qzl/social-app
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
19e273a9e681d99b60d8f911c471a3b27855c5eb
social-app/.trellis/tasks/04-20-refactor-tool-cli-skill-ui-schema/session-debug-tool-credential.md
T

97 lines
3.2 KiB
Markdown
Raw Normal View History

refactor: clean CLI taxonomy — canonical subcommands, merged memory.update, no aliases
2026-04-23 12:12:41 +08:00
# Debug Session: Tool Credential Injection Issue
## Date
2026-04-22
## Context
After completing the skills+CLI refactor, running live integration tests revealed tool credential injection issues.
## Commits Made
1. `4d55df4` - refactor: unify skills+cli runtime and streamline ag-ui flow
2. `ef931ee` - chore: clean up legacy tool/UI code paths and remove unused events
3. `91077a9` - fix: pass tool_call_id to parse_tool_agent_output for proper payload resolution
## Test Execution
```bash
CLI_SKILLS_LIVE_TEST=1 TEST_USER_ID="f6f4bc6b-f525-434e-81b6-38eeef9b89a8" \
AGENT_LIVE_BASE_URL="http://localhost:5775" \
uv run pytest backend/tests/integration/test_cli_skills_live.py::test_calendar_read_skill_queries_db -v -s
```
## Error Found
From `logs/errors/worker-agent.error.log`:
```
"error": "tool credential not found in runtime context",
"tool_name": "project_cli"
```
Full stack trace shows:
1. `invoke_cli_tool` calls `_resolve_owner_id()`
2. `_resolve_owner_id()` calls `get_tool_credential()`
3. `get_tool_credential()` returns `None`
4. Raises `TokenValidationError("tool credential not found in runtime context")`
## Root Cause Analysis
The tool credential is set via context variable `tool_credential` but is not being injected into the runtime context before tool execution.
### Key Files
- `backend/src/core/auth/tool_credential_context.py` - ContextVar for tool credential
- `backend/src/core/agentscope/tools/cli/adapter.py` - Calls `get_tool_credential()`
- `backend/src/core/agentscope/runtime/runner.py` - Should inject credential before tool execution
### Expected Flow
1. Runner receives run request with `owner_id`
2. Runner creates tool credential using `ToolCredentialIssuer`
3. Runner sets credential via `set_tool_credential(credential)`
4. Tool execution reads via `get_tool_credential()`
5. After execution, credential is cleared
### Missing Implementation
The credential injection logic needs to be added to `runner.py` around the worker stage execution.
## Secondary Error
When tool credential fails, the error response causes a DB insert error:
```
invalid input for query argument $5: {'status': 'failure', ...} (expected str, got dict)
```
This is because `content` field receives a dict instead of str. Fixed in `store.py` by ensuring proper serialization, but the root cause is the missing credential.
## Next Steps
1. Find where tool credential should be set in runtime
2. Add credential issuance in runner before tool execution
3. Ensure credential is passed through task queue or generated in worker
4. Restart backend service with new code
5. Re-run integration tests
## Database State
- `system_agents.config.enabled_skills`: Correctly uses `["calendar", "contacts"]`
- `automation_jobs.config`: No longer has `enabled_tools`
- User ID for testing: `f6f4bc6b-f525-434e-81b6-38eeef9b89a8`
## Files Modified
- `backend/src/core/agentscope/runtime/stage_emitter.py` - Fixed `tool_call_id` passing
- `backend/tests/integration/test_cli_skills_live.py` - Added live integration tests
## Remaining Work
- [ ] Fix tool credential injection in runtime
- [ ] Verify calendar read/write works end-to-end
- [ ] Verify contacts lookup works end-to-end
- [ ] Verify memory write via automation works
- [ ] Run full test suite after fixes
Reference in New Issue Copy Permalink