mostlydev
diff --git a/‎README.md‎
Lines changed: 2 additions & 0 deletions b/‎README.md‎
Lines changed: 2 additions & 0 deletions
diff --git a/‎TESTING.md‎
Lines changed: 103 additions & 6 deletions b/‎TESTING.md‎
Lines changed: 103 additions & 6 deletions
diff --git a/‎cmd/claw/compose_up.go‎
Lines changed: 161 additions & 13 deletions b/‎cmd/claw/compose_up.go‎
Lines changed: 161 additions & 13 deletions
@@ -45,6 +45,8 @@ The Clawdapus Dash fleet dashboard runs on port **8082** — live service health
 
 Message `@quickstart-bot` in your Discord server. The bot responds through the proxy — it has no direct API access. The dashboard updates live.
 
+`claw up` resolves `${...}` placeholders inside `x-claw` metadata from your shell environment and the pod-local `.env` file before it generates runtime config. You do not need to duplicate handle IDs, guild IDs, or channel IDs into service `environment:` just to make driver config generation work.
+
 See [`examples/quickstart/`](./examples/quickstart/) for the full walkthrough, Telegram/Slack alternatives, and migration from existing OpenClaw.
 
 Or scaffold from scratch:
 
@@ -28,14 +28,111 @@ go test -tags e2e -v ./...
 
 ---
 
-## Spike Test (live Discord + Docker required)
+## Spike Tests (live Discord + Docker required)
 
-The spike test (`TestSpikeComposeUp`) is the primary end-to-end validation instrument
-for the trading-desk example. It builds images, runs `claw up`, verifies all
-generated artifacts, starts containers, and confirms live Discord activity.
+Spike tests are the live end-to-end validation layer. They require real credentials,
+Docker, and a real Discord server. They are not CI tests.
 
-**It is not a CI test.** It requires real credentials and a real Discord server.
-Run it when implementing or validating new driver behavior end-to-end.
+There are currently two spike paths:
+
+- `TestSpikeRollCall`: the broad driver-parity validation path. Boots all 6 driver
+  types plus `cllama` passthrough and `clawdash`, sends a Discord roll call, and
+  verifies runtime-specific responses.
+- `TestSpikeComposeUp`: the deeper trading-desk validation path. Focuses on artifact
+  generation, startup wiring, and Discord activity for the richer multi-service example.
+
+Run a spike test when implementing or validating driver/runtime behavior end to end.
+
+### Rollcall Driver Parity Spike
+
+The rollcall spike (`TestSpikeRollCall`) is the best single validation path for
+cross-driver support. It uses [`examples/rollcall/`](./examples/rollcall/) and
+exercises:
+
+- `openclaw`
+- `nullclaw`
+- `microclaw`
+- `nanoclaw`
+- `nanobot`
+- `picoclaw`
+- `cllama` passthrough
+- `clawdash`
+
+### What it validates
+
+- Base images build for all 6 driver families
+- Agent images build from their `Clawfile`s
+- `claw up` succeeds on the rollcall pod
+- All agent containers converge to healthy/running state
+- A Discord trigger message causes each runtime to post an AI-generated
+  self-identification response
+- `cllama` exposes cost data after traffic flows through the proxy
+
+### Prerequisites
+
+- Docker running
+- Go toolchain
+- A Discord server with:
+  - One bot application token with permission to read and post in the target channel
+  - A text channel for the roll call
+  - An incoming webhook URL for posting the non-bot trigger message
+- At least one LLM provider key:
+  - `OPENROUTER_API_KEY` or
+  - `ANTHROPIC_API_KEY`
+
+### Setup
+
+```bash
+cd examples/rollcall
+cp .env.example .env
+# Edit .env with real values
+```
+
+Required `.env` values:
+
+| Variable | What it is |
+|----------|------------|
+| `DISCORD_BOT_TOKEN` | Bot token used by all rollcall services |
+| `DISCORD_BOT_ID` | Discord application/user ID for that bot |
+| `DISCORD_GUILD_ID` | Discord server (guild) ID |
+| `ROLLCALL_CHANNEL_ID` | Channel ID used for the roll call |
+| `DISCORD_WEBHOOK_URL` | Incoming webhook URL used to post the trigger message |
+| `OPENROUTER_API_KEY` | Optional, used by OpenRouter-backed passthrough services |
+| `ANTHROPIC_API_KEY` | Optional, used by Anthropic-backed passthrough services |
+
+### Running
+
+```bash
+go test -tags spike -v -run TestSpikeRollCall ./cmd/claw/...
+```
+
+Expected duration: 3-10 minutes depending on Docker cache warmth, image build time,
+Discord gateway connection, and LLM latency.
+
+### Output
+
+The test logs:
+
+- Image builds and compose startup progress
+- Health convergence for each rollcall container
+- Matching Discord responses for each runtime name
+- Recent container logs on teardown or failure
+- `cllama` health/cost endpoint checks
+
+### Cleanup
+
+Containers are torn down automatically on success, failure, or Ctrl-C.
+
+If a run is killed hard, clean up manually:
+
+```bash
+docker compose -p rollcall down --volumes --remove-orphans
+```
+
+## Trading-Desk Spike
+
+The trading-desk spike (`TestSpikeComposeUp`) remains the deeper artifact and
+workflow validation instrument for the richer `examples/trading-desk/` example.
 
