fix(onboard): register discord plugin entry when Discord channel is configured (#4246)

[nvshaxie]

Summary

• Fixes [Ubuntu 24.04][Onboard] Discord onboard saves channels.discord but does not register plugins.entries.discord #4246. The Discord branch of nemoclaw onboard writes channels.discord and installs the @openclaw/discord npm package, but never registers plugins.entries.discord, so OpenClaw never loads the bridge at boot and the bot stays offline even with valid credentials configured.
• scripts/generate-openclaw-config.py now sets plugins.entries.discord = {enabled: true} whenever discord is in the active messaging channel set, mirroring how Dockerfile.base pairs the WeChat plugin install with openclaw config set plugins.entries.openclaw-weixin.enabled true.
• Two new tests in test/generate-openclaw-config.test.ts lock the contract: the entry appears when the channel is on, and is absent when it is off.

Test plan

• npx vitest run --project cli test/generate-openclaw-config.test.ts — 87/87 pass locally
• In an --fresh Discord onboard run, confirm ~/.openclaw/openclaw.json now contains plugins.entries.discord.enabled = true and the bot replies to an @mention in the configured server

Signed-off-by: Shawn Xie shaxie@nvidia.com

Summary by CodeRabbit

• New Features

  • Discord bot bridge now automatically enables when Discord is configured as a messaging channel, so the plugin loads at startup without manual intervention.

• Tests

  • Added functional tests verifying the Discord plugin is enabled when Discord channels are configured and absent when not configured.

• Build

  • Config generation moved to a Node/TypeScript-based generator during image/build, updating the build-time config step.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: 4ecdac76-1ad2-471f-808c-94ab181d01a8

📥 Commits

Reviewing files that changed from the base of the PR and between 59ed174 and 0581f66.

📒 Files selected for processing (2)

• test/openclaw-build-messaging-plugins.test.ts
• tsconfig.cli.json

✅ Files skipped from review due to trivial changes (1)

• tsconfig.cli.json

---

📝 Walkthrough

Walkthrough

A TypeScript OpenClaw config generator replaces the Python generator in builds; build_config() now enables plugins.entries.discord when a discord messaging channel is present. Dockerfile runs the new .mts generator; tests assert discord plugin presence/absence; minor seed script comment updates included.

Changes

OpenClaw config generator and Discord registration

Layer / File(s)	Summary
Discord plugin entry auto-enablement scripts/generate-openclaw-config.py, test/generate-openclaw-config.test.ts	build_config() adds an _ch_cfg-based conditional to set plugin_entries["discord"] = {"enabled": True} when a discord channel exists. Two tests validate plugins.entries.discord is present when configured and undefined when not.
TypeScript OpenClaw config generator scripts/generate-openclaw-config.mts	New Node/TypeScript generator: env parsing, manifest discovery, model-specific OpenClaw effects, plugin merging/persistence, WeChat detection and optional seeding, writes ~/.openclaw/openclaw.json with 0600, and exports buildConfig/main.
Docker build integration Dockerfile	Copies and chmods generate-openclaw-config.mts into the image and runs it with node --experimental-strip-types (replacing the previous python3 invocation); updates related security comments.
Messaging plugin integration tests test/openclaw-build-messaging-plugins.test.ts, test/generate-openclaw-config.test.ts	Adds tests that spawn the generator and a mocked openclaw binary to assert Discord plugin install arguments, doctor invocation token wiring, and generated openclaw.json contents.
Seed script doc comments scripts/seed-wechat-accounts.py	Three inline comments updated to reference generate-openclaw-config.mts instead of .py; no runtime behavior changed.
tsconfig touch tsconfig.cli.json	Minor include-array line formatting touch; no functional change.

