Skip to content

fix(rebuild): preserve compatible provider recovery#6665

Merged
cv merged 4 commits into
mainfrom
fix/channels-rebuild-provider-recovery
Jul 11, 2026
Merged

fix(rebuild): preserve compatible provider recovery#6665
cv merged 4 commits into
mainfrom
fix/channels-rebuild-provider-recovery

Conversation

@prekshivyas

@prekshivyas prekshivyas commented Jul 11, 2026

Copy link
Copy Markdown
Contributor

Summary

Preserve the preflighted compatible-endpoint recovery authority while an authoritative rebuild revalidates messaging inference after deleting the old sandbox. This prevents the recreate flow from falling back to NVIDIA Endpoints and demanding an unrelated host key.

Related Issue

Regression follow-up to #6634.

Changes

  • Thread authoritative rebuild context into recorded-provider recovery.
  • Keep ordinary incomplete sessions, fresh sandboxes, mismatched identities, and foreign reservations fail-closed.
  • Cover both the recovery gate and the two-pass messaging revalidation flow.

Type of Change

  • Code change (feature, bug fix, or refactor)
  • Code change with doc updates
  • Doc only (prose changes, no code sample modifications)
  • Doc only (includes code sample changes)

Quality Gates

  • Tests added or updated for changed behavior
  • Existing tests cover changed behavior — justification:
  • Tests not applicable — justification:
  • Docs updated for user-facing behavior changes
  • Docs not applicable — justification: internal rebuild recovery correction; commands and documented behavior are unchanged
  • Sensitive paths changed (security, policy, credentials, preflight, onboarding, inference, runner, sandbox, or messaging)
  • Sensitive-path review completed or maintainer-approved waiver recorded — reviewer/approval link/justification: pending maintainer review; the change retains fix(onboard): scope live inference recovery to sandbox #6634's fresh, mismatched, and unauthorized recovery denials
  • Non-success, skipped, or missing CI check accepted by maintainer — check name, approval link, and follow-up issue:

Verification

  • PR description includes the DCO sign-off declaration and every commit appears as Verified in GitHub
  • Normal pre-commit, commit-msg, and pre-push hooks passed, or npm run check:diff passed when hooks were skipped or unavailable
  • Targeted behavior tests pass for the current change set, or tests are marked not applicable above — npx vitest run --project cli src/lib/onboard/machine/handlers/provider-inference-recovery-gating.test.ts src/lib/onboard/machine/handlers/provider-inference.test.ts (44 passed); adjacent recovery/rebuild selection (126 passed)
  • Applicable broad gate passed — full CLI project: 8,101 passed; six unrelated local prerequisite/time-budget failures, with timeout cases passing under a realistic budget; CI remains authoritative
  • Quality Gates section completed with required justifications or waivers
  • No secrets, API keys, or credentials committed
  • npm run docs builds without warnings (doc changes only)
  • Doc pages follow the style guide (doc changes only)
  • New doc pages include SPDX header and frontmatter (new pages only)

Signed-off-by: Prekshi Vyas prekshiv@nvidia.com

Summary by CodeRabbit

  • Bug Fixes
    • Improved provider inference recovery for authoritative resume flows, including handling of incomplete sessions and foreign reservation flags.
    • Recovery gating now honors sandbox/session context, with recorder behavior correctly enabled or disabled.
    • Strengthened validation for preflighted locked rebuild resumes, providing clearer blocking when authoritative conditions are missing.
  • Tests
    • Added new test coverage for authoritative incomplete-session recovery across matching/mismatched sandboxes and reservation scenarios.
    • Expanded assertions for recovery setup and inference setup inputs in authoritative paths.

Signed-off-by: Prekshi Vyas <prekshiv@nvidia.com>
@coderabbitai

coderabbitai Bot commented Jul 11, 2026

Copy link
Copy Markdown
Contributor

Review Change Stack

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: 90f5bf92-4d6d-474d-a4d3-294a2fcf67c3

📥 Commits

Reviewing files that changed from the base of the PR and between 03010f7 and 7195c9d.

📒 Files selected for processing (1)
  • test/onboard-fsm-live-slices.test.ts

📝 Walkthrough

Walkthrough

Authoritative rebuild validation now requires a preflighted locked resume context. Provider recovery accepts that configuration for incomplete sessions, with inference wiring and tests covering sandbox matching, reservations, messaging revalidation, and live-slice options.

Changes

Provider recovery gating

Layer / File(s) Summary
Locked rebuild authorization
src/lib/onboard/authoritative-rebuild-target.ts, src/lib/onboard/authoritative-rebuild-target.test.ts, test/onboard-fsm-live-slices.test.ts
Authoritative recovery validates locked resume flags, gateway binding, and target fields before returning flow options; the live-slice scenario supplies the required locked-resume flags.
Recovery option and sandbox gating
src/lib/onboard/machine/handlers/provider-inference-recovery.ts
createRecovery accepts authoritativeResumeConfig, and recovery derives the session sandbox for incomplete authoritative sessions.
Inference handling and recovery tests
src/lib/onboard/machine/handlers/provider-inference.ts, src/lib/onboard/machine/handlers/provider-inference-*-recovery*.test.ts
Provider inference forwards the authoritative option, with coverage for matching and mismatched sandboxes, foreign reservations, and recovered selections after messaging revalidation.

Estimated code review effort: 3 (Moderate) | ~25 minutes

Possibly related issues

Possibly related PRs

  • NVIDIA/NemoClaw#4531 — Both changes update authoritative-core-gateway onboarding options with locked-resume flags.

Suggested labels: bug-fix, area: onboarding, area: sandbox

Suggested reviewers: cv

Sequence Diagram(s)

sequenceDiagram
  participant rebuildProviderFlowOptions
  participant handleProviderInferenceState
  participant createRecovery
  participant setupNim
  rebuildProviderFlowOptions->>handleProviderInferenceState: provide validated authoritative resume configuration
  handleProviderInferenceState->>createRecovery: pass authoritativeResumeConfig
  createRecovery->>createRecovery: evaluate session sandbox and recovery eligibility
  handleProviderInferenceState->>setupNim: configure provider with sessionId
Loading
🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name Status Explanation Resolution
Docstring Coverage ⚠️ Warning Docstring coverage is 33.33% which is insufficient. The required threshold is 80.00%. Write docstrings for the functions missing them to satisfy the coverage threshold.
✅ Passed checks (4 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title is clear and matches the main change: preserving compatible provider recovery during rebuilds.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch fix/channels-rebuild-provider-recovery

Comment @coderabbitai help to get the list of available commands.

@github-code-quality

github-code-quality Bot commented Jul 11, 2026

Copy link
Copy Markdown
Contributor

Code Coverage Overview

Languages: TypeScript

TypeScript / code-coverage/plugin

The overall coverage remains at 96%, unchanged from the branch.

TypeScript / code-coverage/cli

The overall coverage in the branch remains at 77%, unchanged from the branch.

Show a code coverage summary of the most impacted files.
File 97cba6f 7195c9d +/-
src/lib/credentials/store.ts 61% 59% -2%
src/lib/sandbox...rce-identity.ts 91% 89% -2%
src/lib/inferen...board-probes.ts 84% 86% +2%
src/lib/inference/local.ts 69% 74% +5%
src/lib/inference/config.ts 93% 98% +5%
src/lib/inferen...time-context.ts 91% 100% +9%
src/lib/actions...de-preflight.ts 51% 61% +10%
src/lib/actions...ge-preflight.ts 74% 94% +20%
src/lib/inferen...del-registry.ts 77% 100% +23%
src/lib/sandbox...rsion-scheme.ts 73% 100% +27%

Updated July 11, 2026 01:31 UTC
Code Coverage is in Public Preview. Learn more and provide us with your feedback.

@github-actions

github-actions Bot commented Jul 11, 2026

Copy link
Copy Markdown
Contributor

E2E Advisor Recommendation

Required E2E: cloud-onboard, inference-routing, network-policy, onboard-repair, onboard-resume, state-backup-restore, upgrade-stale-sandbox
Optional E2E: None

Dispatch hint: cloud-onboard,inference-routing,network-policy,onboard-repair,onboard-resume,state-backup-restore,upgrade-stale-sandbox

Workflow run

Full advisor summary

E2E Recommendation Advisor

Base: origin/main
Head: HEAD
Confidence: high

Required E2E

  • cloud-onboard: Required by the deterministic risk plan for platform-install coverage; these provider inference changes can affect full hosted onboarding from clean host setup through usable assistant.
  • inference-routing: Required by the deterministic risk plan because provider recovery and authoritative resume behavior can affect whether the selected provider/model route is actually reachable at the host-to-sandbox boundary.
  • network-policy: Required by the deterministic risk plan because inference route recovery and credential reuse must remain compatible with real network-policy allow/deny behavior.
  • onboard-repair: Required by the deterministic risk plan and onboarding resume rule: changes to live onboarding machine/provider recovery and authoritative state transitions must validate repair convergence, not just unit coverage.
  • onboard-resume: Required by the deterministic risk plan and onboarding resume rule: changes to incomplete-session authoritative provider recovery and resume state handling must validate real resume behavior.
  • state-backup-restore: Required by the deterministic risk plan because authoritative rebuild target changes affect rebuild/restore paths where credentials, policy, messaging, and workspace state must survive intended preservation paths.
  • upgrade-stale-sandbox: Required by the deterministic risk plan because rebuild handoff and gateway binding validation affect stale sandbox upgrade/recreate flows that must remain retryable and non-destructive.

