cli.sh

@@ -530,15 +530,20 @@ cmd_start() {
   INTERNAL_NETWORK=""
   EGRESS_NETWORK=""
   PIPELOCK_CONTAINER=""
-  INTERNAL_NETWORK="$(network_create_internal "$SLUG")"
-  EGRESS_NETWORK="$(network_create_egress "$SLUG")"
-  PIPELOCK_CONTAINER="$(pipelock_start "$SLUG" "$INTERNAL_NETWORK" "$EGRESS_NETWORK" "$STAGE_DIR" "$PIPELOCK_YAML_FILENAME")"
 
-  # Cleanup container on exit too. Compose with stage cleanup.
-  # Order matters: sidecar first, then networks — docker refuses to
-  # remove a network with attached containers.
+  # Define cleanup_all and INSTALL THE TRAP before any of the docker
+  # resources below are created. Without this, a failure in
+  # network_create_egress or pipelock_start (e.g. the image can't be
+  # pulled) would leave behind orphan networks that the previous
+  # cleanup_stage trap had no way to remove. cleanup_all is a no-op
+  # for resources whose tracking variable is empty, and the helpers
+  # it calls (pipelock_stop, network_remove) are idempotent against
+  # missing resources, so installing the trap eagerly here is safe.
+  #
+  # Order matters at teardown: sidecar first, then networks — docker
+  # refuses to remove a network with attached containers.
   cleanup_all() {
-    if container_exists "$CONTAINER"; then
+    if [ -n "${CONTAINER:-}" ] && container_exists "$CONTAINER"; then
       docker rm -f "$CONTAINER" >/dev/null 2>&1 || true
     fi
     if [ -n "${PIPELOCK_CONTAINER:-}" ]; then
@@ -555,6 +560,10 @@ cmd_start() {
   # Replaces the cleanup_stage EXIT trap above; cleanup_all calls cleanup_stage internally.
   trap cleanup_all EXIT INT TERM
 
+  INTERNAL_NETWORK="$(network_create_internal "$SLUG")"
+  EGRESS_NETWORK="$(network_create_egress "$SLUG")"
+  PIPELOCK_CONTAINER="$(pipelock_start "$SLUG" "$INTERNAL_NETWORK" "$EGRESS_NETWORK" "$STAGE_DIR" "$PIPELOCK_YAML_FILENAME")"
+
   # Assemble docker run argv:
   #   - --rm -d --name CONTAINER
   #   - --network INTERNAL_NETWORK so the agent's only egress route is