Add GitHub Copilot agent environment setup workflow

[Copilot]

Configure GitHub Copilot Agent Environment Setup

This PR implements a GitHub Actions workflow that preinstalls all required development dependencies before the Copilot coding agent starts working, ensuring consistent environment setup.

Implementation Complete ✅

• Understand repository structure and requirements
• Review dependency-installer package documentation
• Review existing workflows for conventions
• Create .github/workflows/copilot-setup-steps.yml workflow file
• Fix binary path (workspace target, not package target)
• Address code review feedback (add timeout, simplify toolchain setup)
• Fix sudo issue for cargo-machete installation
• Verify workflow syntax and configuration
• Run linters (all passed)
• Code review completed and addressed
• CodeQL security check passed (0 alerts)

Workflow Features

File: .github/workflows/copilot-setup-steps.yml

• Job name: copilot-setup-steps (required by GitHub)
• Runner: ubuntu-latest (only Ubuntu x64 supported by Copilot)
• Timeout: 30 minutes (consistent with other provision tests)
• Permissions: Minimal (contents: read)
• Triggers:
  • workflow_dispatch - manual testing from Actions tab
  • push - when workflow file is modified
  • pull_request - validation before merging

Steps:

1. Checkout code using actions/checkout@v4
2. Set up Rust toolchain (stable) using dtolnay/rust-toolchain@stable
3. Enable Rust cache using Swatinem/rust-cache@v2
4. Build dependency-installer binary in release mode
5. Install all dependencies using the binary (handles sudo internally per dependency)
6. Verify all installations succeeded

Dependencies Installed:

• cargo-machete (Rust dependency analyzer) - no sudo required
• OpenTofu (infrastructure provisioning) - uses sudo internally
• Ansible (configuration management) - uses sudo internally
• LXD (VM-based testing) - uses sudo internally

Technical Implementation

• Binary path uses workspace target directory (target/release/dependency-installer)
• Build command: cargo build --release -p torrust-dependency-installer --bin dependency-installer
• Installation runs WITHOUT sudo; each installer handles privilege escalation internally
• Environment: DEBIAN_FRONTEND=noninteractive for non-interactive installation
• Verification: target/release/dependency-installer check confirms all tools installed
• Timeout: 30 minutes to prevent hanging builds

Recent Fix

Issue: cargo-machete installation failed with "No such file or directory (os error 2)"

Root Cause: Running the entire installer with sudo prevented cargo-machete from being installed because the cargo command was not in sudo's PATH.

Solution: Removed sudo from the workflow invocation. The installer binary already handles sudo internally for dependencies that need it (OpenTofu, Ansible, LXD), while cargo-machete doesn't require sudo.

Quality Checks ✅

• ✅ YAML syntax validated
• ✅ All linters passed (markdown, yaml, toml, cspell, clippy, rustfmt, shellcheck)
• ✅ Binary build verified
• ✅ Code review completed and feedback addressed
• ✅ CodeQL security scan passed (0 alerts)

Security Summary

No security vulnerabilities detected. The workflow follows security best practices:

• Minimal permissions (contents: read)
• Uses official GitHub Actions with version pinning
• Non-interactive installation prevents security prompts
• Timeout prevents resource exhaustion
• Privilege escalation handled appropriately per dependency

Original prompt

---

This section details on the original issue you should resolve

<issue_title>Configure GitHub Copilot Agent Environment</issue_title>
<issue_description>Parent Epic: #112 - Refactor and Improve E2E Test Execution
Depends On: #113 - Create Dependency Installation Package for E2E Tests (Issue 1-1)

Overview

Create a GitHub Actions workflow file (.github/workflows/copilot-setup-steps.yml) that preinstalls all required development dependencies before the Copilot coding agent starts working. This ensures the agent has the same environment as human contributors, improving reliability and speed when working on assigned issues.