Optional E2E

  • None.

New E2E recommendations

  • authoritative-rebuild-provider-recovery (high): This PR adds an exception allowing authoritative rebuild resumes to recover provider configuration from an incomplete session. Existing required jobs cover adjacent resume, repair, rebuild, and inference boundaries, but a focused live scenario would catch regressions where locked authoritative rebuild, incomplete session state, gateway route recovery, and messaging-compatible endpoint revalidation interact.
    • Suggested test: Add a live E2E that seeds an authoritative locked rebuild resume with an incomplete provider/session state, validates the pinned gateway binding, recovers the recorded provider route, recreates the sandbox, and verifies the sandbox-side inference route after messaging revalidation.

Dispatch hint

  • Workflow: .github/workflows/e2e.yaml
  • jobs input: cloud-onboard,inference-routing,network-policy,onboard-repair,onboard-resume,state-backup-restore,upgrade-stale-sandbox

@github-actions

github-actions Bot commented Jul 11, 2026

Copy link
Copy Markdown
Contributor

E2E Target Recommendation

Required E2E targets: cloud-onboard, inference-routing, network-policy, onboard-repair, onboard-resume, state-backup-restore, upgrade-stale-sandbox
Optional E2E targets: None

Dispatch required E2E targets:

  • gh workflow run e2e.yaml --ref <pr-head-ref> --field jobs=cloud-onboard
  • gh workflow run e2e.yaml --ref <pr-head-ref> --field jobs=inference-routing
  • gh workflow run e2e.yaml --ref <pr-head-ref> --field jobs=network-policy
  • gh workflow run e2e.yaml --ref <pr-head-ref> --field jobs=onboard-repair
  • gh workflow run e2e.yaml --ref <pr-head-ref> --field jobs=onboard-resume
  • gh workflow run e2e.yaml --ref <pr-head-ref> --field jobs=state-backup-restore
  • gh workflow run e2e.yaml --ref <pr-head-ref> --field jobs=upgrade-stale-sandbox

Workflow run

Full E2E target advisor summary

E2E Target Advisor

Base: origin/main
Head: HEAD
Confidence: high

Required E2E targets

  • cloud-onboard: Installer and platform changes must work on a clean supported host with the pinned runtime dependencies.
    • Dispatch: gh workflow run e2e.yaml --ref <pr-head-ref> --field jobs=cloud-onboard
  • inference-routing: Inference selection, reachability, and network policy must agree at the real host-to-sandbox boundary.
    • Dispatch: gh workflow run e2e.yaml --ref <pr-head-ref> --field jobs=inference-routing
  • network-policy: Inference selection, reachability, and network policy must agree at the real host-to-sandbox boundary.
    • Dispatch: gh workflow run e2e.yaml --ref <pr-head-ref> --field jobs=network-policy
  • onboard-repair: Onboarding and sandbox state must converge across persisted metadata, reported status, and the live runtime.
    • Dispatch: gh workflow run e2e.yaml --ref <pr-head-ref> --field jobs=onboard-repair
  • onboard-resume: Onboarding and sandbox state must converge across persisted metadata, reported status, and the live runtime.
    • Dispatch: gh workflow run e2e.yaml --ref <pr-head-ref> --field jobs=onboard-resume
  • state-backup-restore: Upgrade, rebuild, snapshot, and restore operations must preserve user state while replacing stale runtime state.
    • Dispatch: gh workflow run e2e.yaml --ref <pr-head-ref> --field jobs=state-backup-restore
  • upgrade-stale-sandbox: Upgrade, rebuild, snapshot, and restore operations must preserve user state while replacing stale runtime state.
    • Dispatch: gh workflow run e2e.yaml --ref <pr-head-ref> --field jobs=upgrade-stale-sandbox

Optional E2E targets

  • None.

Relevant changed files

  • src/lib/onboard/authoritative-rebuild-target.ts
  • src/lib/onboard/machine/handlers/provider-inference-recovery.ts
  • src/lib/onboard/machine/handlers/provider-inference.ts
  • test/onboard-fsm-live-slices.test.ts

@github-actions

github-actions Bot commented Jul 11, 2026

Copy link
Copy Markdown
Contributor

PR Review Advisor (Nemotron Ultra) — Changes requested

Merge posture: Do not merge yet
Primary next action: Fix PRA-1: Test file monolith growth exceeds 20-line threshold for hotspot file; then add or justify PRA-T1.
Open items: 3 required · 4 warnings · 0 suggestions · 8 test follow-ups
Since last review: 0 prior items resolved · 0 still apply · 8 new items found

Action checklist

  • PRA-1 Fix: Test file monolith growth exceeds 20-line threshold for hotspot file in src/lib/onboard/machine/handlers/provider-inference-recovery-gating.test.ts:1
  • PRA-2 Fix: Authorization bypass widens trust boundary for provider recovery without enforced removal deadline in src/lib/onboard/machine/handlers/provider-inference-recovery.ts:29
  • PRA-3 Fix: Holistic security posture degraded by unenforced temporary authorization bypass in src/lib/onboard/machine/handlers/provider-inference.ts:267
  • PRA-4 Resolve or justify: Credential reuse path bypasses host-smoke validation for authoritative recovery in src/lib/onboard/machine/handlers/provider-inference.ts:330
  • PRA-5 Resolve or justify: Missing security regression tests for TOCTOU, partial failure, and invalid session data in src/lib/onboard/machine/handlers/provider-inference-recovery-gating.test.ts:1
  • PRA-6 Resolve or justify: Missing regression tests for upgrade-rebuild invariants under authoritative rebuild in src/lib/onboard/authoritative-rebuild-target.test.ts:10
  • PRA-7 Resolve or justify: Missing regression tests for inference-policy invariants under authoritative recovery in src/lib/onboard/machine/handlers/provider-inference-authoritative-recovery.test.ts:10
  • PRA-T1 Add or justify test follow-up: Runtime validation
  • PRA-T2 Add or justify test follow-up: Runtime validation
  • PRA-T3 Add or justify test follow-up: Runtime validation
  • PRA-T4 Add or justify test follow-up: Runtime validation
  • PRA-T5 Add or justify test follow-up: Runtime validation
  • PRA-T6 Add or justify test follow-up: Missing regression tests for upgrade-rebuild invariants under authoritative rebuild
  • PRA-T7 Add or justify test follow-up: Missing regression tests for inference-policy invariants under authoritative recovery
  • PRA-T8 Add or justify test follow-up: Acceptance clause

Findings index

ID Severity Category Location Required action
PRA-1 Required architecture src/lib/onboard/machine/handlers/provider-inference-recovery-gating.test.ts:1 Extract the new authoritative-recovery gating tests into a separate test file (e.g., `provider-inference-authoritative-recovery-gating.test.ts`) or split the existing file into logical modules. At minimum, offset the growth by removing or consolidating other tests in the same file.
PRA-2 Required security src/lib/onboard/machine/handlers/provider-inference-recovery.ts:29 Add a compile-time or test-time guard that fails if the exception persists beyond a target version (e.g., a test that asserts #6666 is closed, or a build-time check against a target release). Alternatively, implement the dedicated provider-recovery authorization receipt handoff in this PR to close the tolerance path.
PRA-3 Required security src/lib/onboard/machine/handlers/provider-inference.ts:267 Implement the dedicated provider-recovery authorization receipt (#6666) in this PR, or add an enforced removal deadline. Dispatch and pass all 5 required E2E jobs before merge.
PRA-4 Resolve/justify security src/lib/onboard/machine/handlers/provider-inference.ts:330 Add a test verifying that `reuseGatewayCredentialWithoutLocalKey` is only set when the authoritative preflight has validated the gateway binding and inference route. Consider whether the sandbox-side smoke test (which still runs per the test) is sufficient mitigation.
PRA-5 Resolve/justify security src/lib/onboard/machine/handlers/provider-inference-recovery-gating.test.ts:1 Add the three missing regression tests as identified in the correctness stage: TOCTOU registry mutation test, partial failure mid-recreate test, and invalid session data negative test.
PRA-6 Resolve/justify tests src/lib/onboard/authoritative-rebuild-target.test.ts:10 Add three regression tests in authoritative-rebuild-target.test.ts or a new authoritative-rebuild-upgrade.test.ts: (1) verify runtime version agreement after authoritative rebuild, (2) verify credential/policy/messaging state preservation across recreate, (3) verify failed authoritative rebuild allows clean retry without destructive cleanup.
PRA-7 Resolve/justify tests src/lib/onboard/machine/handlers/provider-inference-authoritative-recovery.test.ts:10 Add regression tests in provider-inference-authoritative-recovery.test.ts: (1) verify the recovered provider route is actually reachable from the sandbox (not just configured), (2) verify health check uses a real request not just configuration presence, (3) verify network policy enforcement for the authoritative recovery path. Note: invariant (3) requires E2E network-policy job.

🚨 Required before merge

Address these before merging unless a maintainer explicitly overrides the advisor with rationale.