Sequence Diagram(s)

sequenceDiagram
  participant DockerBuild
  participant Generator as generate-openclaw-config.mts
  participant Registry as manifest_registry
  participant build_config
  participant plugin_entries
  participant FS as openclaw.json
  participant WechatSeed as seed-wechat-accounts.py

  DockerBuild->>Generator: run generator during image build
  Generator->>Registry: discover/load model manifests
  Generator->>build_config: compute providers, channels, _ch_cfg
  build_config->>plugin_entries: if "discord" in _ch_cfg -> set plugins.entries.discord = {enabled: true}
  Generator->>FS: write openclaw.json (0600)
  Generator->>WechatSeed: spawn python3 seed-wechat-accounts.py if preinstalled signal

Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

Possibly related PRs

• NVIDIA/NemoClaw#4222: Similar edits to generate-openclaw-config to conditionally emit plugins.entries[<channel>].enabled based on computed messaging channels.
• NVIDIA/NemoClaw#4403: Overlaps on generated config logic and Discord plugin registration/testing.
• NVIDIA/NemoClaw#4571: Migration to a TypeScript generator and related Docker/CI changes this PR builds on.

Suggested labels

NemoClaw CLI, v0.0.54

Suggested reviewers

• cv
• ericksoa

🐰 I found a config, sleepy and dark,
I nudged the discord key — now it sparks!
A TypeScript whisper wrote openclaw.json tight,
Plugins wake and bots greet through the night. 🥕✨

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 5.13% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly describes the main fix: registering the Discord plugin entry when a Discord channel is configured, addressing issue #4246.
Linked Issues check	✅ Passed	The PR fulfills all coding requirements from issue #4246: sets plugins.entries.discord when Discord channel is configured, adds tests validating entry presence/absence, and updates the config generation script logic.
Out of Scope Changes check	✅ Passed	Scope includes refactoring generate-openclaw-config.py to TypeScript, updating Dockerfile, tests, and documentation comments—all directly supporting the Discord plugin entry registration fix.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch fix/discord-plugin-entry-4246

Warning

There were issues while running some tools. Please review the errors and either fix the tool's configuration or disable the tool if it's a critical failure.

🔧 ESLint

If the error stems from missing dependencies, add them to the package.json file. For unrecoverable errors (e.g., due to private dependencies), disable the tool in the CodeRabbit configuration.

ESLint skipped: no ESLint configuration detected in root package.json. To enable, add eslint to devDependencies.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

E2E Advisor Recommendation

Required E2E: cloud-e2e, messaging-providers-e2e, rebuild-openclaw-e2e, telegram-injection-e2e, credential-sanitization-e2e, test-e2e-sandbox, test-e2e-port-overrides
Optional E2E: cloud-onboard-e2e, inference-routing-e2e, network-policy-e2e, channels-add-remove-e2e, device-auth-health-e2e, test-e2e-gateway-isolation

Dispatch hint: cloud-e2e,messaging-providers-e2e,rebuild-openclaw-e2e,telegram-injection-e2e,credential-sanitization-e2e

Workflow run

Full advisor summary

E2E Recommendation Advisor

Base: origin/main
Head: HEAD
Confidence: high

Required E2E

• cloud-e2e (high): Validates the primary install → onboard → sandbox verify → live OpenClaw inference path with the newly generated openclaw.json and Dockerfile execution path.
• messaging-providers-e2e (high): Required because generate-openclaw-config.mts controls messaging channel blocks, credential placeholders, Slack provider-shaped aliases, allowlists, and proxy behavior for Telegram/Discord/Slack.
• rebuild-openclaw-e2e (high): Required because the optimized sandbox build context now stages the .mts generator; rebuild must prove the staged context still builds and produces a usable OpenClaw sandbox.
• telegram-injection-e2e (medium): Required security regression for the Dockerfile C-2 injection boundary, since config generation moved from Python to TypeScript but still consumes untrusted build/env values.
• credential-sanitization-e2e (medium): Required because generated OpenClaw config and WeChat/messaging seed paths handle credential placeholders, provider-backed token resolution, and secret-free image state.
• test-e2e-sandbox (medium): Required image-level smoke for the production Dockerfile plus sandbox fixture image; catches failures in node --experimental-strip-types execution and generated config presence inside the built image.
• test-e2e-port-overrides (medium): Required because generate-openclaw-config.mts owns dashboard/gateway port derivation, CHAT_UI_URL parsing, allowed origins, and device-auth remote/loopback decisions.

