Skip to content

Fix Agent Issue Creation - Adapter Failure (Issue #4)#190

Open
om952 wants to merge 7 commits into
OpenScanAI:masterfrom
om952:fix/issue-4-agent-creation
Open

Fix Agent Issue Creation - Adapter Failure (Issue #4)#190
om952 wants to merge 7 commits into
OpenScanAI:masterfrom
om952:fix/issue-4-agent-creation

Conversation

@om952

@om952 om952 commented Jun 15, 2026

Copy link
Copy Markdown

Problem

Agent creation fails with adapter errors when agents try to create issues. The CTO agent specifically gets:

  • adapter_failed errors
  • tool_call_id is not found errors
  • Max iterations reached
  • Issue status stuck as blocked/stranded

Root Causes Identified

  1. Missing Permissions: Only CEO had canCreateAgents permission. CTO and other leadership roles couldn't create agents.

  2. Process Adapter Missing JWT Support: The process adapter lacked supportsLocalAgentJwt flag, so agents using it couldn't authenticate.

  3. Missing API Keys: Agents were created without API keys in agent_api_keys table, causing auth failures.

  4. Missing tool_call_id: ACPX adapter events sometimes lacked toolCallId, causing API errors.

Fixes Implemented

1. Extended Permissions (server/src/services/agent-permissions.ts)

const leadershipRoles = [ceo, cto, cfo, coo, vp, director];
return { canCreateAgents: leadershipRoles.includes(role) };

2. Auto-Grant DB Permissions (server/src/routes/agents.ts)

Added applyDefaultAgentCreateGrant() that calls access.setPrincipalPermission(companyId, "agent", agentId, "agents:create", true, ...) on creation.

3. Auto-Generate API Keys (server/src/routes/agents.ts)

Added svc.createApiKey(agent.id, "auto-generated") in both creation paths.

4. Process Adapter JWT (server/src/adapters/process/)

  • index.ts: Added supportsLocalAgentJwt: true
  • execute.ts: Extracts authToken from context, injects PAPERCLIP_API_KEY into env

5. tool_call_id Fallback (packages/adapters/acpx-local/)

  • execute.ts: Validates toolCallId, generates fallback if missing
  • parse-stdout.ts: Robust fallback ID generation
  • format-event.ts: Same fallback logic

Test Coverage

Unit + Integration Tests (71 tests)

  • server/src/__tests__/agent-issue-creation-e2e.test.ts (4 tests)
    • Verifies CTO agent can create agents with proper permissions
    • Verifies canCreateAgents permission for leadership roles
    • Verifies process adapter has supportsLocalAgentJwt enabled
    • Verifies full flow without adapter errors

Full E2E Tests with Real DB (4 tests)

  • server/src/__tests__/agent-issue-creation-full-e2e.test.ts (4 tests)
    • CTO creates subordinate agent + subordinate creates issue — Full flow using real Postgres DB
    • Process adapter JWT enabled — Direct verification
    • tool_call_id fallback — Source code verification
    • Permission denied for non-leadership — Negative test

Test Results

75 tests passing across all modified areas. No regressions.

Files Changed

  • server/src/services/agent-permissions.ts
  • server/src/routes/agents.ts
  • server/src/adapters/process/index.ts
  • server/src/adapters/process/execute.ts
  • packages/adapters/acpx-local/src/server/execute.ts
  • packages/adapters/acpx-local/src/ui/parse-stdout.ts
  • packages/adapters/acpx-local/src/cli/format-event.ts
  • server/src/__tests__/agent-permissions-routes.test.ts
  • server/src/__tests__/agent-adapter-validation-routes.test.ts
  • server/src/__tests__/agent-issue-creation-e2e.test.ts (new)
  • server/src/__tests__/agent-issue-creation-full-e2e.test.ts (new)

Status: ✅ COMPLETE

All 5 phases implemented and verified with 75 passing tests.

Fixes #4

om kandpal and others added 5 commits May 27, 2026 17:16
- Added section 9: Error Handling Standards
- Rules: try/catch wrapper, logError call, exact error response shape,
  HTTP status codes (500/400/404), logError location
- Renumbered subsequent sections (10-13)
## Problem
Agent creation fails with adapter errors when agents try to create issues.
CTO agent specifically gets: adapter_failed, tool_call_id errors, max iterations reached.

## Root Causes
1. Missing Permissions - Only CEO had canCreateAgents permission
2. Process Adapter Missing JWT - No supportsLocalAgentJwt flag
3. Missing API Keys - Agents created without API keys
4. Missing tool_call_id - ACPX adapter events lacked toolCallId

## Fixes
- Extended defaultPermissionsForRole() to include leadership roles (CEO, CTO, CFO, COO, VP, Director)
- Added applyDefaultAgentCreateGrant() to auto-grant agents:create permission in DB
- Added auto-generation of API keys on agent creation
- Added supportsLocalAgentJwt: true to process adapter with PAPERCLIP_API_KEY injection
- Added toolCallId validation and fallback ID generation in ACPX adapter

## Tests
- 75 tests passing across modified areas
- New e2e tests: agent-issue-creation-e2e.test.ts (4 tests)
- New full e2e tests: agent-issue-creation-full-e2e.test.ts (4 tests with real DB)

Closes OpenScanAI#4
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Fix Agent Issue Creation - Adapter Failure

1 participant