fix(runner-image): wipe Cirrus’s placeholder /Users/runner before addUser

Unit Tests on PR #10793 failed with:

``` EACCES: permission denied, mkdir ‘/Users/runner/.local/share/mise’ ```

Same root cause that nagged the Packer build: the Cirrus base ships `/Users/runner` as a placeholder owned by `admin`, sysadminctl sees the dir already exists and skips home creation, so the new `runner` user never actually owns its home. #10832 papered over the known build-time directories (`actions-runner/`, `work/`, `Library/`) by root-creating + chowning, but anything else the runtime tries to put under `/Users/runner` — `.local`, `.cache`, `.tuist`, etc. — falls into the same trap.

Fix

Wipe `/Users/runner` before `sysadminctl -addUser runner`. With no pre-existing placeholder, sysadminctl creates a fresh home from scratch with correct POSIX ownership and the default macOS user ACLs. The pre-create + chown stanzas later in the Packer template remain (idempotent), but they’re now belt-and-suspenders rather than a workaround — every `/Users/runner/` mkdir at runtime succeeds without us having to enumerate it ahead of time.

How to test

• gh workflow run runner-image.yml --ref claude/runner-image-fresh-home produces a green Packer build.
• After deploy, jdx/mise-action runs cleanly on a real workflow.

🤖 Generated with Claude Code

No GitHub comments yet.