PRA-1 Required — Test file monolith growth exceeds 20-line threshold for hotspot file

  • Location: src/lib/onboard/machine/handlers/provider-inference-recovery-gating.test.ts:1
  • Category: architecture
  • Problem: The file `provider-inference-recovery-gating.test.ts` grew from 314 to 409 lines (+95 lines) in this PR. The monolith delta analysis flags this as severity 'blocker' with rationale: 'Current monolith grew by 20 or more lines; extract or offset the growth before merge.'
  • Impact: Unchecked test file growth reduces maintainability, increases review burden, and makes it harder to isolate test failures. The file is already a hotspot (314 lines base) and this PR adds significant new test coverage for authoritative rebuild recovery gating.
  • Required action: Extract the new authoritative-recovery gating tests into a separate test file (e.g., `provider-inference-authoritative-recovery-gating.test.ts`) or split the existing file into logical modules. At minimum, offset the growth by removing or consolidating other tests in the same file.
  • Expected follow-up: Fix before merge or get explicit maintainer override.
  • Verification: Run `git diff main...HEAD -- src/lib/onboard/machine/handlers/provider-inference-recovery-gating.test.ts | head -100` to see the 95-line addition. Verify the file size exceeds the 20-line growth threshold for hotspot files.
  • Missing regression test: N/A — this is a structural/maintainability issue, not a behavioral regression.
  • Done when: The required change is committed and verification passes: Run `git diff main...HEAD -- src/lib/onboard/machine/handlers/provider-inference-recovery-gating.test.ts | head -100` to see the 95-line addition. Verify the file size exceeds the 20-line growth threshold for hotspot files.
  • Evidence: monolithDeltas in risk context shows file grew from 314 to 409 lines (+95, severity blocker) Diff shows 99 insertions in provider-inference-recovery-gating.test.ts File was already 314 lines before this PR (hotspot threshold)

PRA-2 Required — Authorization bypass widens trust boundary for provider recovery without enforced removal deadline

  • Location: src/lib/onboard/machine/handlers/provider-inference-recovery.ts:29
  • Category: security
  • Problem: The `authoritativeResumeConfig` option bypasses the `session.steps.sandbox.status === "complete"` guard in `shouldRecoverRecordedProvider`, allowing provider recovery from an incomplete session during rebuild recreate. While gated by 7+ flags (resume=true, authoritativeResumeConfig=true, recreateSandbox=true, onboardLockAlreadyHeld=true, matching sandboxName, targetGatewayName/Port, forceProviderSelection=true) and cross-sandbox/foreign-reservation tests confirm fail-closed behavior, the exception is documented as temporary with only issue security(onboard): replace rebuild recovery flag with authorization receipt #6666 reference for removal. No compile-time or test-time guard enforces the removal deadline.
  • Impact: The trust boundary for sandbox recovery authorization is permanently widened if the dedicated provider-recovery authorization receipt (security(onboard): replace rebuild recovery flag with authorization receipt #6666) is not implemented. This allows unauthorized recovery if the authoritative flag is misused or preflight validation is bypassed.
  • Required action: Add a compile-time or test-time guard that fails if the exception persists beyond a target version (e.g., a test that asserts security(onboard): replace rebuild recovery flag with authorization receipt #6666 is closed, or a build-time check against a target release). Alternatively, implement the dedicated provider-recovery authorization receipt handoff in this PR to close the tolerance path.
  • Expected follow-up: Fix before merge or get explicit maintainer override.
  • Verification: Read the comment at provider-inference-recovery.ts:29-38 and verify a tracked follow-up issue exists for the authorization receipt handoff. Check that no enforcement mechanism (test, build check, or lint rule) exists to prevent the exception from persisting indefinitely.
  • Missing regression test: Add a test that fails when the authoritativeResumeConfig exception is still present after a target version/milestone (e.g., a version-gated test or a build-time assertion).
  • Done when: The required change is committed and verification passes: Read the comment at provider-inference-recovery.ts:29-38 and verify a tracked follow-up issue exists for the authorization receipt handoff. Check that no enforcement mechanism (test, build check, or lint rule) exists to prevent the exception from persisting indefinitely.
  • Evidence: provider-inference-recovery.ts:29-38 documents the exception and references security(onboard): replace rebuild recovery flag with authorization receipt #6666 for removal provider-inference-recovery-gating.test.ts tests cross-sandbox and foreign-reservation rejection for authoritative incomplete sessions Security Category 3 (AuthZ) verdict: FAIL - trust boundary widened without enforcement

PRA-3 Required — Holistic security posture degraded by unenforced temporary authorization bypass

  • Location: src/lib/onboard/machine/handlers/provider-inference.ts:267
  • Category: security
  • Problem: The temporary `authoritativeResumeConfig` exception degrades overall security posture by widening the provider recovery trust boundary from 'complete sandbox step required' to 'incomplete session allowed if authoritative flags match.' While the gating is strong (7+ flags, fail-closed tests), the lack of enforcement for the security(onboard): replace rebuild recovery flag with authorization receipt #6666 follow-up means this could become a permanent weakening. RiskPlan invariants for lifecycle-state and inference-policy require E2E validation not yet dispatched.
  • Impact: If the dedicated authorization receipt is never implemented, the exception becomes a permanent weakening of the recovery gate. Required E2E jobs (cloud-onboard, inference-routing, network-policy, onboard-repair, onboard-resume) not yet run means no evidence that the authoritative rebuild recovery works correctly with real gateway/sandbox/network-policy interactions.
  • Required action: Implement the dedicated provider-recovery authorization receipt (security(onboard): replace rebuild recovery flag with authorization receipt #6666) in this PR, or add an enforced removal deadline. Dispatch and pass all 5 required E2E jobs before merge.
  • Expected follow-up: Fix before merge or get explicit maintainer override.
  • Verification: Verify the comment at provider-inference-recovery.ts:29 references security(onboard): replace rebuild recovery flag with authorization receipt #6666 with no enforcement mechanism. Check GitHub Actions for completed runs of the 5 required E2E jobs on PR head commit 7195c9d.
  • Missing regression test: E2E jobs are the regression test for host-to-sandbox boundary behavior. Add a build-time guard that fails if the exception persists past a target version.
  • Done when: The required change is committed and verification passes: Verify the comment at provider-inference-recovery.ts:29 references security(onboard): replace rebuild recovery flag with authorization receipt #6666 with no enforcement mechanism. Check GitHub Actions for completed runs of the 5 required E2E jobs on PR head commit 7195c9d.
  • Evidence: provider-inference-recovery.ts:29-38 documents temporary exception with security(onboard): replace rebuild recovery flag with authorization receipt #6666 reference only riskPlan.requiredJobs lists 5 required E2E jobs (tiers 2-3) not yet dispatched PR body Quality Gates: E2E jobs not run, mergeable_state=blocked Security Category 9 (Holistic) verdict: FAIL - posture degraded without enforcement
Review findings by urgency: 3 required fixes, 4 items to resolve/justify, 0 in-scope improvements

⚠️ Resolve or justify before merge

Investigate these in the current review; either fix them, explain why they are not applicable, or document the accepted risk.

PRA-4 Resolve/justify — Credential reuse path bypasses host-smoke validation for authoritative recovery

  • Location: src/lib/onboard/machine/handlers/provider-inference.ts:330
  • Category: security
  • Problem: When `authoritativeResumeConfig=true` and no hydrated credential exists, the code sets `forceProviderSelection=true` and `reuseGatewayCredentialWithoutLocalKey=true` (`provider-inference.ts:330-335`), bypassing the normal host-side compatible-endpoint smoke test. The gateway credential is reused without local key verification. While gated by authoritative flags and matching sandbox identity, this widens the credential trust boundary.
  • Impact: A compromised or misconfigured gateway credential could be reused without the normal validation that the sandbox-side inference route is actually reachable. The `skipHostInferenceSmoke: true` flag (provider-inference-authoritative-recovery.test.ts:50) suppresses the host-side smoke test entirely for authoritative recovery.
  • Recommended action: Add a test verifying that `reuseGatewayCredentialWithoutLocalKey` is only set when the authoritative preflight has validated the gateway binding and inference route. Consider whether the sandbox-side smoke test (which still runs per the test) is sufficient mitigation.
  • Expected follow-up: Resolve in this PR or explain why the risk is acceptable.
  • Verification: Read provider-inference.ts:320-345 for the credential reuse logic. Check provider-inference-authoritative-recovery.test.ts:50-52 for the skipHostInferenceSmoke and reuseGatewayCredentialWithoutLocalKey assertions.
  • Missing regression test: Add a test that verifies credential reuse is denied when authoritative preflight validation fails or is bypassed.
  • Done when: The risk is fixed or explicitly justified in the PR. Verification: Read provider-inference.ts:320-345 for the credential reuse logic. Check provider-inference-authoritative-recovery.test.ts:50-52 for the skipHostInferenceSmoke and reuseGatewayCredentialWithoutLocalKey assertions.
  • Evidence: provider-inference.ts:330-335 shows forceProviderSelection and reuseGatewayCredentialWithoutLocalKey set when no hydrated credential provider-inference-authoritative-recovery.test.ts:50-52 asserts skipHostInferenceSmoke: true and reuseGatewayCredentialWithoutLocalKey: true Security Category 1 (Secrets) verdict: WARNING - credential trust boundary widened

PRA-5 Resolve/justify — Missing security regression tests for TOCTOU, partial failure, and invalid session data