 ### What it validates
 
 
@@ -1,11 +1,13 @@
 package main
 
 import (
+	"bufio"
 	"encoding/json"
 	"fmt"
 	"os"
 	"os/exec"
 	"path/filepath"
+	"regexp"
 	"sort"
 	"strconv"
 	"strings"
@@ -23,6 +25,8 @@ import (
 
 var composeUpDetach bool
 
+var envVarPattern = regexp.MustCompile(`\$\{([A-Z_][A-Z0-9_]*)\}`)
+
 var (
 	extractServiceSkillFromImage = runtime.ExtractServiceSkill
 	writeRuntimeFile             = os.WriteFile
@@ -31,6 +35,8 @@ var (
 	generateClawDockerfile       = build.Generate
 	buildGeneratedImage          = build.BuildFromGenerated
 	dockerBuildTaggedImage       = dockerBuildTaggedImageDefault
+	findClawdapusRepoRoot        = findRepoRoot
+	runInfraDockerCommand        = runInfraDockerCommandDefault
 )
 
 var composeUpCmd = &cobra.Command{
@@ -69,9 +75,12 @@ func runComposeUp(podFile string) error {
 	if err != nil {
 		return fmt.Errorf("resolve pod directory: %w", err)
 	}
+	if err := resolveRuntimePlaceholders(podDir, p); err != nil {
+		return fmt.Errorf("resolve x-claw runtime placeholders: %w", err)
+	}
 	runtimeDir := filepath.Join(podDir, ".claw-runtime")
-	if err := os.MkdirAll(runtimeDir, 0700); err != nil {
-		return fmt.Errorf("create runtime dir: %w", err)
+	if err := resetRuntimeDir(runtimeDir); err != nil {
+		return fmt.Errorf("reset runtime dir: %w", err)
 	}
 
 	results := make(map[string]*driver.MaterializeResult)
@@ -525,6 +534,139 @@ func runComposeUp(podFile string) error {
 	return nil
 }
 