Optional E2E

• cloud-onboard-e2e (high): Useful narrower onboard-focused confirmation of image build/openclaw.json generation, but cloud-e2e already covers the primary end-to-end user journey.
• inference-routing-e2e (medium): Good adjacent coverage because the generator sets provider/model/API/compat fields, though the direct routing implementation was not changed.
• network-policy-e2e (medium): Useful confidence for proxy and web-fetch behavior emitted by the generator, but no YAML network policy asset changed in this PR.
• channels-add-remove-e2e (high): Adjacent coverage for channel config/rebuild behavior after the generator rewrite, especially for messaging-channel lifecycle operations.
• device-auth-health-e2e (medium): Useful for the controlUi allowedOrigins/device-auth decisions produced by the generator, but port-overrides plus cloud-e2e cover the most critical paths.
• test-e2e-gateway-isolation (medium): Additional image-level isolation confidence for gateway token/config behavior after Dockerfile config-generation changes.

New E2E recommendations

• WeChat channel bootstrap (medium): The generator now invokes seed-wechat-accounts.py via a subprocess and detects preinstalled WeChat plugin metadata from TypeScript. Existing tests appear to cover this at unit level, but there is no dedicated E2E that onboards/rebuilds with NEMOCLAW_WECHAT_CONFIG_B64 and verifies channels.openclaw-weixin account registration in a real image.
  • Suggested test: Add a hermetic WeChat bootstrap E2E using fake WeChat metadata/config to verify account seeding, OpenClaw plugin load paths, and secret placeholder preservation during onboard/rebuild.
• TypeScript config generator execution in minimal runtime (low): The production image now depends on node --experimental-strip-types at Docker build time. Existing E2E catches this indirectly through image build, but a targeted image smoke could fail faster and assert the .mts script is present/executable and the deleted .py path is not required.
  • Suggested test: Add a Docker image smoke E2E that builds the production image and asserts generate-openclaw-config.mts produced openclaw.json with expected permissions and no dependency on generate-openclaw-config.py.

Dispatch hint

• Workflow: nightly-e2e.yaml
• jobs input: cloud-e2e,messaging-providers-e2e,rebuild-openclaw-e2e,telegram-injection-e2e,credential-sanitization-e2e

[github-actions]

E2E Scenario Advisor Recommendation

Required scenario E2E: ubuntu-repo-cloud-openclaw, ubuntu-repo-cloud-openclaw-telegram, ubuntu-repo-cloud-openclaw-discord, ubuntu-repo-cloud-openclaw-slack, ubuntu-repo-openai-compatible-openclaw
Optional scenario E2E: gpu-repo-local-ollama-openclaw, brev-launchable-cloud-openclaw, wsl-repo-cloud-openclaw, ubuntu-repo-cloud-openclaw-brave

Dispatch required scenario E2E:

• gh workflow run e2e-scenarios.yaml --ref <pr-head-ref> --field scenarios=ubuntu-repo-cloud-openclaw
• gh workflow run e2e-scenarios.yaml --ref <pr-head-ref> --field scenarios=ubuntu-repo-cloud-openclaw-telegram
• gh workflow run e2e-scenarios.yaml --ref <pr-head-ref> --field scenarios=ubuntu-repo-cloud-openclaw-discord
• gh workflow run e2e-scenarios.yaml --ref <pr-head-ref> --field scenarios=ubuntu-repo-cloud-openclaw-slack
• gh workflow run e2e-scenarios.yaml --ref <pr-head-ref> --field scenarios=ubuntu-repo-openai-compatible-openclaw

