fix of SAST-found /tmp hotspot

HardMax71 · HardMax71 · commit c4d6ef36566c · 2025-07-06T11:40:23.000+02:00
diff --git a/backend/app/services/pod_manifest_builder.py b/backend/app/services/pod_manifest_builder.py
@@ -48,6 +48,9 @@ def build(self) -> Dict[str, Any]:
                     "image": self.image,
                     "imagePullPolicy": "IfNotPresent",
                     "command": self.command,
+                    "env": [
+                        {"name": "TMPDIR", "value": "/writeable"}
+                    ],
                     "resources": {
                         "limits":   {"cpu": self.pod_cpu_limit,
                                      "memory": self.pod_memory_limit},
@@ -57,7 +60,7 @@ def build(self) -> Dict[str, Any]:
                     "volumeMounts": [
                         {"name": "script-volume",   "mountPath": "/scripts", "readOnly": True},
                         {"name": "entrypoint-vol",  "mountPath": "/entry",   "readOnly": True},
-                        {"name": "writable-tmp",    "mountPath": "/tmp"}
+                        {"name": "writable-tmp",    "mountPath": "/writeable"}
                     ],
                     "terminationMessagePolicy": "FallbackToLogsOnError",
                     "securityContext": {