+func resetRuntimeDir(path string) error {
+	if err := os.RemoveAll(path); err != nil {
+		return err
+	}
+	return os.MkdirAll(path, 0o700)
+}
+
+func resolveRuntimePlaceholders(podDir string, p *pod.Pod) error {
+	env, err := loadRuntimeEnv(podDir)
+	if err != nil {
+		return err
+	}
+	expand := func(value string) string {
+		return envVarPattern.ReplaceAllStringFunc(value, func(match string) string {
+			key := match[2 : len(match)-1]
+			if v, ok := env[key]; ok {
+				return v
+			}
+			return match
+		})
+	}
+
+	for _, svc := range p.Services {
+		if svc == nil || svc.Claw == nil {
+			continue
+		}
+		svc.Claw.Agent = expand(svc.Claw.Agent)
+		svc.Claw.Persona = expand(svc.Claw.Persona)
+		for i, value := range svc.Claw.Cllama {
+			svc.Claw.Cllama[i] = expand(value)
+		}
+		for key, value := range svc.Claw.CllamaEnv {
+			svc.Claw.CllamaEnv[key] = expand(value)
+		}
+		for i, value := range svc.Claw.Skills {
+			svc.Claw.Skills[i] = expand(value)
+		}
+		for i := range svc.Claw.Invoke {
+			svc.Claw.Invoke[i].Schedule = expand(svc.Claw.Invoke[i].Schedule)
+			svc.Claw.Invoke[i].Message = expand(svc.Claw.Invoke[i].Message)
+			svc.Claw.Invoke[i].Name = expand(svc.Claw.Invoke[i].Name)
+			svc.Claw.Invoke[i].To = expand(svc.Claw.Invoke[i].To)
+		}
+		for _, handle := range svc.Claw.Handles {
+			if handle == nil {
+				continue
+			}
+			handle.ID = expand(handle.ID)
+			handle.Username = expand(handle.Username)
+			for gi := range handle.Guilds {
+				handle.Guilds[gi].ID = expand(handle.Guilds[gi].ID)
+				handle.Guilds[gi].Name = expand(handle.Guilds[gi].Name)
+				for ci := range handle.Guilds[gi].Channels {
+					handle.Guilds[gi].Channels[ci].ID = expand(handle.Guilds[gi].Channels[ci].ID)
+					handle.Guilds[gi].Channels[ci].Name = expand(handle.Guilds[gi].Channels[ci].Name)
+				}
+			}
+		}
+		for i := range svc.Claw.Surfaces {
+			svc.Claw.Surfaces[i].Target = expand(svc.Claw.Surfaces[i].Target)
+			svc.Claw.Surfaces[i].AccessMode = expand(svc.Claw.Surfaces[i].AccessMode)
+			if cc := svc.Claw.Surfaces[i].ChannelConfig; cc != nil {
+				cc.DM.Policy = expand(cc.DM.Policy)
+				for j, value := range cc.DM.AllowFrom {
+					cc.DM.AllowFrom[j] = expand(value)
+				}
+				expandedGuilds := make(map[string]driver.ChannelGuildConfig, len(cc.Guilds))
+				for guildID, guildCfg := range cc.Guilds {
+					guildCfg.Policy = expand(guildCfg.Policy)
+					users := make([]string, len(guildCfg.Users))
+					for j, value := range guildCfg.Users {
+						users[j] = expand(value)
+					}
+					guildCfg.Users = users
+					expandedGuilds[expand(guildID)] = guildCfg
+				}
+				cc.Guilds = expandedGuilds
+			}
+		}
+	}
+	return nil
+}
+
+func loadRuntimeEnv(podDir string) (map[string]string, error) {
+	env := make(map[string]string)
+	dotEnvPath := filepath.Join(podDir, ".env")
+	if fileEnv, err := readDotEnvFile(dotEnvPath); err == nil {
+		for key, value := range fileEnv {
+			env[key] = value
+		}
+	} else if !os.IsNotExist(err) {
+		return nil, err
+	}
+	for _, entry := range os.Environ() {
+		eq := strings.IndexByte(entry, '=')
+		if eq < 0 {
+			continue
+		}
+		env[entry[:eq]] = entry[eq+1:]
+	}
+	return env, nil
+}
+
+func readDotEnvFile(path string) (map[string]string, error) {
+	f, err := os.Open(path)
+	if err != nil {
+		return nil, err
+	}
+	defer f.Close()
+
+	out := make(map[string]string)
+	scanner := bufio.NewScanner(f)
+	for scanner.Scan() {
+		line := strings.TrimSpace(scanner.Text())
+		if line == "" || strings.HasPrefix(line, "#") {
+			continue
+		}
+		line = strings.TrimPrefix(line, "export ")
+		eq := strings.IndexByte(line, '=')
+		if eq < 0 {
+			continue
+		}
+		key := strings.TrimSpace(line[:eq])
+		value := strings.TrimSpace(line[eq+1:])
+		value = strings.Trim(value, `"'`)
+		out[key] = value
+	}
+	if err := scanner.Err(); err != nil {
+		return nil, err
+	}
+	return out, nil
+}
+
 func mergeResolvedSkills(imageSkills, podSkills []driver.ResolvedSkill) []driver.ResolvedSkill {
 	merged := make([]driver.ResolvedSkill, 0, len(imageSkills)+len(podSkills))
 	byName := make(map[string]int, len(imageSkills))
@@ -1304,23 +1446,25 @@ func ensureInfraImages(cllamaEnabled bool, proxies []pod.CllamaProxyConfig, dash
 }
 
