feat(ci): stabilize virgin Arch tests with Makefile install/setup and Nix Git safety

* Switch virgin root/user workflows to use *make install* + *make setup/setup-venv* * Add Git *safe.directory /src* to avoid flake evaluation failures on mounted repos * Enable Nix flake run in workflows and prepare */nix* for non-root execution * Refactor Arch packaging to build in an isolated */tmp* directory via *aur_builder* * Rename installer scripts (*run-** → *dependencies.sh* / *package.sh*) and adjust Docker entry + env var to *REINSTALL_PKGMGR* https://chatgpt.com/share/693c29d9-9b28-800f-a549-5661c783d968
2025-12-12 15:42:25 +01:00
parent 804245325d
commit 08ab9fb142
17 changed files with 233 additions and 269 deletions
--- a/.github/workflows/test-virgin-root.yml
+++ b/.github/workflows/test-virgin-root.yml
@@ -19,8 +19,6 @@ jobs:
        run: |
          set -euo pipefail

-          echo ">>> Starting virgin ArchLinux container test (root, with shared caches)..."
-
          docker run --rm \
            -v "$PWD":/src \
            -v pkgmgr_repos:/root/Repositories \
@@ -30,29 +28,22 @@ jobs:
            bash -lc '
              set -euo pipefail

-              echo ">>> Updating and upgrading Arch system..."
-              pacman -Syu --noconfirm git python python-pip nix >/dev/null
+              pacman -Syu --noconfirm git python python-pip nix make

-              echo ">>> Creating isolated virtual environment for pkgmgr..."
-              python -m venv /tmp/pkgmgr-venv
+              # Fix: allow git operations on mounted repo path
+              git config --global --add safe.directory /src

-              echo ">>> Activating virtual environment..."
-              source /tmp/pkgmgr-venv/bin/activate
+              make install
+              make setup

-              echo ">>> Upgrading pip (cached)..."
-              python -m pip install --upgrade pip >/dev/null
+              . "$HOME/.venvs/pkgmgr/bin/activate"

-              echo ">>> Installing pkgmgr from current source tree (cached pip)..."
-              python -m pip install /src >/dev/null
-
-              echo ">>> Enabling Nix experimental features..."
              export NIX_CONFIG="experimental-features = nix-command flakes"

-              echo ">>> Running: pkgmgr update pkgmgr --clone-mode shallow --no-verification"
              pkgmgr update pkgmgr --clone-mode shallow --no-verification
-
-              echo ">>> Running: pkgmgr version pkgmgr"
              pkgmgr version pkgmgr

-              echo ">>> Virgin Arch (root) test completed successfully."
+              echo ">>> Running Nix-based: nix run .#pkgmgr -- version pkgmgr"
+              nix run /src#pkgmgr -- version pkgmgr
            '
+
--- a/.github/workflows/test-virgin-user.yml
+++ b/.github/workflows/test-virgin-user.yml
@@ -19,55 +19,47 @@ jobs:
        run: |
          set -euo pipefail

-          echo ">>> Starting virgin ArchLinux container test (non-root user with sudo)..."
-
          docker run --rm \
            -v "$PWD":/src \
+            -w /src \
            archlinux:latest \
            bash -lc '
              set -euo pipefail

-              echo ">>> [root] Updating and upgrading Arch system..."
-              pacman -Syu --noconfirm git python python-pip sudo base-devel debugedit
+              pacman -Syu --noconfirm git python python-pip sudo base-devel debugedit nix make
+
+              make install

-              echo ">>> [root] Creating non-root user dev..."
              useradd -m dev
-
-              echo ">>> [root] Allowing passwordless sudo for dev..."
              echo "dev ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/dev
              chmod 0440 /etc/sudoers.d/dev
-
-              echo ">>> [root] Adjusting ownership of /src for dev..."
              chown -R dev:dev /src

-              echo ">>> [root] Running pkgmgr flow as non-root user dev..."
-              sudo -u dev env PKGMGR_DISABLE_NIX_FLAKE_INSTALLER=1 bash -lc "
+              # --- make Nix usable for non-root inside this container ---
+              mkdir -p /nix/store /nix/var/nix /nix/var/log/nix /nix/var/nix/profiles
+              chown -R dev:dev /nix
+              chmod 0755 /nix
+              chmod 1777 /nix/store
+
+              sudo -H -u dev env HOME=/home/dev PKGMGR_DISABLE_NIX_FLAKE_INSTALLER=1 bash -lc "
                set -euo pipefail
                cd /src

                echo \">>> [dev] Using user: \$(whoami)\"
-                echo \">>> [dev] Running scripts/installation/main.sh...\"
-                bash scripts/installation/main.sh
+
+                echo \">>> [dev] Running make setup-venv...\"
+                make setup-venv

                echo \">>> [dev] Activating venv...\"
                . \"\$HOME/.venvs/pkgmgr/bin/activate\"

-                echo \">>> [dev] Installing pkgmgr into venv via pip...\"
-                python -m pip install /src >/dev/null
-
-                echo \">>> [dev] PKGMGR_DISABLE_NIX_FLAKE_INSTALLER=\$PKGMGR_DISABLE_NIX_FLAKE_INSTALLER\"
-                echo \">>> [dev] Updating managed repo package-manager via pkgmgr...\"
-                pkgmgr update pkgmgr --clone-mode shallow --no-verification
-
-                echo \">>> [dev] PATH:\"
-                echo \"\$PATH\"
-
-                echo \">>> [dev] which pkgmgr:\"
-                which pkgmgr || echo \">>> [dev] pkgmgr not found in PATH\"
-
                echo \">>> [dev] Running: pkgmgr version pkgmgr\"
                pkgmgr version pkgmgr
-              "

-              echo ">>> [root] Container flow finished."
+                echo \">>> [dev] Running Nix-based pkgmgr version...\"
+                export NIX_REMOTE=local
+                export NIX_CONFIG=\"experimental-features = nix-command flakes\"
+                nix run /src#pkgmgr -- version pkgmgr
+              "
            '
+