configng: refresh clone once, early — fix matrix-prep cache fingerprint

[igorpecovnik]

The bug

"I pushed to configng but the new image still has the old YAML."

The CI matrix-prep path (`cli-jsoninfo` → `prep_conf_main_minimal_ni`) never called `interactive_desktop_main_configuration` — which is where the `fetch_from_repo` for armbian-configng lives. That path read `git log -1` against an absent or stale clone, computed the wrong `CONFIGNG_DESKTOPS_HASH`, resolved `artifact_full_oci_target` to a stale OCI tag, and CI pulled the pre-change rootfs from `ghcr.io/armbian/os/`. New image ships old config.

Additionally, full image builds in Docker volume-mounted environments were also blowing up — `git_ensure_safe_directory` had an ordering bug that surfaces the moment ownership-mismatched clones meet a fresh `git init`.

The fix — three coupled changes + one orthogonal fix

1. New helper fetch_armbian_configng()

`lib/functions/configuration/config-desktop.sh`. Idempotent wrapper around `fetch_from_repo` (mirror-friendly via `GITHUB_SOURCE`). Early-returns on `BUILD_DESKTOP != yes`, save/restores PWD, declares the locals `fetch_from_repo` writes to.

2. Call the helper from both build entry points

`lib/functions/main/config-prepare.sh`. Both `prep_conf_main_build_single` (full builds) AND `prep_conf_main_minimal_ni` (json-info / matrix-prep) now invoke `fetch_armbian_configng` right after `do_main_configuration` — i.e. as soon as `BUILD_DESKTOP` is authoritative.

3. `artifact_rootfs_config_dump` becomes a read-only consumer

`lib/functions/artifacts/artifact-rootfs.sh`. No more fetch logic per artifact — just `git log -1` against the clone that the prep_conf_main layer already refreshed. Keeps the info-level breadcrumb logging short-hash + commit subject.

4. `git_ensure_safe_directory` ordering fix

`lib/functions/general/git.sh`. Dropped the `-e "$1/.git"` gate. `fetch_from_repo` calls `git_ensure_safe_directory` BEFORE running `git init` on a freshly-prepared work tree — the gate caused the safe-directory add to be silently skipped, then subsequent `regular_git checkout/clean` blew up with "fatal: detected dubious ownership" on Docker volume mounts where the parent dir has a non-matching uid. Setting `safe.directory` on a non-git path is harmless; git only consults the entry when an actual repo is accessed there.

Why git and not the GitHub API

Considered `curl + jq` against `/repos/armbian/configng/commits?path=tools/modules/desktops&per_page=1`. Faster, simpler. Rejected because: operators behind corporate proxies set `GITHUB_SOURCE=https://git.internal/...\` which `fetch_from_repo` respects via URL rewrite; `api.github.com` is usually blocked or unrewritten in such environments. The mirror-compatibility win outweighs the one-time clone cost.

Test plan

• On a CI runner with no `cache/sources/armbian-configng`, run `compile.sh json-info …` and confirm artifact OCI URLs contain the current configng HEAD's 8-char prefix
• Push a no-op desktop YAML commit to configng; re-run json-info; confirm OCI prefix bumps
• Full image build (`BUILD_DESKTOP=yes`) under Docker no longer fails with "dubious ownership" on first run
• Mirror users (`GITHUB_SOURCE` set): fetch goes through the mirror as expected, hash resolves correctly
• Offline build: fetch fails non-fatally, falls back to on-disk state with a warning

[coderabbitai]

Important

Review skipped

Draft detected.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: d03bdb1f-f391-4737-89cb-a61656756884

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

📝 Walkthrough

Walkthrough

When BUILD_DESKTOP=yes, artifact_rootfs_config_dump refreshes or initializes the local armbian-configng worktree via fetch_from_repo (saving/restoring PWD), falls back with a warning if fetch fails, and—if a .git directory exists—computes CONFIGNG_DESKTOPS_HASH from git and extracts the commit subject, emitting an informational breadcrumb.

Changes

Configng desktops hash derivation

Layer / File(s)	Summary
Refresh or initialize armbian-configng worktree lib/functions/artifacts/artifact-rootfs.sh	Saves/restores PWD and calls fetch_from_repo to refresh/initialise the armbian-configng worktree; on fetch failure it displays a warning-style display_alert and leaves any existing on-disk clone state to be used.
Compute desktops commit hash and breadcrumb lib/functions/artifacts/artifact-rootfs.sh	If the refreshed clone contains a .git directory, derive CONFIGNG_DESKTOPS_HASH using git log for tools/modules/desktops/, extract the commit subject, and emit an informational breadcrumb with the short SHA and subject; otherwise the hash remains undetermined.

🎯 3 (Moderate) | ⏱️ ~20 minutes

Suggested Labels

Bug

Suggested Reviewers

• hzyitc

Poem

A rabbit brushed the worktree bare,
Fetched branches with a careful care,
It read the desktop commit's line,
Short SHA and subject it did shine—
A tiny breadcrumb left to share. 🐇

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Title check	⚠️ Warning	The PR title does not match the actual objectives. Title claims 'refresh clone once, early' but objectives describe using GitHub API instead of cloning. Title is misleading about implementation approach.	Update title to reflect the actual implementation: 'artifact-rootfs: resolve configng hash via GitHub API (no clone)' as described in the PR objectives.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch artifact-rootfs-fetch-configng

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@lib/functions/artifacts/artifact-rootfs.sh`:
- Around line 46-51: The code runs git log against configng_dir even when
fetch_from_repo failed (it only logs a warning), which can reuse stale on-disk
state; modify the flow so git is only consulted when the fetch actually
succeeded: capture the fetch result (e.g. a boolean like fetch_ok from
fetch_from_repo), or check for a successful clone rather than just the presence
of configng_dir, and only set configng_desktops_hash="$(git -C "${configng_dir}"
...)" when fetch_ok is true; otherwise set configng_desktops_hash="unknown" (or
export an empty/explicit sentinel) and avoid touching configng_dir/.git (or
remove/unset configng_dir) so stale hashes are not used; update references to
fetch_from_repo, display_alert, configng_dir, and configng_desktops_hash
accordingly.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: fcc6bf82-c452-4342-9579-8dce0b545caa

📥 Commits

Reviewing files that changed from the base of the PR and between 18a52a5 and fbb6537.

📒 Files selected for processing (1)

• lib/functions/artifacts/artifact-rootfs.sh