  • Location: src/lib/onboard/machine/handlers/provider-inference-recovery-gating.test.ts:1
  • Category: security
  • Problem: Security testing gaps: (1) No TOCTOU test for concurrent registry mutation between `shouldRecover()` and `setupInference()` where a foreign reservation could be injected. (2) No test for authoritative rebuild partial failure mid-recreate (deletion succeeds, creation fails) leaving ghost resources. (3) No negative test for `authoritativeResumeConfig=true` with invalid session data (malformed endpointUrl, missing credentialEnv). These are security edge cases that could allow unauthorized recovery or credential leakage.
  • Impact: Without these regression tests, security-critical edge cases are not verified. A TOCTOU race could allow unauthorized recovery. Partial failure could leave stale credentials or port forwards. Invalid session data could propagate bad config.
  • Recommended action: Add the three missing regression tests as identified in the correctness stage: TOCTOU registry mutation test, partial failure mid-recreate test, and invalid session data negative test.
  • Expected follow-up: Resolve in this PR or explain why the risk is acceptable.
  • Verification: Search provider-inference-recovery-gating.test.ts and provider-inference-authoritative-recovery.test.ts for 'TOCTOU', 'partial failure', 'invalid', 'malformed' — no such tests exist.
  • Missing regression test: Add three vitest tests: (1) TOCTOU registry mutation, (2) partial failure mid-recreate, (3) invalid session data under authoritativeResumeConfig.
  • Done when: The risk is fixed or explicitly justified in the PR. Verification: Search provider-inference-recovery-gating.test.ts and provider-inference-authoritative-recovery.test.ts for 'TOCTOU', 'partial failure', 'invalid', 'malformed' — no such tests exist.
  • Evidence: provider-inference.ts:350-360 shows isRecordedProviderRecoveryAuthorized callback for re-check riskPlan invariants require 'partial failure and retry converge without ghost resources' Previous advisor reviews PRA-5, PRA-6, PRA-8 specifically requested these tests Security Category 8 (Security Testing) verdict: WARNING - missing regression coverage

PRA-6 Resolve/justify — Missing regression tests for upgrade-rebuild invariants under authoritative rebuild

  • Location: src/lib/onboard/authoritative-rebuild-target.test.ts:10
  • Category: tests
  • Problem: The riskPlan upgrade-rebuild family identifies three invariants for authoritative rebuild that lack regression test coverage: (1) host and in-sandbox runtime versions agree after mutation, (2) credentials, policy, messaging, and workspace state survive intended preservation paths, (3) failed mutations remain retryable without destructive cleanup. The new authoritative-rebuild-target.ts and provider-inference.ts changes affect the rebuild recreate path but no tests verify these invariants for the authoritative recovery flow.
  • Impact: Without these tests, a regression in the authoritative rebuild path could cause version mismatch between host and sandbox, credential/policy loss during recreate, or destructive cleanup that prevents retry.
  • Recommended action: Add three regression tests in authoritative-rebuild-target.test.ts or a new authoritative-rebuild-upgrade.test.ts: (1) verify runtime version agreement after authoritative rebuild, (2) verify credential/policy/messaging state preservation across recreate, (3) verify failed authoritative rebuild allows clean retry without destructive cleanup.
  • Expected follow-up: Resolve in this PR or explain why the risk is acceptable.
  • Verification: Search authoritative-rebuild-target.test.ts and provider-inference-authoritative-recovery.test.ts for 'runtime version', 'credential preservation', 'policy preservation', 'messaging preservation', 'retry', 'destructive cleanup' — no such tests exist for authoritative rebuild.
  • Missing regression test: Add three vitest tests covering the upgrade-rebuild invariants for authoritative rebuild: runtime version agreement, state preservation, and retryable failure.
  • Done when: The risk is fixed or explicitly justified in the PR. Verification: Search authoritative-rebuild-target.test.ts and provider-inference-authoritative-recovery.test.ts for 'runtime version', 'credential preservation', 'policy preservation', 'messaging preservation', 'retry', 'destructive cleanup' — no such tests exist for authoritative rebuild.
  • Evidence: riskPlan upgrade-rebuild invariants list three specific requirements authoritative-rebuild-target.ts handles the preflight and gateway binding for authoritative rebuild provider-inference.ts handles the provider recovery during authoritative rebuild No existing tests verify these invariants for the authoritative path

PRA-7 Resolve/justify — Missing regression tests for inference-policy invariants under authoritative recovery

  • Location: src/lib/onboard/machine/handlers/provider-inference-authoritative-recovery.test.ts:10
  • Category: tests
  • Problem: The riskPlan inference-policy family identifies three invariants that lack regression test coverage for authoritative recovery: (1) the selected provider is reachable through the route advertised to the agent, (2) health reflects a real request rather than configuration presence, (3) network policy permits the intended route and denies unintended egress. The authoritative recovery path uses skipHostInferenceSmoke=true and reuseGatewayCredentialWithoutLocalKey=true, which bypasses normal reachability validation.
  • Impact: Without these tests, the authoritative recovery could advertise a provider route that is not actually reachable, report health based on configuration rather than real requests, or violate network policy boundaries at the host-to-sandbox boundary.
  • Recommended action: Add regression tests in provider-inference-authoritative-recovery.test.ts: (1) verify the recovered provider route is actually reachable from the sandbox (not just configured), (2) verify health check uses a real request not just configuration presence, (3) verify network policy enforcement for the authoritative recovery path. Note: invariant (3) requires E2E network-policy job.
  • Expected follow-up: Resolve in this PR or explain why the risk is acceptable.
  • Verification: Search provider-inference-authoritative-recovery.test.ts for 'reachable', 'real request', 'health', 'network policy', 'egress' — no such tests exist for authoritative recovery.
  • Missing regression test: Add two unit/mocked tests for invariants (1) and (2), and note invariant (3) requires E2E network-policy job.
  • Done when: The risk is fixed or explicitly justified in the PR. Verification: Search provider-inference-authoritative-recovery.test.ts for 'reachable', 'real request', 'health', 'network policy', 'egress' — no such tests exist for authoritative recovery.
  • Evidence: riskPlan inference-policy invariants list three specific requirements provider-inference.ts:330-335 shows skipHostInferenceSmoke and reuseGatewayCredentialWithoutLocalKey bypass normal validation provider-inference-authoritative-recovery.test.ts:50-52 asserts these flags but doesn't test reachability/health/network-policy Invariant (3) explicitly requires E2E network-policy job per riskPlan

💡 In-scope improvements

These are lower-risk, not throwaway. Prefer fixing them in this PR when they are local to changed code; defer only with rationale or a linked follow-up.

  • None.
Test follow-ups to resolve or justify

If these cover changed behavior, prefer adding them in this PR; otherwise state why existing coverage is enough or link the follow-up.

  • PRA-T1 Runtime validation — Run the `cloud-onboard` E2E job for Installer and platform changes must work on a clean supported host with the pinned runtime dependencies. Matched files: `src/lib/onboard/machine/handlers/provider-inference-recovery.ts`, `src/lib/onboard/machine/handlers/provider-inference.ts`.. Deterministic regression risks require live validation: lifecycle-state, upgrade-rebuild, inference-policy, platform-install. Deterministic regression risks require live validation: lifecycle-state, upgrade-rebuild, inference-policy, platform-install. Unit/mocked coverage is good for gating logic (35 test blocks) but missing for riskPlan invariants. Required E2E jobs are the validation floor for host-to-sandbox boundary behavior.
  • PRA-T2 Runtime validation — Add vitest test for TOCTOU registry mutation between shouldRecover() and setupInference(). Deterministic regression risks require live validation: lifecycle-state, upgrade-rebuild, inference-policy, platform-install. Deterministic regression risks require live validation: lifecycle-state, upgrade-rebuild, inference-policy, platform-install. Unit/mocked coverage is good for gating logic (35 test blocks) but missing for riskPlan invariants. Required E2E jobs are the validation floor for host-to-sandbox boundary behavior.
  • PRA-T3 Runtime validation — Run the `inference-routing` E2E job for Inference selection, reachability, and network policy must agree at the real host-to-sandbox boundary. Matched files: `src/lib/onboard/machine/handlers/provider-inference-recovery.ts`, `src/lib/onboard/machine/handlers/provider-inference.ts`.. Deterministic regression risks require live validation: lifecycle-state, upgrade-rebuild, inference-policy, platform-install. Deterministic regression risks require live validation: lifecycle-state, upgrade-rebuild, inference-policy, platform-install. Unit/mocked coverage is good for gating logic (35 test blocks) but missing for riskPlan invariants. Required E2E jobs are the validation floor for host-to-sandbox boundary behavior.
  • PRA-T4 Runtime validation — Add vitest test for authoritative rebuild partial failure mid-recreate (deletion succeeds, creation fails). Deterministic regression risks require live validation: lifecycle-state, upgrade-rebuild, inference-policy, platform-install. Deterministic regression risks require live validation: lifecycle-state, upgrade-rebuild, inference-policy, platform-install. Unit/mocked coverage is good for gating logic (35 test blocks) but missing for riskPlan invariants. Required E2E jobs are the validation floor for host-to-sandbox boundary behavior.
  • PRA-T5 Runtime validation — Run the `network-policy` E2E job for Inference selection, reachability, and network policy must agree at the real host-to-sandbox boundary. Matched files: `src/lib/onboard/machine/handlers/provider-inference-recovery.ts`, `src/lib/onboard/machine/handlers/provider-inference.ts`.. Deterministic regression risks require live validation: lifecycle-state, upgrade-rebuild, inference-policy, platform-install. Deterministic regression risks require live validation: lifecycle-state, upgrade-rebuild, inference-policy, platform-install. Unit/mocked coverage is good for gating logic (35 test blocks) but missing for riskPlan invariants. Required E2E jobs are the validation floor for host-to-sandbox boundary behavior.
  • PRA-T6 Missing regression tests for upgrade-rebuild invariants under authoritative rebuild — Add three regression tests in authoritative-rebuild-target.test.ts or a new authoritative-rebuild-upgrade.test.ts: (1) verify runtime version agreement after authoritative rebuild, (2) verify credential/policy/messaging state preservation across recreate, (3) verify failed authoritative rebuild allows clean retry without destructive cleanup.
  • PRA-T7 Missing regression tests for inference-policy invariants under authoritative recovery — Add regression tests in provider-inference-authoritative-recovery.test.ts: (1) verify the recovered provider route is actually reachable from the sandbox (not just configured), (2) verify health check uses a real request not just configuration presence, (3) verify network policy enforcement for the authoritative recovery path. Note: invariant (3) requires E2E network-policy job.
  • PRA-T8 Acceptance clause — E2E validation for lifecycle-state, upgrade-rebuild, inference-policy, platform-install risk families — add test evidence or identify existing coverage. PR body Quality Gates: E2E jobs not run, mergeable_state=blocked; riskPlan requires 7 E2E jobs (cloud-onboard, inference-routing, network-policy, onboard-repair, onboard-resume, state-backup-restore, upgrade-stale-sandbox) not dispatched
Since last review details