Objectives

• Create .github/workflows/copilot-setup-steps.yml workflow file
• Configure workflow to build and run dependency-installer binary
• Install all development dependencies (cargo-machete, OpenTofu, Ansible, LXD)
• Verify installations are successful
• Test workflow manually before agent use

Key Components

Workflow Requirements:

• Job name MUST be copilot-setup-steps (GitHub requirement)
• Triggers: workflow_dispatch, push, pull_request on workflow file changes
• Permissions: Minimal (contents: read)
• Runs on: ubuntu-latest

Workflow Steps:

1. Checkout code
2. Set up Rust toolchain
3. Build dependency-installer binary
4. Install all dependencies using the binary
5. Verify installations succeeded

Why Use Our Binary

• ✅ Consistent with Issue 1-1
• ✅ Tested (comprehensive tests in Issues 1-1-1 through 1-1-4)
• ✅ Maintainable (single source of truth)
• ✅ Idempotent (safe to run multiple times)
• ✅ Better error handling than bash scripts

Acceptance Criteria

• Pre-commit checks pass
• Workflow file created at correct location
• Workflow runs successfully when triggered manually
• All dependencies are installed correctly
• Copilot agent can use the workflow

Time Estimate

2-3 hours

Related Documentation

• Full specification: docs/issues/120-1-4-configure-github-copilot-agent-environment.md
• GitHub Docs: Customizing Copilot Agent Environment</issue_description>

Comments on the Issue (you are @copilot in this section)

• Fixes Configure GitHub Copilot Agent Environment #120

---

💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.

[josecelano]

@copilot, the new workflow is failing to install cargo-machete. According tot he official docs (https://github.com/bnjbvr/cargo-machete) It's installed with:

cargo install cargo-machete

We are installing it in the workflow with "./packages/dependency-installer/src/installer/cargo_machete.rs"

The error:

Run # Use the binary we just built to install all dependencies
2025-11-06T08:00:35.237232Z  INFO torrust_dependency_installer::handlers::install: Installing all dependencies
2025-11-06T08:00:35.237250Z  INFO torrust_dependency_installer::installer::cargo_machete: Installing cargo-machete dependency="cargo-machete"
2025-11-06T08:00:35.237411Z  INFO torrust_dependency_installer::installer::opentofu: Installing OpenTofu dependency="opentofu"
2025-11-06T08:00:59.019894Z  INFO torrust_dependency_installer::installer::opentofu: OpenTofu installation completed dependency="opentofu" status="installed"
2025-11-06T08:00:59.019916Z  INFO torrust_dependency_installer::installer::ansible: Installing Ansible dependency="ansible"
2025-11-06T08:02:29.414614Z  INFO torrust_dependency_installer::installer::ansible: Ansible installation completed dependency="ansible" status="installed"
2025-11-06T08:02:29.414636Z  INFO torrust_dependency_installer::installer::lxd: Installing LXD dependency="lxd"
2025-11-06T08:03:18.129613Z  INFO torrust_dependency_installer::installer::lxd: LXD installation completed dependency="lxd" status="installed"
2025-11-06T08:03:18.129633Z  INFO torrust_dependency_installer::handlers::install: Dependency installation result dependency="cargo-machete" status="failed" error="Command execution failed for dependency 'cargo-machete': No such file or directory (os error 2)"
2025-11-06T08:03:18.129640Z  INFO torrust_dependency_installer::handlers::install: Dependency installation result dependency="OpenTofu" status="installed"
2025-11-06T08:03:18.129642Z  INFO torrust_dependency_installer::handlers::install: Dependency installation result dependency="Ansible" status="installed"
2025-11-06T08:03:18.129645Z  INFO torrust_dependency_installer::handlers::install: Dependency installation result dependency="LXD" status="installed"
2025-11-06T08:03:18.129647Z  INFO torrust_dependency_installer::handlers::install: Some dependencies failed to install failed_count=1 total_count=4
2025-11-06T08:03:18.129652Z ERROR torrust_dependency_installer::app: Command failed error=Install command failed: Failed to install all dependencies: Failed to install 1 out of 4 dependencies
Error: Process completed with exit code 1.

Copilot agent is executed as a workflow in a runner with this configuration:

Current runner version: '2.329.0'
Runner Image Provisioner
  Hosted Compute Agent
  Version: 20251016.436
  Commit: 8ab8ac8bfd662a3739dab9fe09456aba92132568
  Build Date: 2025-10-15T20:44:12Z
Operating System
  Ubuntu
  24.04.3
  LTS
Runner Image
  Image: ubuntu-24.04
  Version: 20251030.96.2
  Included Software: https://github.com/actions/runner-images/blob/ubuntu24/20251030.96/images/ubuntu/Ubuntu2404-Readme.md
  Image Release: https://github.com/actions/runner-images/releases/tag/ubuntu24%2F20251030.96
GITHUB_TOKEN Permissions
  Deployments: write
  Metadata: read
Secret source: None
Prepare workflow directory
Prepare all required actions
Getting action download info
Download action repository 'actions/upload-artifact@v4' (SHA:ea165f8d65b6e75b540449e92b4886f43607fa02)
Complete job name: copilot