Workflow run

Full scenario advisor summary

E2E Scenario Advisor

Base: origin/main
Head: HEAD
Confidence: high

Required scenario E2E

• ubuntu-repo-cloud-openclaw: Primary repo-current OpenClaw cloud scenario exercises the Dockerfile switch from Python to TypeScript config generation, the optimized sandbox build-context copy change, and baseline generated openclaw.json behavior during onboarding.
  • Dispatch: gh workflow run e2e-scenarios.yaml --ref <pr-head-ref> --field scenarios=ubuntu-repo-cloud-openclaw
• ubuntu-repo-cloud-openclaw-telegram: The rewritten config generator owns messaging channel configuration; Telegram covers proxy/placeholder/channel wiring and injection-safety paths on the standard Ubuntu OpenClaw onboarding path.
  • Dispatch: gh workflow run e2e-scenarios.yaml --ref <pr-head-ref> --field scenarios=ubuntu-repo-cloud-openclaw-telegram
• ubuntu-repo-cloud-openclaw-discord: The rewritten config generator owns Discord channel/provider wiring; this scenario is the targeted route for Discord messaging config generated into openclaw.json.
  • Dispatch: gh workflow run e2e-scenarios.yaml --ref <pr-head-ref> --field scenarios=ubuntu-repo-cloud-openclaw-discord
• ubuntu-repo-cloud-openclaw-slack: Slack has distinct token placeholder and channel allowlist config in the generator, so the Slack scenario is needed to exercise that changed onboarding/install-helper surface.
  • Dispatch: gh workflow run e2e-scenarios.yaml --ref <pr-head-ref> --field scenarios=ubuntu-repo-cloud-openclaw-slack
• ubuntu-repo-openai-compatible-openclaw: The config generator builds provider/model entries from onboarding env vars; this is the smallest routed scenario that exercises the OpenAI-compatible OpenClaw onboarding profile after the Python-to-TypeScript rewrite.
  • Dispatch: gh workflow run e2e-scenarios.yaml --ref <pr-head-ref> --field scenarios=ubuntu-repo-openai-compatible-openclaw

Optional scenario E2E

• gpu-repo-local-ollama-openclaw: Optional special-runner coverage for the local Ollama provider path, including generator logic for Ollama provider compatibility and proxy behavior; it is the only routed Ollama scenario but requires a GPU runner.
  • Dispatch: gh workflow run e2e-scenarios.yaml --ref <pr-head-ref> --field scenarios=gpu-repo-local-ollama-openclaw
• brev-launchable-cloud-openclaw: Optional adjacent remote-onboarding coverage for generated gateway origins/device-auth behavior, which differs from the loopback Ubuntu path and is exercised by the Brev launchable scenario.
  • Dispatch: gh workflow run e2e-scenarios.yaml --ref <pr-head-ref> --field scenarios=brev-launchable-cloud-openclaw
• wsl-repo-cloud-openclaw: Optional platform-adjacent coverage for the same repo-current OpenClaw onboarding/build-context changes under WSL; not the primary target because Ubuntu covers the changed Dockerfile/config-generator path.
  • Dispatch: gh workflow run e2e-scenarios.yaml --ref <pr-head-ref> --field scenarios=wsl-repo-cloud-openclaw
• ubuntu-repo-cloud-openclaw-brave: Optional targeted coverage for the generator's web-search flag path, which is adjacent to the core OpenClaw config generation but not covered by the baseline cloud scenario.
  • Dispatch: gh workflow run e2e-scenarios.yaml --ref <pr-head-ref> --field scenarios=ubuntu-repo-cloud-openclaw-brave

Relevant changed files

• Dockerfile
• scripts/generate-openclaw-config.mts
• scripts/generate-openclaw-config.py
• scripts/seed-wechat-accounts.py
• src/lib/sandbox/build-context.ts
• tsconfig.cli.json

[github-actions]

PR Review Advisor

Findings: 0 needs attention, 1 worth checking, 0 nice ideas
Since last review: 1 prior item resolved, 1 still applies, 0 new items found

Review findings

🛠️ Needs attention

• None.

🔎 Worth checking

• Discord @mention reply acceptance remains unvalidated (test/openclaw-build-messaging-plugins.test.ts:176): The linked issue's Expected Result includes the bot replying to an @mention. This PR now covers the generated Discord plugin entry and adds a mocked OpenClaw doctor/plugin-load boundary test, but it still does not exercise the actual Discord bridge startup or message/reply path.
  • Recommendation: Add or identify a targeted runtime validation for a fresh Discord onboard run, or a closer behavioral test that drives the Discord bridge startup/message handling path through an @mention-style event.
  • Evidence: Issue [Ubuntu 24.04][Onboard] Discord onboard saves channels.discord but does not register plugins.entries.discord #4246 Expected Result: "openclaw.json contains plugins.entries.discord = { enabled: true }, the plugin loads, and the bot replies to the @mention." `test/generate-openclaw-config.test.ts` asserts `plugins.entries.discord`; `test/openclaw-build-messaging-plugins.test.ts:176` verifies the generated config reaches a mocked `openclaw doctor` boundary, but no changed test exercises a real Discord bridge reply.