Current findings, using the urgency labels above:

PRA-1 Required — Test file monolith growth exceeds 20-line threshold for hotspot file

  • Location: src/lib/onboard/machine/handlers/provider-inference-recovery-gating.test.ts:1
  • Category: architecture
  • Problem: The file `provider-inference-recovery-gating.test.ts` grew from 314 to 409 lines (+95 lines) in this PR. The monolith delta analysis flags this as severity 'blocker' with rationale: 'Current monolith grew by 20 or more lines; extract or offset the growth before merge.'
  • Impact: Unchecked test file growth reduces maintainability, increases review burden, and makes it harder to isolate test failures. The file is already a hotspot (314 lines base) and this PR adds significant new test coverage for authoritative rebuild recovery gating.
  • Required action: Extract the new authoritative-recovery gating tests into a separate test file (e.g., `provider-inference-authoritative-recovery-gating.test.ts`) or split the existing file into logical modules. At minimum, offset the growth by removing or consolidating other tests in the same file.
  • Expected follow-up: Fix before merge or get explicit maintainer override.
  • Verification: Run `git diff main...HEAD -- src/lib/onboard/machine/handlers/provider-inference-recovery-gating.test.ts | head -100` to see the 95-line addition. Verify the file size exceeds the 20-line growth threshold for hotspot files.
  • Missing regression test: N/A — this is a structural/maintainability issue, not a behavioral regression.
  • Done when: The required change is committed and verification passes: Run `git diff main...HEAD -- src/lib/onboard/machine/handlers/provider-inference-recovery-gating.test.ts | head -100` to see the 95-line addition. Verify the file size exceeds the 20-line growth threshold for hotspot files.
  • Evidence: monolithDeltas in risk context shows file grew from 314 to 409 lines (+95, severity blocker) Diff shows 99 insertions in provider-inference-recovery-gating.test.ts File was already 314 lines before this PR (hotspot threshold)

PRA-2 Required — Authorization bypass widens trust boundary for provider recovery without enforced removal deadline

  • Location: src/lib/onboard/machine/handlers/provider-inference-recovery.ts:29
  • Category: security
  • Problem: The `authoritativeResumeConfig` option bypasses the `session.steps.sandbox.status === "complete"` guard in `shouldRecoverRecordedProvider`, allowing provider recovery from an incomplete session during rebuild recreate. While gated by 7+ flags (resume=true, authoritativeResumeConfig=true, recreateSandbox=true, onboardLockAlreadyHeld=true, matching sandboxName, targetGatewayName/Port, forceProviderSelection=true) and cross-sandbox/foreign-reservation tests confirm fail-closed behavior, the exception is documented as temporary with only issue security(onboard): replace rebuild recovery flag with authorization receipt #6666 reference for removal. No compile-time or test-time guard enforces the removal deadline.
  • Impact: The trust boundary for sandbox recovery authorization is permanently widened if the dedicated provider-recovery authorization receipt (security(onboard): replace rebuild recovery flag with authorization receipt #6666) is not implemented. This allows unauthorized recovery if the authoritative flag is misused or preflight validation is bypassed.
  • Required action: Add a compile-time or test-time guard that fails if the exception persists beyond a target version (e.g., a test that asserts security(onboard): replace rebuild recovery flag with authorization receipt #6666 is closed, or a build-time check against a target release). Alternatively, implement the dedicated provider-recovery authorization receipt handoff in this PR to close the tolerance path.
  • Expected follow-up: Fix before merge or get explicit maintainer override.
  • Verification: Read the comment at provider-inference-recovery.ts:29-38 and verify a tracked follow-up issue exists for the authorization receipt handoff. Check that no enforcement mechanism (test, build check, or lint rule) exists to prevent the exception from persisting indefinitely.
  • Missing regression test: Add a test that fails when the authoritativeResumeConfig exception is still present after a target version/milestone (e.g., a version-gated test or a build-time assertion).
  • Done when: The required change is committed and verification passes: Read the comment at provider-inference-recovery.ts:29-38 and verify a tracked follow-up issue exists for the authorization receipt handoff. Check that no enforcement mechanism (test, build check, or lint rule) exists to prevent the exception from persisting indefinitely.
  • Evidence: provider-inference-recovery.ts:29-38 documents the exception and references security(onboard): replace rebuild recovery flag with authorization receipt #6666 for removal provider-inference-recovery-gating.test.ts tests cross-sandbox and foreign-reservation rejection for authoritative incomplete sessions Security Category 3 (AuthZ) verdict: FAIL - trust boundary widened without enforcement

PRA-3 Required — Holistic security posture degraded by unenforced temporary authorization bypass

  • Location: src/lib/onboard/machine/handlers/provider-inference.ts:267
  • Category: security
  • Problem: The temporary `authoritativeResumeConfig` exception degrades overall security posture by widening the provider recovery trust boundary from 'complete sandbox step required' to 'incomplete session allowed if authoritative flags match.' While the gating is strong (7+ flags, fail-closed tests), the lack of enforcement for the security(onboard): replace rebuild recovery flag with authorization receipt #6666 follow-up means this could become a permanent weakening. RiskPlan invariants for lifecycle-state and inference-policy require E2E validation not yet dispatched.
  • Impact: If the dedicated authorization receipt is never implemented, the exception becomes a permanent weakening of the recovery gate. Required E2E jobs (cloud-onboard, inference-routing, network-policy, onboard-repair, onboard-resume) not yet run means no evidence that the authoritative rebuild recovery works correctly with real gateway/sandbox/network-policy interactions.
  • Required action: Implement the dedicated provider-recovery authorization receipt (security(onboard): replace rebuild recovery flag with authorization receipt #6666) in this PR, or add an enforced removal deadline. Dispatch and pass all 5 required E2E jobs before merge.
  • Expected follow-up: Fix before merge or get explicit maintainer override.
  • Verification: Verify the comment at provider-inference-recovery.ts:29 references security(onboard): replace rebuild recovery flag with authorization receipt #6666 with no enforcement mechanism. Check GitHub Actions for completed runs of the 5 required E2E jobs on PR head commit 7195c9d.
  • Missing regression test: E2E jobs are the regression test for host-to-sandbox boundary behavior. Add a build-time guard that fails if the exception persists past a target version.
  • Done when: The required change is committed and verification passes: Verify the comment at provider-inference-recovery.ts:29 references security(onboard): replace rebuild recovery flag with authorization receipt #6666 with no enforcement mechanism. Check GitHub Actions for completed runs of the 5 required E2E jobs on PR head commit 7195c9d.
  • Evidence: provider-inference-recovery.ts:29-38 documents temporary exception with security(onboard): replace rebuild recovery flag with authorization receipt #6666 reference only riskPlan.requiredJobs lists 5 required E2E jobs (tiers 2-3) not yet dispatched PR body Quality Gates: E2E jobs not run, mergeable_state=blocked Security Category 9 (Holistic) verdict: FAIL - posture degraded without enforcement

PRA-4 Resolve/justify — Credential reuse path bypasses host-smoke validation for authoritative recovery