The virtual machine has these tools installed: https://github.com/actions/runner-images/blob/ubuntu24/20251030.96/images/ubuntu/Ubuntu2404-Readme.md

---

Announcements
[Ubuntu] man-db automatic updates will be disabled on November 10th
[Ubuntu & Windows] Four tools scheduled for deprecation on November 3, 2025

---

Ubuntu 24.04

• OS Version: 24.04.3 LTS
• Kernel Version: 6.11.0-1018-azure
• Image Version: 20251030.96.2
• Systemd version: 255.4-1ubuntu8.11

Installed Software

Language and Runtime

• Bash 5.2.21(1)-release
• Clang: 16.0.6, 17.0.6, 18.1.3
• Clang-format: 16.0.6, 17.0.6, 18.1.3
• Clang-tidy: 16.0.6, 17.0.6, 18.1.3
• Dash 0.5.12-6ubuntu5
• GNU C++: 12.4.0, 13.3.0, 14.2.0
• GNU Fortran: 12.4.0, 13.3.0, 14.2.0
• Julia 1.12.1
• Kotlin 2.2.21-release-469
• Node.js 20.19.5
• Perl 5.38.2
• Python 3.12.3
• Ruby 3.2.3
• Swift 6.2

Package Management

• cpan 1.64
• Helm 3.19.0
• Homebrew 4.6.19
• Miniconda 25.9.1
• Npm 10.8.2
• Pip 24.0
• Pip3 24.0
• Pipx 1.8.0
• RubyGems 3.4.20
• Vcpkg (build from commit d80785c4ee)
• Yarn 1.22.22

Environment variables

Name	Value
CONDA	/usr/share/miniconda
VCPKG_INSTALLATION_ROOT	/usr/local/share/vcpkg

Homebrew note

Location: /home/linuxbrew
Note: Homebrew is pre-installed on image but not added to PATH.
run the eval "$(/home/linuxbrew/.linuxbrew/bin/brew shellenv)" command
to accomplish this.

Project Management

• Ant 1.10.14
• Gradle 9.2.0
• Lerna 9.0.0
• Maven 3.9.11

Tools

• Ansible 2.19.3
• AzCopy 10.31.0 - available by azcopy and azcopy10 aliases
• Bazel 8.4.2
• Bazelisk 1.26.0
• Bicep 0.38.33
• Buildah 1.33.7
• CMake 3.31.6
• CodeQL Action Bundle 2.23.3
• Docker Amazon ECR Credential Helper 0.10.1
• Docker Compose v2 2.38.2
• Docker-Buildx 0.29.1
• Docker Client 28.0.4
• Docker Server 28.0.4
• Fastlane 2.228.0
• Git 2.51.2
• Git LFS 3.7.1
• Git-ftp 1.6.0
• Haveged 1.9.14
• jq 1.7
• Kind 0.30.0
• Kubectl 1.34.1
• Kustomize 5.7.1
• MediaInfo 24.01
• Mercurial 6.7.2
• Minikube 1.37.0
• n 10.2.0
• Newman 6.2.1
• nvm 0.40.3
• OpenSSL 3.0.13-0ubuntu3.6
• Packer 1.14.2
• Parcel 2.16.0
• Podman 4.9.3
• Pulumi 3.205.0
• Skopeo 1.13.3
• Sphinx Open Source Search Server 2.2.11
• yamllint 1.37.1
• yq 4.48.1
• zstd 1.5.7
• Ninja 1.13.1

CLI Tools

• AWS CLI 2.31.25
• AWS CLI Session Manager Plugin 1.2.707.0
• AWS SAM CLI 1.145.2
• Azure CLI 2.78.0
• Azure CLI (azure-devops) 1.0.2
• GitHub CLI 2.82.1
• Google Cloud CLI 545.0.0

Java

Version	Environment Variable
8.0.472+8	JAVA_HOME_8_X64
11.0.29+7	JAVA_HOME_11_X64
17.0.17+10 (default)	JAVA_HOME_17_X64
21.0.9+10	JAVA_HOME_21_X64
25.0.1+8	JAVA_HOME_25_X64

PHP Tools

• PHP: 8.3.6
• Composer 2.8.12
• PHPUnit 8.5.48

Both Xdebug and PCOV extensions are installed, but only Xdebug is enabled.