 // ensureImage builds a Docker image if it doesn't exist locally.
-// It tries: local build from repo source, then git URL build, then errors.
+// It tries: local image, docker pull, local build from repo source, git URL build,
+// then errors with explicit manual-build guidance.
 func ensureImage(imageRef, name, dockerfilePath, contextDir string) error {
-	if build.ImageExistsLocally(imageRef) {
+	if imageExistsLocally(imageRef) {
 		return nil
 	}
 
 	fmt.Printf("[claw] building %s image (first time only)\n", name)
 
-	repoRoot, found := findRepoRoot()
+	if err := runInfraDockerCommand("pull", imageRef); err == nil {
+		return nil
+	}
+
+	repoRoot, found := findClawdapusRepoRoot()
 	if found {
 		df := filepath.Join(repoRoot, dockerfilePath)
 		ctx := filepath.Join(repoRoot, contextDir)
 		if _, err := os.Stat(df); err == nil {
-			cmd := exec.Command("docker", "build", "-t", imageRef, "-f", df, ctx)
-			cmd.Stdout = os.Stdout
-			cmd.Stderr = os.Stderr
-			if err := cmd.Run(); err != nil {
+			if err := runInfraDockerCommand("build", "-t", imageRef, "-f", df, ctx); err != nil {
 				return fmt.Errorf("build %s image from local source: %w", name, err)
 			}
 			return nil
@@ -1329,15 +1473,19 @@ func ensureImage(imageRef, name, dockerfilePath, contextDir string) error {
 
 	// Fallback: build from git URL.
 	gitURL := fmt.Sprintf("https://github.com/mostlydev/clawdapus.git#master:%s", contextDir)
-	cmd := exec.Command("docker", "build", "-t", imageRef, gitURL)
-	cmd.Stdout = os.Stdout
-	cmd.Stderr = os.Stderr
-	if err := cmd.Run(); err != nil {
+	if err := runInfraDockerCommand("build", "-t", imageRef, gitURL); err != nil {
 		return fmt.Errorf("could not build %s image; run 'docker build -t %s -f %s %s' from the repo root", name, imageRef, dockerfilePath, contextDir)
 	}
 	return nil
 }
 
+func runInfraDockerCommandDefault(args ...string) error {
+	cmd := exec.Command("docker", args...)
+	cmd.Stdout = os.Stdout
+	cmd.Stderr = os.Stderr
+	return cmd.Run()
+}
+
 // findRepoRoot walks up from cwd looking for go.mod with the clawdapus module.
 func findRepoRoot() (string, bool) {
 	dir, err := os.Getwd()