  • Location: src/lib/onboard/machine/handlers/provider-inference.ts:330
  • Category: security
  • Problem: When `authoritativeResumeConfig=true` and no hydrated credential exists, the code sets `forceProviderSelection=true` and `reuseGatewayCredentialWithoutLocalKey=true` (`provider-inference.ts:330-335`), bypassing the normal host-side compatible-endpoint smoke test. The gateway credential is reused without local key verification. While gated by authoritative flags and matching sandbox identity, this widens the credential trust boundary.
  • Impact: A compromised or misconfigured gateway credential could be reused without the normal validation that the sandbox-side inference route is actually reachable. The `skipHostInferenceSmoke: true` flag (provider-inference-authoritative-recovery.test.ts:50) suppresses the host-side smoke test entirely for authoritative recovery.
  • Recommended action: Add a test verifying that `reuseGatewayCredentialWithoutLocalKey` is only set when the authoritative preflight has validated the gateway binding and inference route. Consider whether the sandbox-side smoke test (which still runs per the test) is sufficient mitigation.
  • Expected follow-up: Resolve in this PR or explain why the risk is acceptable.
  • Verification: Read provider-inference.ts:320-345 for the credential reuse logic. Check provider-inference-authoritative-recovery.test.ts:50-52 for the skipHostInferenceSmoke and reuseGatewayCredentialWithoutLocalKey assertions.
  • Missing regression test: Add a test that verifies credential reuse is denied when authoritative preflight validation fails or is bypassed.
  • Done when: The risk is fixed or explicitly justified in the PR. Verification: Read provider-inference.ts:320-345 for the credential reuse logic. Check provider-inference-authoritative-recovery.test.ts:50-52 for the skipHostInferenceSmoke and reuseGatewayCredentialWithoutLocalKey assertions.
  • Evidence: provider-inference.ts:330-335 shows forceProviderSelection and reuseGatewayCredentialWithoutLocalKey set when no hydrated credential provider-inference-authoritative-recovery.test.ts:50-52 asserts skipHostInferenceSmoke: true and reuseGatewayCredentialWithoutLocalKey: true Security Category 1 (Secrets) verdict: WARNING - credential trust boundary widened

PRA-5 Resolve/justify — Missing security regression tests for TOCTOU, partial failure, and invalid session data

  • Location: src/lib/onboard/machine/handlers/provider-inference-recovery-gating.test.ts:1
  • Category: security
  • Problem: Security testing gaps: (1) No TOCTOU test for concurrent registry mutation between `shouldRecover()` and `setupInference()` where a foreign reservation could be injected. (2) No test for authoritative rebuild partial failure mid-recreate (deletion succeeds, creation fails) leaving ghost resources. (3) No negative test for `authoritativeResumeConfig=true` with invalid session data (malformed endpointUrl, missing credentialEnv). These are security edge cases that could allow unauthorized recovery or credential leakage.
  • Impact: Without these regression tests, security-critical edge cases are not verified. A TOCTOU race could allow unauthorized recovery. Partial failure could leave stale credentials or port forwards. Invalid session data could propagate bad config.
  • Recommended action: Add the three missing regression tests as identified in the correctness stage: TOCTOU registry mutation test, partial failure mid-recreate test, and invalid session data negative test.
  • Expected follow-up: Resolve in this PR or explain why the risk is acceptable.
  • Verification: Search provider-inference-recovery-gating.test.ts and provider-inference-authoritative-recovery.test.ts for 'TOCTOU', 'partial failure', 'invalid', 'malformed' — no such tests exist.
  • Missing regression test: Add three vitest tests: (1) TOCTOU registry mutation, (2) partial failure mid-recreate, (3) invalid session data under authoritativeResumeConfig.
  • Done when: The risk is fixed or explicitly justified in the PR. Verification: Search provider-inference-recovery-gating.test.ts and provider-inference-authoritative-recovery.test.ts for 'TOCTOU', 'partial failure', 'invalid', 'malformed' — no such tests exist.
  • Evidence: provider-inference.ts:350-360 shows isRecordedProviderRecoveryAuthorized callback for re-check riskPlan invariants require 'partial failure and retry converge without ghost resources' Previous advisor reviews PRA-5, PRA-6, PRA-8 specifically requested these tests Security Category 8 (Security Testing) verdict: WARNING - missing regression coverage

PRA-6 Resolve/justify — Missing regression tests for upgrade-rebuild invariants under authoritative rebuild

  • Location: src/lib/onboard/authoritative-rebuild-target.test.ts:10
  • Category: tests
  • Problem: The riskPlan upgrade-rebuild family identifies three invariants for authoritative rebuild that lack regression test coverage: (1) host and in-sandbox runtime versions agree after mutation, (2) credentials, policy, messaging, and workspace state survive intended preservation paths, (3) failed mutations remain retryable without destructive cleanup. The new authoritative-rebuild-target.ts and provider-inference.ts changes affect the rebuild recreate path but no tests verify these invariants for the authoritative recovery flow.
  • Impact: Without these tests, a regression in the authoritative rebuild path could cause version mismatch between host and sandbox, credential/policy loss during recreate, or destructive cleanup that prevents retry.
  • Recommended action: Add three regression tests in authoritative-rebuild-target.test.ts or a new authoritative-rebuild-upgrade.test.ts: (1) verify runtime version agreement after authoritative rebuild, (2) verify credential/policy/messaging state preservation across recreate, (3) verify failed authoritative rebuild allows clean retry without destructive cleanup.
  • Expected follow-up: Resolve in this PR or explain why the risk is acceptable.
  • Verification: Search authoritative-rebuild-target.test.ts and provider-inference-authoritative-recovery.test.ts for 'runtime version', 'credential preservation', 'policy preservation', 'messaging preservation', 'retry', 'destructive cleanup' — no such tests exist for authoritative rebuild.
  • Missing regression test: Add three vitest tests covering the upgrade-rebuild invariants for authoritative rebuild: runtime version agreement, state preservation, and retryable failure.
  • Done when: The risk is fixed or explicitly justified in the PR. Verification: Search authoritative-rebuild-target.test.ts and provider-inference-authoritative-recovery.test.ts for 'runtime version', 'credential preservation', 'policy preservation', 'messaging preservation', 'retry', 'destructive cleanup' — no such tests exist for authoritative rebuild.
  • Evidence: riskPlan upgrade-rebuild invariants list three specific requirements authoritative-rebuild-target.ts handles the preflight and gateway binding for authoritative rebuild provider-inference.ts handles the provider recovery during authoritative rebuild No existing tests verify these invariants for the authoritative path

PRA-7 Resolve/justify — Missing regression tests for inference-policy invariants under authoritative recovery

  • Location: src/lib/onboard/machine/handlers/provider-inference-authoritative-recovery.test.ts:10
  • Category: tests
  • Problem: The riskPlan inference-policy family identifies three invariants that lack regression test coverage for authoritative recovery: (1) the selected provider is reachable through the route advertised to the agent, (2) health reflects a real request rather than configuration presence, (3) network policy permits the intended route and denies unintended egress. The authoritative recovery path uses skipHostInferenceSmoke=true and reuseGatewayCredentialWithoutLocalKey=true, which bypasses normal reachability validation.
  • Impact: Without these tests, the authoritative recovery could advertise a provider route that is not actually reachable, report health based on configuration rather than real requests, or violate network policy boundaries at the host-to-sandbox boundary.
  • Recommended action: Add regression tests in provider-inference-authoritative-recovery.test.ts: (1) verify the recovered provider route is actually reachable from the sandbox (not just configured), (2) verify health check uses a real request not just configuration presence, (3) verify network policy enforcement for the authoritative recovery path. Note: invariant (3) requires E2E network-policy job.
  • Expected follow-up: Resolve in this PR or explain why the risk is acceptable.
  • Verification: Search provider-inference-authoritative-recovery.test.ts for 'reachable', 'real request', 'health', 'network policy', 'egress' — no such tests exist for authoritative recovery.
  • Missing regression test: Add two unit/mocked tests for invariants (1) and (2), and note invariant (3) requires E2E network-policy job.
  • Done when: The risk is fixed or explicitly justified in the PR. Verification: Search provider-inference-authoritative-recovery.test.ts for 'reachable', 'real request', 'health', 'network policy', 'egress' — no such tests exist for authoritative recovery.
  • Evidence: riskPlan inference-policy invariants list three specific requirements provider-inference.ts:330-335 shows skipHostInferenceSmoke and reuseGatewayCredentialWithoutLocalKey bypass normal validation provider-inference-authoritative-recovery.test.ts:50-52 asserts these flags but doesn't test reachability/health/network-policy Invariant (3) explicitly requires E2E network-policy job per riskPlan

Workflow run details

This is an automated, non-binding review; it still expects maintainers and agents to respond to each required or warning item. Treat suggestions as current-PR improvements when they touch changed code; defer only with maintainer rationale or a linked follow-up. A human maintainer must make the final merge decision.

@github-actions

github-actions Bot commented Jul 11, 2026

Copy link
Copy Markdown
Contributor

PR Review Advisor — Changes requested

Merge posture: Do not merge yet
Primary next action: Resolve or justify PRA-1: Split the expanded recovery-gating test monolith.
Open items: 0 required · 1 warning · 0 suggestions · 5 test follow-ups
Since last review: 0 prior items resolved · 1 still applies · 0 new items found

Action checklist

  • PRA-1 Resolve or justify: Split the expanded recovery-gating test monolith in src/lib/onboard/machine/handlers/provider-inference-recovery-gating.test.ts:1
  • PRA-T1 Add or justify test follow-up: Runtime validation
  • PRA-T2 Add or justify test follow-up: Runtime validation
  • PRA-T3 Add or justify test follow-up: Runtime validation
  • PRA-T4 Add or justify test follow-up: Runtime validation
  • PRA-T5 Add or justify test follow-up: Runtime validation

Findings index

ID Severity Category Location Required action
PRA-1 Resolve/justify architecture src/lib/onboard/machine/handlers/provider-inference-recovery-gating.test.ts:1 Move the new authoritative incomplete-session/rebuild recovery cases into a focused companion spec or extract a small local scenario helper so this file does not continue growing as the recovery authority matrix expands.
Review findings by urgency: 0 required fixes, 1 item to resolve/justify, 0 in-scope improvements

⚠️ Resolve or justify before merge

Investigate these in the current review; either fix them, explain why they are not applicable, or document the accepted risk.

