Skip to content

Fix Agent Issue Creation - Adapter Failure (Issue #4 Port) #1

Description

@om952

Problem

Agent creation fails with adapter errors when agents try to create issues. The CTO agent specifically gets:

  • adapter_failed errors
  • tool_call_id is not found errors
  • Max iterations reached
  • Issue status stuck as blocked/stranded

Root Causes Identified

  1. Missing Permissions: Only CEO had canCreateAgents permission. CTO and other leadership roles couldn't create agents.

  2. Process Adapter Missing JWT Support: The process adapter lacked supportsLocalAgentJwt flag, so agents using it couldn't authenticate.

  3. Missing API Keys: Agents were created without API keys in agent_api_keys table, causing auth failures.

  4. Missing tool_call_id: ACPX adapter events sometimes lacked toolCallId, causing API errors.

Fixes Implemented

1. Extended Permissions (server/src/services/agent-permissions.ts)

const leadershipRoles = [ceo, cto, cfo, coo, vp, director];
return { canCreateAgents: leadershipRoles.includes(role) };

2. Auto-Grant DB Permissions (server/src/routes/agents.ts)

Added applyDefaultAgentCreateGrant() that calls access.setPrincipalPermission(companyId, "agent", agentId, "agents:create", true, ...) on creation.

3. Auto-Generate API Keys (server/src/routes/agents.ts)

Added svc.createApiKey(agent.id, "auto-generated") in both creation paths.

4. Process Adapter JWT (server/src/adapters/process/)

  • index.ts: Added supportsLocalAgentJwt: true
  • execute.ts: Extracts authToken from context, injects PAPERCLIP_API_KEY into env

5. tool_call_id Fallback (packages/adapters/acpx-local/)

  • execute.ts: Validates toolCallId, generates fallback if missing
  • parse-stdout.ts: Robust fallback ID generation
  • format-event.ts: Same fallback logic

Test Coverage

Unit + Integration Tests (71 tests)

  • server/src/__tests__/agent-issue-creation-e2e.test.ts (4 tests)
    • Verifies CTO agent can create agents with proper permissions
    • Verifies canCreateAgents permission for leadership roles
    • Verifies process adapter has supportsLocalAgentJwt enabled
    • Verifies full flow without adapter errors

Full E2E Tests with Real DB (4 tests)

  • server/src/__tests__/agent-issue-creation-full-e2e.test.ts (4 tests)
    • CTO creates subordinate agent + subordinate creates issue — Full flow using real Postgres DB
    • Process adapter JWT enabled — Direct verification
    • tool_call_id fallback — Source code verification
    • Permission denied for non-leadership — Negative test

Test Results

75 tests passing across all modified areas. No regressions.

Files Changed

  • server/src/services/agent-permissions.ts
  • server/src/routes/agents.ts
  • server/src/adapters/process/index.ts
  • server/src/adapters/process/execute.ts
  • packages/adapters/acpx-local/src/server/execute.ts
  • packages/adapters/acpx-local/src/ui/parse-stdout.ts
  • packages/adapters/acpx-local/src/cli/format-event.ts
  • server/src/__tests__/agent-permissions-routes.test.ts
  • server/src/__tests__/agent-adapter-validation-routes.test.ts
  • server/src/__tests__/agent-issue-creation-e2e.test.ts (new)
  • server/src/__tests__/agent-issue-creation-full-e2e.test.ts (new)

Status: ✅ COMPLETE

All 5 phases implemented and verified with 75 passing tests.}

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions