Fix checkpoint bundle dubious-ownership failure under Linux CI (#294 follow-up)#319
Merged
Merged
Conversation
compose-smoke-checkpoint / compose-smoke-auto-checkpoint failed in
PR-CI with `git bundle create ... fatal: Need a repository to create a
bundle` — the dubious-ownership trap. The checkpoint repo is a host
bind-mount whose top directory is owned by the host/runner uid, while
the task-store-server runs as eden:1000; git refuses to recognize a
repo owned by a different uid, and `git bundle` surfaces that as "Need
a repository". Invisible locally on macOS (bind-mount ownership is
squashed to the container uid); only manifests on Linux CI — the exact
pytest-is-not-a-substitute-for-the-smoke gap.
eden_git.GitRepo already guards every invocation with
`-c safe.directory={path}` (so the integrator's clone of the same
host-owned mount works), but eden_checkpoint.repo_bundle's git helper
did not. Add `-c safe.directory=*` to `_git_env_overrides()`, mirroring
GitRepo._git_argv — these helpers only touch server-managed repos +
scratch dirs, so the heuristic carries no untrusted-repo risk.
Reproduced + fix-verified in a throwaway Linux container recreating
the exact uid mismatch (repo top dir uid != git process uid):
without the flag → "Need a repository"; with it → bundle created.
Both compose smokes now pass locally (image rebuilt). Regression
guard added in test_checkpoint_repo_bundle.py.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
(cherry picked from commit b87e2744e07eeea16071850630bb653490fc9b0d)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Follow-up hotfix to #318 (merged as
03614ef). The merged #294 work landed with redcompose-smoke-checkpoint/compose-smoke-auto-checkpointchecks (those smoke jobs aren't branch-protection-required yet), so main currently carries the bug: checkpoint export fails withgit bundle create ... fatal: Need a repository to create a bundle.task-store-repo) whose top directory is owned by the host/runner uid, while the task-store-server runs aseden:1000. Git refuses to recognize a repository owned by a different uid, andgit bundlesurfaces that rejection as "Need a repository".eden_git.GitRepoalready guards every invocation with-c safe.directory={path}(so the integrator's clone of the same host-owned mount works), buteden_checkpoint.repo_bundle's git helper did not.-c safe.directory=*torepo_bundle._git_env_overrides(), mirroringGitRepo._git_argv. These helpers only ever touch server-managed repos + scratch dirs, so disabling the ownership heuristic carries no untrusted-repo risk.What this does NOT cover
test_ideator_subprocess.py, Flaky: test_loop_respawns_on_subprocess_crash fails with BrokenPipeError under parallel pytest load #307) surfaced again during full-suite validation (test_dispatch_collects_ideas,PermissionError); unrelated to this change (passes in isolation). Tracked in Flaky: test_loop_respawns_on_subprocess_crash fails with BrokenPipeError under parallel pytest load #307.Fresh-operator walkthrough
bash reference/compose/healthcheck/smoke-checkpoint.sh→ PASS (repo.bundle OK: 3256 bytes, 3 variant refs;git bundle verify+ ref-set + import round-trip all green);bash reference/compose/healthcheck/smoke-auto-checkpoint.sh→ PASS (3 periodic + 1 terminal archive, every one carrying a non-empty bundle). These are the two jobs that were red on main; both green locally with the fix.Test plan
bash reference/compose/healthcheck/smoke-checkpoint.sh— PASSbash reference/compose/healthcheck/smoke-auto-checkpoint.sh— PASSuv run pytest -q— 2355 passed, 254 skipped (one unrelated Flaky: test_loop_respawns_on_subprocess_crash fails with BrokenPipeError under parallel pytest load #307 flake, passes in isolation)test_git_env_overrides_disables_dubious_ownershipintest_checkpoint_repo_bundle.pyRelated issues
🤖 Generated with Claude Code