fix(cleanup): harden runtime directory garbage collection

Add RAII CacheGuard so early exits still clean up sot_path, handle
SIGTERM alongside SIGINT, and fall back to filesystem discovery when
GetJobIds fails due to actor crash.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

Author: aster-void

src/git.rs

@@ -405,14 +405,52 @@ pub fn copy_build_to_run(build_dir: &Path, run_dir: &Path) -> Result<()> {
     Ok(())
 }
 
+/// Discovers job directories by scanning the filesystem for `<sot_name>@*` entries.
+/// Used as a fallback when the actor system can't provide job IDs.
+pub fn discover_job_dirs(sot_path: &Path) -> Vec<PathBuf> {
+    let Some(parent) = sot_path.parent() else {
+        return Vec::new();
+    };
+    let sot_name = sot_path
+        .file_name()
+        .and_then(|s| s.to_str())
+        .unwrap_or("unknown");
+    let prefix = format!("{}@", sot_name);
+
+    let Ok(entries) = std::fs::read_dir(parent) else {
+        return Vec::new();
+    };
+
+    entries
+        .filter_map(|e| e.ok())
+        .filter(|e| {
+            e.file_name()
+                .to_str()
+                .is_some_and(|name| name.starts_with(&prefix))
+        })
+        .map(|e| e.path())
+        .collect()
+}
+
 /// Removes the sot_path and all associated job directories.
+/// If `job_ids` is empty, falls back to filesystem discovery.
 pub fn cleanup_cache_dir(sot_path: &Path, job_ids: &[String]) {
     use tracing::{info, warn};
 
+    // Determine job directories: use provided IDs if available, otherwise scan filesystem
+    let job_dirs: Vec<PathBuf> = if job_ids.is_empty() {
+        let discovered = discover_job_dirs(sot_path);
+        if !discovered.is_empty() {
+            info!("Discovered {} job directories via filesystem scan", discovered.len());
+        }
+        discovered
+    } else {
+        job_ids.iter().map(|id| get_job_dir(sot_path, id)).collect()
+    };
+
     // Remove job directories
-    for job_id in job_ids {
-        let job_dir = get_job_dir(sot_path, job_id);
-        let build_dir = get_build_dir(sot_path, job_id);
+    for job_dir in &job_dirs {
+        let build_dir = job_dir.join("build");
 
         // Remove git worktree first (if it exists)
         if build_dir.join(".git").exists() {
@@ -429,11 +467,11 @@ pub fn cleanup_cache_dir(sot_path: &Path, job_ids: &[String]) {
 
         if job_dir.exists() {
             info!(path = %job_dir.display(), "Removing job directory");
-            let _ = std::fs::remove_dir_all(&job_dir);
+            let _ = std::fs::remove_dir_all(job_dir);
         }
 
         // Also remove temp/old variants for run dir
-        let run_dir = get_run_dir(sot_path, job_id);
+        let run_dir = job_dir.join("run");
         let _ = std::fs::remove_dir_all(run_dir.with_extension("tmp"));
         let _ = std::fs::remove_dir_all(run_dir.with_extension("old"));
     }

src/main.rs

@@ -26,6 +26,58 @@ struct Args {
     pull_interval: u64,
 }
 
+/// RAII guard that cleans up cache directories on drop.
+struct CacheGuard {
+    sot_path: PathBuf,
+    job_ids: Vec<String>,
+}
+
+impl CacheGuard {
+    fn new(sot_path: PathBuf) -> Self {
+        Self {
+            sot_path,
+            job_ids: Vec::new(),
+        }
+    }
+
+    fn set_job_ids(&mut self, ids: Vec<String>) {
+        self.job_ids = ids;
+    }
+
+    /// Disarm the guard (cleanup already handled manually).
+    #[allow(dead_code)]
+    fn disarm(self) {
+        std::mem::forget(self);
+    }
+}
+
+impl Drop for CacheGuard {
+    fn drop(&mut self) {
+        git::cleanup_cache_dir(&self.sot_path, &self.job_ids);
+    }
+}
+
+/// Waits for either SIGINT (Ctrl+C) or SIGTERM.
+async fn shutdown_signal() {
+    let ctrl_c = tokio::signal::ctrl_c();
+
+    #[cfg(unix)]
+    {
+        use tokio::signal::unix::{SignalKind, signal};
+        let mut sigterm =
+            signal(SignalKind::terminate()).expect("Failed to register SIGTERM handler");
+        tokio::select! {
+            _ = ctrl_c => {}
+            _ = sigterm.recv() => {}
+        }
+    }
+
+    #[cfg(not(unix))]
+    {
+        ctrl_c.await.ok();
+    }
+}
+
 #[tokio::main]
 async fn main() -> Result<()> {
     logging::init();
@@ -50,6 +102,9 @@ async fn main() -> Result<()> {
     git::clone_to(&source, &sot_path)?;
     info!(cache = %sot_path.display(), "Repository ready");
 
+    // RAII guard ensures sot_path is cleaned up even on early exit
+    let mut cache_guard = CacheGuard::new(sot_path.clone());
+
     let (initial_runner, initial_jobs) = load_config(&sot_path)?;
 
     // Spawn Runner actor
@@ -68,18 +123,20 @@ async fn main() -> Result<()> {
         return Ok(());
     }
 
-    // Wait for shutdown signal
-    tokio::signal::ctrl_c().await?;
+    // Wait for shutdown signal (SIGINT or SIGTERM)
+    shutdown_signal().await;
     info!("Shutting down...");
 
-    // Get job IDs for cleanup
+    // Get job IDs for cleanup (fall back to filesystem scan if actor is dead)
     let job_ids = runner.send(GetJobIds).await.unwrap_or_default();
+    cache_guard.set_job_ids(job_ids);
 
     // Graceful shutdown
     let _ = runner.send(GracefulShutdown).await;
 
-    // Cleanup cache directories
-    git::cleanup_cache_dir(&sot_path, &job_ids);
+    // Cleanup via guard drop (disarm and run manually to log any issues)
+    // The guard will run cleanup in its Drop, so just let it go out of scope.
+    drop(cache_guard);
 
     Ok(())
 }