Haskell Tools

• Cabal 3.16.0.0
• GHC 9.12.2
• GHCup 0.1.50.2
• Stack 3.7.1

Rust Tools

• Cargo 1.90.0
• Rust 1.90.0
• Rustdoc 1.90.0
• Rustup 1.28.2

Packages

• Rustfmt 1.8.0

Browsers and Drivers

• Google Chrome 142.0.7444.59
• ChromeDriver 142.0.7444.59
• Chromium 142.0.7444.0
• Microsoft Edge 141.0.3537.99
• Microsoft Edge WebDriver 141.0.3537.99
• Selenium server 4.38.0
• Mozilla Firefox 144.0.2
• Geckodriver 0.36.0

Environment variables

Name	Value
CHROMEWEBDRIVER	/usr/local/share/chromedriver-linux64
EDGEWEBDRIVER	/usr/local/share/edge_driver
GECKOWEBDRIVER	/usr/local/share/gecko_driver
SELENIUM_JAR_PATH	/usr/share/java/selenium-server.jar

.NET Tools

• .NET Core SDK: 8.0.121, 8.0.206, 8.0.318, 8.0.415, 9.0.111, 9.0.205, 9.0.306
• nbgv 3.8.118+69b3e0b5a0

Databases

• sqlite3 3.45.1

PostgreSQL

• PostgreSQL 16.10

User: postgres
PostgreSQL service is disabled by default.
Use the following command as a part of your job to start the service: 'sudo systemctl start postgresql.service'

MySQL

• MySQL 8.0.43-0ubuntu0.24.04.2

User: root
Password: root
MySQL service is disabled by default.
Use the following command as a part of your job to start the service: 'sudo systemctl start mysql.service'

Cached Tools

Go

• 1.22.12
• 1.23.12
• 1.24.9
• 1.25.3

Node.js

• 18.20.8
• 20.19.5
• 22.21.1
• 24.11.0

Python

• 3.9.24
• 3.10.19
• 3.11.14
• 3.12.12
• 3.13.9
• 3.14.0

PyPy

• 3.9.19 [PyPy 7.3.16]
• 3.10.16 [PyPy 7.3.19]
• 3.11.13 [PyPy 7.3.20]

Ruby

• 3.2.9
• 3.3.10
• 3.4.7

PowerShell Tools

• PowerShell 7.4.13

PowerShell Modules

• Az: 12.5.0
• Microsoft.Graph: 2.32.0
• Pester: 5.7.1
• PSScriptAnalyzer: 1.24.0

Web Servers

Name	Version	ConfigFile	ServiceStatus	ListenPort
apache2	2.4.58	/etc/apache2/apache2.conf	inactive	80
nginx	1.24.0	/etc/nginx/nginx.conf	inactive	80

Android

Package Name	Version
Android Command Line Tools	12.0
Android SDK Build-tools	36.0.0 36.1.0 35.0.0 35.0.1 34.0.0
Android SDK Platform-Tools	36.0.0
Android SDK Platforms	android-36.1 (rev 1) android-36-ext19 (rev 1) android-36-ext18 (rev 1) android-36 (rev 2) android-35-ext15 (rev 1) android-35-ext14 (rev 1) android-35 (rev 2) android-34-ext8 (rev 1) android-34-ext12 (rev 1) android-34-ext11 (rev 1) android-34-ext10 (rev 1) android-34 (rev 3)
Android Support Repository	47.0.0
CMake	3.31.5
Google Play services	49
Google Repository	58
NDK	26.3.11579264 27.3.13750724 (default) 28.2.13676358

Environment variables

Name	Value
ANDROID_HOME	/usr/local/lib/android/sdk
ANDROID_NDK	/usr/local/lib/android/sdk/ndk/27.3.13750724
ANDROID_NDK_HOME	/usr/local/lib/android/sdk/ndk/27.3.13750724
ANDROID_NDK_LATEST_HOME	/usr/local/lib/android/sdk/ndk/28.2.13676358
ANDROID_NDK_ROOT	/usr/local/lib/android/sdk/ndk/27.3.13750724
ANDROID_SDK_ROOT	/usr/local/lib/android/sdk