PRA-1 Resolve/justify — Split the expanded recovery-gating test monolith

  • Location: src/lib/onboard/machine/handlers/provider-inference-recovery-gating.test.ts:1
  • Category: architecture
  • Problem: The PR adds about 95 lines to an already large recovery-gating test file, bringing it from 314 to 409 lines. The new authoritative incomplete-session cases are useful, but concentrating them in the existing hotspot makes the recovery authority matrix harder to audit and increases the chance that future lifecycle-state regressions hide in a broad fixture-heavy spec.
  • Impact: Provider recovery is a security- and lifecycle-sensitive boundary; an overgrown test module makes it harder for reviewers and maintainers to verify which cases cover ordinary resume, pending route reservations, and the new authoritative rebuild exception.
  • Recommended action: Move the new authoritative incomplete-session/rebuild recovery cases into a focused companion spec or extract a small local scenario helper so this file does not continue growing as the recovery authority matrix expands.
  • Expected follow-up: Resolve in this PR or explain why the risk is acceptable.
  • Verification: Read src/lib/onboard/machine/handlers/provider-inference-recovery-gating.test.ts and confirm the authoritative rebuild cases added by this PR are separated from the existing general recovery-gating matrix or offset by extraction.
  • Missing regression test: Existing checked-in tests cover the new behavior; this finding is about test architecture, so no additional behavioral regression case is required beyond preserving the moved assertions.
  • Done when: The risk is fixed or explicitly justified in the PR. Verification: Read src/lib/onboard/machine/handlers/provider-inference-recovery-gating.test.ts and confirm the authoritative rebuild cases added by this PR are separated from the existing general recovery-gating matrix or offset by extraction.
  • Evidence: Scope context reports monolithDeltas for src/lib/onboard/machine/handlers/provider-inference-recovery-gating.test.ts: baseLines 314, headLines 409, delta 95. The diff adds tests named allows a preflighted authoritative rebuild to recover from its incomplete session, rejects an authoritative incomplete session for a different sandbox, rejects an authoritative incomplete session with a foreign reservation, and changes the recheck case in the same file.

💡 In-scope improvements

These are lower-risk, not throwaway. Prefer fixing them in this PR when they are local to changed code; defer only with rationale or a linked follow-up.

  • None.
Test follow-ups to resolve or justify

If these cover changed behavior, prefer adding them in this PR; otherwise state why existing coverage is enough or link the follow-up.

  • PRA-T1 Runtime validation — Run the `cloud-onboard` E2E job for Installer and platform changes must work on a clean supported host with the pinned runtime dependencies. Matched files: `src/lib/onboard/machine/handlers/provider-inference-recovery.ts`, `src/lib/onboard/machine/handlers/provider-inference.ts`.. Deterministic regression risks require live validation: lifecycle-state, upgrade-rebuild, inference-policy, platform-install. Checked-in unit and subprocess tests cover the changed positive, negative, error, retry/recheck, and gateway-scope branches. However, the deterministic risk plan is tier 3 and includes lifecycle-state, upgrade-rebuild, inference-policy, and platform-install invariants that cross mocked host-to-sandbox boundaries.
  • PRA-T2 Runtime validation — Run or justify not running the `cloud-onboard` E2E job to validate that a clean supported host installs pinned runtime dependencies and reaches a usable agent through the changed provider-inference recovery path.. Deterministic regression risks require live validation: lifecycle-state, upgrade-rebuild, inference-policy, platform-install. Checked-in unit and subprocess tests cover the changed positive, negative, error, retry/recheck, and gateway-scope branches. However, the deterministic risk plan is tier 3 and includes lifecycle-state, upgrade-rebuild, inference-policy, and platform-install invariants that cross mocked host-to-sandbox boundaries.
  • PRA-T3 Runtime validation — Run the `inference-routing` E2E job for Inference selection, reachability, and network policy must agree at the real host-to-sandbox boundary. Matched files: `src/lib/onboard/machine/handlers/provider-inference-recovery.ts`, `src/lib/onboard/machine/handlers/provider-inference.ts`.. Deterministic regression risks require live validation: lifecycle-state, upgrade-rebuild, inference-policy, platform-install. Checked-in unit and subprocess tests cover the changed positive, negative, error, retry/recheck, and gateway-scope branches. However, the deterministic risk plan is tier 3 and includes lifecycle-state, upgrade-rebuild, inference-policy, and platform-install invariants that cross mocked host-to-sandbox boundaries.
  • PRA-T4 Runtime validation — Run or justify not running the `inference-routing` E2E job to validate that the recovered selected provider is reachable through the route advertised to the agent.. Deterministic regression risks require live validation: lifecycle-state, upgrade-rebuild, inference-policy, platform-install. Checked-in unit and subprocess tests cover the changed positive, negative, error, retry/recheck, and gateway-scope branches. However, the deterministic risk plan is tier 3 and includes lifecycle-state, upgrade-rebuild, inference-policy, and platform-install invariants that cross mocked host-to-sandbox boundaries.
  • PRA-T5 Runtime validation — Run the `network-policy` E2E job for Inference selection, reachability, and network policy must agree at the real host-to-sandbox boundary. Matched files: `src/lib/onboard/machine/handlers/provider-inference-recovery.ts`, `src/lib/onboard/machine/handlers/provider-inference.ts`.. Deterministic regression risks require live validation: lifecycle-state, upgrade-rebuild, inference-policy, platform-install. Checked-in unit and subprocess tests cover the changed positive, negative, error, retry/recheck, and gateway-scope branches. However, the deterministic risk plan is tier 3 and includes lifecycle-state, upgrade-rebuild, inference-policy, and platform-install invariants that cross mocked host-to-sandbox boundaries.
Since last review details

Current findings, using the urgency labels above:

PRA-1 Resolve/justify — Split the expanded recovery-gating test monolith

  • Location: src/lib/onboard/machine/handlers/provider-inference-recovery-gating.test.ts:1
  • Category: architecture
  • Problem: The PR adds about 95 lines to an already large recovery-gating test file, bringing it from 314 to 409 lines. The new authoritative incomplete-session cases are useful, but concentrating them in the existing hotspot makes the recovery authority matrix harder to audit and increases the chance that future lifecycle-state regressions hide in a broad fixture-heavy spec.
  • Impact: Provider recovery is a security- and lifecycle-sensitive boundary; an overgrown test module makes it harder for reviewers and maintainers to verify which cases cover ordinary resume, pending route reservations, and the new authoritative rebuild exception.
  • Recommended action: Move the new authoritative incomplete-session/rebuild recovery cases into a focused companion spec or extract a small local scenario helper so this file does not continue growing as the recovery authority matrix expands.
  • Expected follow-up: Resolve in this PR or explain why the risk is acceptable.
  • Verification: Read src/lib/onboard/machine/handlers/provider-inference-recovery-gating.test.ts and confirm the authoritative rebuild cases added by this PR are separated from the existing general recovery-gating matrix or offset by extraction.
  • Missing regression test: Existing checked-in tests cover the new behavior; this finding is about test architecture, so no additional behavioral regression case is required beyond preserving the moved assertions.
  • Done when: The risk is fixed or explicitly justified in the PR. Verification: Read src/lib/onboard/machine/handlers/provider-inference-recovery-gating.test.ts and confirm the authoritative rebuild cases added by this PR are separated from the existing general recovery-gating matrix or offset by extraction.
  • Evidence: Scope context reports monolithDeltas for src/lib/onboard/machine/handlers/provider-inference-recovery-gating.test.ts: baseLines 314, headLines 409, delta 95. The diff adds tests named allows a preflighted authoritative rebuild to recover from its incomplete session, rejects an authoritative incomplete session for a different sandbox, rejects an authoritative incomplete session with a foreign reservation, and changes the recheck case in the same file.

Workflow run details

This is an automated, non-binding review; it still expects maintainers and agents to respond to each required or warning item. Treat suggestions as current-PR improvements when they touch changed code; defer only with maintainer rationale or a linked follow-up. A human maintainer must make the final merge decision.

Signed-off-by: Prekshi Vyas <prekshiv@nvidia.com>
@github-actions

Copy link
Copy Markdown
Contributor

E2E Target Results — ✅ All requested jobs passed

Run: 29133396068
Workflow ref: fix/channels-rebuild-provider-recovery
Requested targets: (default — all supported)
Requested jobs: channels-add-remove
Summary: 1 passed, 0 failed, 0 cancelled, 0 skipped

Job Result
channels-add-remove ✅ success

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🧹 Nitpick comments (1)
src/lib/onboard/machine/handlers/provider-inference-recovery-gating.test.ts (1)

62-91: 📐 Maintainability & Code Quality | 🔵 Trivial | ⚡ Quick win

Consider also asserting the observable return value, not only the setupNim mock call.

The test only verifies calls.setupNim was invoked with the recovery flag set to true; it does not assert anything about handleProviderInferenceState's return value (e.g., recovered provider/model/sandboxName). Per path instructions for test files, prefer observable outcomes through the public boundary over mock-call assertions where feasible — a follow-up expect(result).toMatchObject(...) would make the test more resilient to internal refactors of the setupNim call signature while still proving the gate fired.

