fix(k8s): always copy GitHub workspace directories regardless of userMountVolumes

**Problem:**
The prepare script that copies GitHub workspace directories (/_github_workflow,
/_github_home) from /__w/_temp/ to /github/ was only created and executed when
userMountVolumes were defined. This caused failures when actions tried to access
$GITHUB_EVENT_PATH=/github/workflow/event.json in environments without user mounts.

**Root Cause:**
The conditional logic at line 102 tied the creation of the prepare script to the
presence of userMountVolumes:

```typescript
if (args.container?.userMountVolumes?.length) {
  prepareScript = prepareJobScript(args.container.userMountVolumes || [])
}
```

However, the prepare script ALWAYS needs to run to copy GitHub directories - these
are required for GitHub Actions to function correctly. The user mounts are optional.

**Impact:**
This bug affected:
- Kubernetes mode runners without user-defined mount volumes
- Kubernetes-novolume mode in all configurations
- Actions that access workflow metadata (e.g., Docker Buildx reading event.json)

**Solution:**
- Remove the conditional logic - always create and execute the prepare script
- The prepareJobScript function already handles empty userMountVolumes gracefully
- Separate the concerns: GitHub directory copying (required) vs user mount setup (optional)

**Testing:**
This fix has been validated in production with deskrun's cached-privileged-kubernetes
runners, where actions like Docker Buildx can now successfully access event.json.

Fixes #299
Related: rkoster/deskrun#28, rkoster/rubionic-workspace#226

Author: rubionic

packages/k8s/src/hooks/prepare-job.ts

@@ -98,10 +98,9 @@ export async function prepareJob(
 
   const runnerWorkspace = dirname(process.env.RUNNER_WORKSPACE as string)
 
-  let prepareScript: { containerPath: string; runnerPath: string } | undefined
-  if (args.container?.userMountVolumes?.length) {
-    prepareScript = prepareJobScript(args.container.userMountVolumes || [])
-  }
+  // Always create prepare script to copy GitHub workspace directories
+  // The script handles both required GitHub directories and optional user mounts
+  const prepareScript = prepareJobScript(args.container?.userMountVolumes || [])
 
   try {
     await waitForPodPhases(
@@ -117,25 +116,25 @@ export async function prepareJob(
 
   await execCpToPod(createdPod.metadata.name, runnerWorkspace, '/__w')
 
-  if (prepareScript) {
-    await execPodStep(
-      ['sh', '-e', prepareScript.containerPath],
-      createdPod.metadata.name,
-      JOB_CONTAINER_NAME
-    )
+  // Always execute prepare script to ensure GitHub workspace directories are copied
+  await execPodStep(
+    ['sh', '-e', prepareScript.containerPath],
+    createdPod.metadata.name,
+    JOB_CONTAINER_NAME
+  )
 
-    const promises: Promise<void>[] = []
-    for (const vol of args?.container?.userMountVolumes || []) {
-      promises.push(
-        execCpToPod(
-          createdPod.metadata.name,
-          vol.sourceVolumePath,
-          vol.targetVolumePath
-        )
+  // Copy user mount volumes if any are defined
+  const promises: Promise<void>[] = []
+  for (const vol of args?.container?.userMountVolumes || []) {
+    promises.push(
+      execCpToPod(
+        createdPod.metadata.name,
+        vol.sourceVolumePath,
+        vol.targetVolumePath
       )
-    }
-    await Promise.all(promises)
+    )
   }
+  await Promise.all(promises)
 
   core.debug('Job pod is ready for traffic')