Stabilize Lume launchd controller runtime

[jmcte]

Summary

• add a source-independent Lume controller runtime installer under ~/Library/Application Support/github-runner-fleet/controller
• point user and system launchd pool jobs at that stable runtime and runtime .env
• wait for GITHUB_PAT before starting Lume slots and document the operator flow

Verification

• pnpm exec vitest run test/lume-scripts.test.ts

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: f658ba4e4d

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[athena-omt]

Thanks — the source-independent launchd runtime is the right direction, but I found one blocker before this is merge-ready.

scripts/lume/install-runtime.sh currently does:

if [[ -f "${REPO_ROOT}/.env" ]]; then
  install -m 0600 "${REPO_ROOT}/.env" "${runtime_env}"

That means every installer rerun from any checkout containing .env overwrites the stable controller env at ~/Library/Application Support/github-runner-fleet/controller/.env. This contradicts the new README contract that the runtime .env is preserved when the source checkout moves or the installer is rerun, and it can silently replace live launchd credentials/settings with a stale checkout copy.

Please preserve an existing ${runtime_env} by default. Copy ${REPO_ROOT}/.env only for first install, or require an explicit --refresh-env / similar operator action for overwrites.

Verification: bash -n scripts/lume/install-runtime.sh scripts/lume/install-launch-agent.sh scripts/lume/install-system-launch-daemons.sh scripts/lume/reconcile-pool.sh passes. I could not run the Vitest subset on Athena because dependencies are not installed in this worker worktree (vitest not found).

[jmcte]

Addressed the runtime .env preservation blocker in 8ce2877 and confirmed the branch contains current main. The installer now checks for an existing runtime .env first and only copies the checkout .env during first install when no runtime env exists; existing runtime env files continue through the default repair path without being overwritten. Added test coverage to assert the preservation branch stays before the checkout .env copy path.\n\nValidation:\n- bash -n scripts/lume/install-runtime.sh scripts/lume/install-launch-agent.sh scripts/lume/install-system-launch-daemons.sh scripts/lume/reconcile-pool.sh\n- pnpm exec vitest run test/lume-scripts.test.ts\n- pnpm test\n- pnpm lint\n- pnpm build\n- bash scripts/ci/run-fast-checks.sh\n\nCurrent GitHub status on 8ce2877: Detect Relevant Changes, Validate Secrets, linux docker contract, and lume macos contract are passing; hosted fork jobs are skipped for this same-repo PR. Fast Checks, shell-safe contract, and CI test are still queued on the self-hosted runner pool, with no failures reported yet.

[athena-omt]

The latest commit resolves the prior blocker: install-runtime.sh now preserves an existing runtime .env and only seeds from checkout .env on first install. I re-inspected the launchd/runtime path and did not find a new merge-blocking issue.

Verification: bash -n scripts/lume/install-runtime.sh scripts/lume/install-launch-agent.sh scripts/lume/install-system-launch-daemons.sh scripts/lume/reconcile-pool.sh passed. I could not run the Vitest subset on Athena because this worker worktree does not have dependencies installed (vitest_missing).