Installed apt packages

Name	Version
acl	2.3.2-1build1.1
aria2	1.37.0+debian-1build3
autoconf	2.71-3
automake	1:1.16.5-1.3ubuntu1
binutils	2.42-4ubuntu2.5
bison	2:3.8.2+dfsg-1build2
brotli	1.1.0-2build2
bzip2	1.0.8-5.1build0.1
coreutils	9.4-3ubuntu6.1
curl	8.5.0-2ubuntu10.6
dbus	1.14.10-4ubuntu4.1
dnsutils	1:9.18.39-0ubuntu0.24.04.2
dpkg	1.22.6ubuntu6.5
dpkg-dev	1.22.6ubuntu6.5
fakeroot	1.33-1
file	1:5.45-3build1
findutils	4.9.0-5build1
flex	2.6.4-8.2build1
fonts-noto-color-emoji	2.047-0ubuntu0.24.04.1
ftp	20230507-2build3
g++	4:13.2.0-7ubuntu1
gcc	4:13.2.0-7ubuntu1
gnupg2	2.4.4-2ubuntu17.3
haveged	1.9.14-1ubuntu2
iproute2	6.1.0-1ubuntu6.2
iputils-ping	3:20240117-1ubuntu0.1
jq	1.7.1-3ubuntu0.24.04.1
libnss3-tools	2:3.98-1build1
libsqlite3-dev	3.45.1-1ubuntu2.5
libssl-dev	3.0.13-0ubuntu3.6
libtool	2.4.7-7build1
libyaml-dev	0.2.5-1build1
locales	2.39-0ubuntu8.6
lz4	1.9.4-1build1.1
m4	1.4.19-4build1
make	4.3-4.1build2
mediainfo	24.01.1-1build2
mercurial	6.7.2-1ubuntu2.2
net-tools	2.10-0.1ubuntu4.4
netcat	1.226-1ubuntu2
openssh-client	1:9.6p1-3ubuntu13.14
p7zip-full	16.02+transitional.1
p7zip-rar	16.02+transitional.1
parallel	20231122+ds-1
patchelf	0.18.0-1.1build1
pigz	2.8-1
pkg-config	1.8.1-2build1
pollinate	4.33-3.1ubuntu1.1
python-is-python3	3.11.4-1
rpm	4.18.2+dfsg-2.1build2
rsync	3.2.7-1ubuntu1.2
shellcheck	0.9.0-1
sphinxsearch	2.2.11-8build1
sqlite3	3.45.1-1ubuntu2.5
ssh	1:9.6p1-3ubuntu13.14
sshpass	1.09-1
sudo	1.9.15p5-3ubuntu5.24.04.1
swig	4.2.0-2ubuntu1
systemd-coredump	255.4-1ubuntu8.11
tar	1.35+dfsg-3build1
telnet	0.17+2.5-3ubuntu4
texinfo	7.1-3build2
time	1.9-0.2build1
tk	8.6.14build1
tree	2.1.1-2ubuntu3
tzdata	2025b-0ubuntu0.24.04.1
unzip	6.0-28ubuntu4.1
upx	4.2.2-3
wget	1.21.4-1ubuntu4.1
xvfb	2:21.1.12-1ubuntu1.4
xz-utils	5.6.1+really5.4.5-1ubuntu0.2
zip	3.0-13ubuntu0.2
zsync	0.6.2-5build1

[Copilot]

@copilot, the new workflow is failing to install cargo-machete. According tot he official docs (https://github.com/bnjbvr/cargo-machete) It's installed with:

...

Fixed in commit ca533d5. The issue was that the workflow was running the entire installer with sudo, which prevented cargo from being found in the PATH when installing cargo-machete.

The solution: removed sudo from the workflow invocation. Each installer already handles privilege escalation internally:

• cargo-machete: runs cargo install (no sudo needed)
• OpenTofu: runs sudo on the installer script
• Ansible: runs sudo apt-get install
• LXD: runs sudo snap install and sudo lxd init

The workflow now runs target/release/dependency-installer install without sudo, allowing cargo-machete to install correctly while other dependencies still get the elevated privileges they need.

[josecelano]

ACK ca533d5