🌱 Nice ideas

• None.

Since last review details

Current findings:

• Discord @mention reply acceptance remains unvalidated (test/openclaw-build-messaging-plugins.test.ts:176): The linked issue's Expected Result includes the bot replying to an @mention. This PR now covers the generated Discord plugin entry and adds a mocked OpenClaw doctor/plugin-load boundary test, but it still does not exercise the actual Discord bridge startup or message/reply path.
  • Recommendation: Add or identify a targeted runtime validation for a fresh Discord onboard run, or a closer behavioral test that drives the Discord bridge startup/message handling path through an @mention-style event.
  • Evidence: Issue [Ubuntu 24.04][Onboard] Discord onboard saves channels.discord but does not register plugins.entries.discord #4246 Expected Result: "openclaw.json contains plugins.entries.discord = { enabled: true }, the plugin loads, and the bot replies to the @mention." `test/generate-openclaw-config.test.ts` asserts `plugins.entries.discord`; `test/openclaw-build-messaging-plugins.test.ts:176` verifies the generated config reaches a mocked `openclaw doctor` boundary, but no changed test exercises a real Discord bridge reply.

Workflow run details

This is an automated advisory review. A human maintainer must make the final merge decision.

[wscurran]

✨ Thanks for submitting this detailed PR that fixes the Discord plugin registration issue. This proposes a fix for the issue where the Discord branch of nemoclaw onboard does not register plugins.entries.discord, causing the bot to stay offline even with valid credentials configured.

---

Related open issues:

• #4246 [Ubuntu 24.04][Onboard] Discord onboard saves channels.discord but does not register plugins.entries.discord

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@scripts/generate-openclaw-config.py`:
- Line 735: The inline single-line conditional at line with _ch_cfg and
plugin_entries (if "discord" in _ch_cfg: plugin_entries["discord"] = {"enabled":
True}) must be split into a standard multi-line if block to satisfy Ruff E701;
replace it with an if "discord" in _ch_cfg: on its own line followed by an
indented statement that sets plugin_entries["discord"] = {"enabled": True} so
the check and assignment are on separate lines.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: 7a0578d9-b4a8-42a2-bf83-074c904c846e

📥 Commits

Reviewing files that changed from the base of the PR and between 90beb03 and e7d2504.

📒 Files selected for processing (1)

• scripts/generate-openclaw-config.py

[copy-pr-bot]

This pull request requires additional validation before any workflows can run on NVIDIA's runners.

Pull request vetters can view their responsibilities here.

Contributors can view more details about this message here.

[cv]

Addressed the PR Review Advisor feedback from issuecomment-4550111584 in 0581f66.

Changes:

• Added scripts/**/*.mts to tsconfig.cli.json so scripts/generate-openclaw-config.mts is covered by the normal CLI typecheck path.
• Added a mocked [Ubuntu 24.04][Onboard] Discord onboard saves channels.discord but does not register plugins.entries.discord #4246 bootstrap test that generates Discord openclaw.json, runs openclaw-build-messaging-plugins.py, and fails unless the fake OpenClaw boundary sees the pinned @openclaw/discord install, doctor DISCORD_BOT_TOKEN env, channels.discord.enabled, plugins.entries.discord.enabled, and the Discord token placeholder.

Validation:

• npm run typecheck:cli
• npx vitest run --project cli test/openclaw-build-messaging-plugins.test.ts test/generate-openclaw-config.test.ts test/sandbox-build-context.test.ts test/sandbox-provisioning.test.ts test/security-c2-dockerfile-injection.test.ts test/seed-wechat-accounts.test.ts
• npx vitest run --coverage --coverage.reporter=text --project cli --coverage.include=scripts/generate-openclaw-config.mts test/generate-openclaw-config.test.ts
• git diff --check