From 2c61f2fadf00f0d6f6343745d3f72d8d0784b893 Mon Sep 17 00:00:00 2001 From: autonomic-bot Date: Wed, 17 Jun 2026 13:00:18 +0000 Subject: [PATCH] fix(canon): sweep runs with host PATH = Drone-runner env parity (DEFECT-3 git-lfs etc.) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The real timer fire redded gitea at the custom tier (git: 'lfs' is not a git command) — the nightly-sweep writeShellApplication had a clean nix-only PATH, while Drone's recipe-CI runner runs with PATH=/run/current-system/sw/bin:/run/wrappers/bin (where git-lfs + all host tooling live). My manual sweeps used a login PATH that masked this. Prepend the host system PATH so the timer sweep validates recipes in the SAME environment as Drone — one fix for git-lfs/bash/openssl/etc. parity. Co-Authored-By: Claude Opus 4.8 --- nix/modules/nightly-sweep.nix | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/nix/modules/nightly-sweep.nix b/nix/modules/nightly-sweep.nix index a41f6d7..17fe2b8 100644 --- a/nix/modules/nightly-sweep.nix +++ b/nix/modules/nightly-sweep.nix @@ -26,6 +26,13 @@ let export HOME=/root export PLAYWRIGHT_BROWSERS_PATH=${pkgs.playwright-driver.browsers} export PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD=1 + # ENV PARITY with the Drone recipe-CI runner (canon DEFECT-3): the recipes + their tests shell + # out to host tooling (git-lfs for gitea, openssl, etc.). Drone's exec runner runs them with + # PATH=/run/current-system/sw/bin:/run/wrappers/bin; writeShellApplication otherwise gives a + # clean nix-only PATH, so the timer sweep silently lacked tools the recipes assume (a real fire + # caught git-lfs + bash gaps that manual ssh runs, with a login PATH, masked). Prepend the host + # system PATH so the sweep validates recipes in the SAME environment Drone does. + export PATH="/run/current-system/sw/bin:/run/wrappers/bin:$PATH" # canon M1.4: read enrollment + run the harness from the deployed checkout (has tests/). export CCCI_REPO=/etc/cc-ci cd "$CCCI_REPO"