As per path instructions, "Prefer observable outcomes through the public boundary over source-text, private-shape, or mock-call assertions."

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@src/lib/onboard/machine/handlers/provider-inference-recovery-gating.test.ts`
around lines 62 - 91, Update the test for handleProviderInferenceState to
capture its return value and assert the observable recovered provider, model,
and sandboxName with expect(result).toMatchObject(...). Retain the setupNim
assertion only if needed to verify the recovery gate, but prioritize the public
return value over the mock-call signature.

Source: Path instructions

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Nitpick comments:
In `@src/lib/onboard/machine/handlers/provider-inference-recovery-gating.test.ts`:
- Around line 62-91: Update the test for handleProviderInferenceState to capture
its return value and assert the observable recovered provider, model, and
sandboxName with expect(result).toMatchObject(...). Retain the setupNim
assertion only if needed to verify the recovery gate, but prioritize the public
return value over the mock-call signature.

ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: 27235fa2-0c05-4745-855c-a11e4cdf89f9

📥 Commits

Reviewing files that changed from the base of the PR and between 78d5bc3 and 570a237.

📒 Files selected for processing (4)
  • src/lib/onboard/machine/handlers/provider-inference-recovery-gating.test.ts
  • src/lib/onboard/machine/handlers/provider-inference-recovery.ts
  • src/lib/onboard/machine/handlers/provider-inference.test.ts
  • src/lib/onboard/machine/handlers/provider-inference.ts

@github-actions

Copy link
Copy Markdown
Contributor

E2E Target Results — ✅ All requested jobs passed

Run: 29133737100
Workflow ref: fix/channels-rebuild-provider-recovery
Requested targets: (default — all supported)
Requested jobs: cloud-onboard,inference-routing,network-policy,onboard-repair,onboard-resume,channels-add-remove
Summary: 6 passed, 0 failed, 0 cancelled, 0 skipped

Job Result
channels-add-remove ✅ success
cloud-onboard ✅ success
inference-routing ✅ success
network-policy ✅ success
onboard-repair ✅ success
onboard-resume ✅ success

Signed-off-by: Prekshi Vyas <prekshiv@nvidia.com>
@prekshivyas prekshivyas added the v0.0.80 Release target label Jul 11, 2026
@cv
cv enabled auto-merge (squash) July 11, 2026 01:16
@github-actions

Copy link
Copy Markdown
Contributor

E2E Target Results — ✅ All requested jobs passed

Run: 29134144534
Workflow ref: fix/channels-rebuild-provider-recovery
Requested targets: (default — all supported)
Requested jobs: cloud-onboard,inference-routing,network-policy,onboard-repair,onboard-resume,channels-add-remove
Summary: 6 passed, 0 failed, 0 cancelled, 0 skipped

Job Result
channels-add-remove ✅ success
cloud-onboard ✅ success
inference-routing ✅ success
network-policy ✅ success
onboard-repair ✅ success
onboard-resume ✅ success

Signed-off-by: Prekshi Vyas <prekshiv@nvidia.com>

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🧹 Nitpick comments (1)
src/lib/onboard/authoritative-rebuild-target.ts (1)

115-131: 🎯 Functional Correctness | 🔵 Trivial | 💤 Low value

Gateway binding is resolved before the higher-level preconditions are checked.

resolveAuthoritativeOnboardGatewayBinding(opts) runs as soon as authoritativeResumeConfig is true, ahead of the resume/recreateSandbox/onboardLockAlreadyHeld checks in the same if. If a caller ever passes a partially-populated gateway (name without port, or vice versa) alongside onboardLockAlreadyHeld: false, the surfaced error becomes the gateway-mismatch message instead of the unified "requires a preflighted locked rebuild resume" message that this whole block is meant to guarantee. Current tests only exercise fully-populated or fully-absent gateway data, so this inconsistency isn't caught.

Consider checking the higher-level preconditions first, then resolving the gateway only once those pass, so the error surface stays uniform for any authoritative gate failure.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@src/lib/onboard/authoritative-rebuild-target.ts` around lines 115 - 131,
Check the authoritative resume preconditions before calling
resolveAuthoritativeOnboardGatewayBinding in the authoritativeResumeConfig
block. Keep the resume, recreateSandbox, lock, gateway, and target validations
grouped so any failed higher-level gate throws the unified preflighted locked
rebuild resume error; resolve the gateway only after those prerequisite checks
pass, while preserving the existing gateway validation behavior.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Nitpick comments:
In `@src/lib/onboard/authoritative-rebuild-target.ts`:
- Around line 115-131: Check the authoritative resume preconditions before
calling resolveAuthoritativeOnboardGatewayBinding in the
authoritativeResumeConfig block. Keep the resume, recreateSandbox, lock,
gateway, and target validations grouped so any failed higher-level gate throws
the unified preflighted locked rebuild resume error; resolve the gateway only
after those prerequisite checks pass, while preserving the existing gateway
validation behavior.

ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: 2c404df4-8e54-411c-a7d3-bcb479605396

📥 Commits

Reviewing files that changed from the base of the PR and between 7423e00 and 03010f7.

📒 Files selected for processing (4)
  • src/lib/onboard/authoritative-rebuild-target.test.ts
  • src/lib/onboard/authoritative-rebuild-target.ts
  • src/lib/onboard/machine/handlers/provider-inference-recovery-gating.test.ts
  • src/lib/onboard/machine/handlers/provider-inference-recovery.ts
🚧 Files skipped from review as they are similar to previous changes (1)
  • src/lib/onboard/machine/handlers/provider-inference-recovery.ts

@cv
cv merged commit c129154 into main Jul 11, 2026
48 checks passed
@cv
cv deleted the fix/channels-rebuild-provider-recovery branch July 11, 2026 01:31
Hadar301 pushed a commit to Hadar301/NemoClaw-OpenShift that referenced this pull request Jul 12, 2026
<!-- markdownlint-disable MD041 -->
## Summary
Preserve the preflighted compatible-endpoint recovery authority while an
authoritative rebuild revalidates messaging inference after deleting the
old sandbox. This prevents the recreate flow from falling back to NVIDIA
Endpoints and demanding an unrelated host key.

## Related Issue
Regression follow-up to NVIDIA#6634.

## Changes
- Thread authoritative rebuild context into recorded-provider recovery.
- Keep ordinary incomplete sessions, fresh sandboxes, mismatched
identities, and foreign reservations fail-closed.
- Cover both the recovery gate and the two-pass messaging revalidation
flow.

## Type of Change

- [x] Code change (feature, bug fix, or refactor)
- [ ] Code change with doc updates
- [ ] Doc only (prose changes, no code sample modifications)
- [ ] Doc only (includes code sample changes)

## Quality Gates
- [x] Tests added or updated for changed behavior
- [ ] Existing tests cover changed behavior — justification:
- [ ] Tests not applicable — justification:
- [ ] Docs updated for user-facing behavior changes
- [x] Docs not applicable — justification: internal rebuild recovery
correction; commands and documented behavior are unchanged
- [x] Sensitive paths changed (security, policy, credentials, preflight,
onboarding, inference, runner, sandbox, or messaging)
- [ ] Sensitive-path review completed or maintainer-approved waiver
recorded — reviewer/approval link/justification: pending maintainer
review; the change retains NVIDIA#6634's fresh, mismatched, and unauthorized
recovery denials
- [ ] Non-success, skipped, or missing CI check accepted by maintainer —
check name, approval link, and follow-up issue:

## Verification
- [x] PR description includes the DCO sign-off declaration and every
commit appears as `Verified` in GitHub
- [x] Normal `pre-commit`, `commit-msg`, and `pre-push` hooks passed, or
`npm run check:diff` passed when hooks were skipped or unavailable
- [x] Targeted behavior tests pass for the current change set, or tests
are marked not applicable above — `npx vitest run --project cli
src/lib/onboard/machine/handlers/provider-inference-recovery-gating.test.ts
src/lib/onboard/machine/handlers/provider-inference.test.ts` (44
passed); adjacent recovery/rebuild selection (126 passed)
- [ ] Applicable broad gate passed — full CLI project: 8,101 passed; six
unrelated local prerequisite/time-budget failures, with timeout cases
passing under a realistic budget; CI remains authoritative
- [ ] Quality Gates section completed with required justifications or
waivers
- [x] No secrets, API keys, or credentials committed
- [ ] `npm run docs` builds without warnings (doc changes only)
- [ ] Doc pages follow the [style
guide](https://github.com/NVIDIA/NemoClaw/blob/main/docs/CONTRIBUTING.md)
(doc changes only)
- [ ] New doc pages include SPDX header and frontmatter (new pages only)

---
Signed-off-by: Prekshi Vyas <prekshiv@nvidia.com>


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **Bug Fixes**
* Improved provider inference recovery for authoritative resume flows,
including incomplete onboarding sessions.
* Recovery behavior now correctly accounts for sandbox/session context
and foreign reservation flags.
* Added stronger validation for preflighted locked rebuild resumes, with
clearer blocking when required authoritative conditions are missing.

* **Tests**
* Added new test coverage for authoritative incomplete-session recovery
across matching/mismatched sandboxes and reservation scenarios.
* Expanded assertions to verify inference setup inputs and recovery
gating behavior.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->

---------

Signed-off-by: Prekshi Vyas <prekshiv@nvidia.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

v0.0.80 Release target

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants