deletions Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -219,10 +219,13 @@ RUN set -eu; \
# \
# Removal criteria: drop when openclaw fixes the underlying connect \
# latency, or exposes the timeout as an unbounded env override. \
hto_files="$(grep -RIlE --include='*.js' 'DEFAULT_PREAUTH_HANDSHAKE_TIMEOUT_MS = 1e4' "$OC_DIST")"; \
test -n "$hto_files" || { echo "ERROR: handshake-timeout constant not found" >&2; exit 1; }; \
printf '%s\n' "$hto_files" | xargs sed -i -E 's|DEFAULT_PREAUTH_HANDSHAKE_TIMEOUT_MS = 1e4|DEFAULT_PREAUTH_HANDSHAKE_TIMEOUT_MS = 6e4|g'; \
if grep -REq --include='*.js' 'DEFAULT_PREAUTH_HANDSHAKE_TIMEOUT_MS = 1e4' "$OC_DIST"; then echo "ERROR: Patch 5 left a 1e4 constant" >&2; exit 1; fi
hto_files="$(grep -RIlE --include='*.js' 'DEFAULT_PREAUTH_HANDSHAKE_TIMEOUT_MS = 1e4' "$OC_DIST" || true)"; \
if [ -n "$hto_files" ]; then \
printf '%s\n' "$hto_files" | xargs sed -i -E 's|DEFAULT_PREAUTH_HANDSHAKE_TIMEOUT_MS = 1e4|DEFAULT_PREAUTH_HANDSHAKE_TIMEOUT_MS = 6e4|g'; \
if grep -REq --include='*.js' 'DEFAULT_PREAUTH_HANDSHAKE_TIMEOUT_MS = 1e4' "$OC_DIST"; then echo "ERROR: Patch 5 left a 1e4 constant" >&2; exit 1; fi; \
else \
echo "INFO: handshake-timeout constant not found; OpenClaw no longer needs Patch 5"; \
fi
Comment on lines +222 to +228
Copy link
Copy Markdown
Contributor

@coderabbitai coderabbitai Bot May 20, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major | 🏗️ Heavy lift

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Description: Search for handshake timeout constants in OpenClaw to detect renames

# Check if the old constant name exists
rg -n 'DEFAULT_PREAUTH_HANDSHAKE_TIMEOUT_MS' --type js || echo "Old constant not found (expected)"

# Search for similar timeout constants that might be the renamed version
rg -n 'HANDSHAKE.*TIMEOUT|PREAUTH.*TIMEOUT|CONNECT.*TIMEOUT' --type js -A2 -B2 || echo "No related timeout constants found"

# Check OpenClaw version
openclaw --version

Repository: NVIDIA/NemoClaw

Length of output: 196

🌐 Web query:

OpenClaw 2026.5.18 release notes handshake timeout configuration

💡 Result:

In OpenClaw, the WebSocket handshake timeout is a configurable setting that governs how long the gateway waits for a client to complete the pre-authentication handshake [1][2]. As of the OpenClaw 2026.5.18 release, the default handshake timeout is 15,000 milliseconds (15 seconds) [1][2]. This setting was previously adjusted from a highly aggressive 3-second default (which caused spurious connection failures on slower hardware or during high event-loop load) to the current 15-second default to better accommodate cold-start scenarios [1][3][4]. To configure this value, you can add the handshakeTimeoutMs field to the gateway section of your OpenClaw configuration file (typically located at ~/.openclaw/openclaw.json) [2]: { "gateway": { "handshakeTimeoutMs": 30000 } } The accepted range for this configuration value is 1,000 to 120,000 milliseconds [1]. Additionally, the environment variable OPENCLAW_HANDSHAKE_TIMEOUT_MS can be used to override this setting for one-off service or shell sessions, as it takes precedence over the configuration file [1][2]. Note that the official documentation recommends addressing the underlying causes of startup or event-loop stalls, such as plugin loading times or hardware constraints, before relying on this timeout knob [2].

Citations:

Update the patch strategy for OpenClaw 2026.5.18+: the hardcoded constant no longer exists; use environment variables instead.

The DEFAULT_PREAUTH_HANDSHAKE_TIMEOUT_MS constant has been removed from OpenClaw 2026.5.18, so the conditional logic correctly skips the patch when not found. However, OpenClaw changed its configuration model entirely—the timeout is now set via the OPENCLAW_HANDSHAKE_TIMEOUT_MS environment variable or config file, not a hardcoded constant.

The build will succeed but the 60-second timeout won't be applied with OpenClaw 2026.5.18+, reverting to the new default of 15 seconds. If the 60-second timeout is critical to prevent handshake failures under load (as noted in lines 208–212), set it via environment variable in the Dockerfile instead:

ENV OPENCLAW_HANDSHAKE_TIMEOUT_MS=60000

Per coding guidelines, validate with E2E tests:

gh workflow run nightly-e2e.yaml --ref <branch> -f jobs=cloud-e2e,sandbox-survival-e2e,hermes-e2e,rebuild-openclaw-e2e
🤖 Prompt for AI Agents 
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@Dockerfile` around lines 222 - 228, The grep/sed patch for
DEFAULT_PREAUTH_HANDSHAKE_TIMEOUT_MS should remain but add an
environment-variable fallback for OpenClaw 2026.5.18+ by setting
OPENCLAW_HANDSHAKE_TIMEOUT_MS to 60000 in the Dockerfile; keep the existing
conditional that logs "handshake-timeout constant not found" and, when that
branch is hit, ensure the Dockerfile exports ENV
OPENCLAW_HANDSHAKE_TIMEOUT_MS=60000 so the 60s timeout is applied when the
hardcoded DEFAULT_PREAUTH_HANDSHAKE_TIMEOUT_MS symbol is absent. Also ensure you
validate the change with the nightly E2E workflow mentioned
(cloud-e2e,sandbox-survival-e2e,hermes-e2e,rebuild-openclaw-e2e).


# Patch OpenClaw's pinned 2026.4.24 compiled selection runtime to expose a
# compact searchable tool catalog to the model while preserving the full
Expand Down
Loading