From c494b627133b3ccf725b34ddb796975f9e9ac12e Mon Sep 17 00:00:00 2001
From: Erich Blume <blume.erich@gmail.com>
Date: Mon, 30 Mar 2026 06:49:59 -0700
Subject: [PATCH] Fix Kingfisher container: add /tmp directory

Kingfisher needs a writable temp directory for git clones and scanning.
Nix containers don't create /tmp by default.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 containers/kingfisher/default.nix | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/containers/kingfisher/default.nix b/containers/kingfisher/default.nix
index c9e95b4..93c8384 100644
--- a/containers/kingfisher/default.nix
+++ b/containers/kingfisher/default.nix
@@ -105,11 +105,16 @@ pkgs.dockerTools.buildLayeredImage {
     pkgs.tzdata
   ];
 
+  extraCommands = ''
+    mkdir -p tmp
+  '';
+
   config = {
     Entrypoint = [ "${kingfisher}/bin/kingfisher" ];
     Env = [
       "SSL_CERT_FILE=${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"
       "TZDIR=${pkgs.tzdata}/share/zoneinfo"
+      "TMPDIR=/tmp"
     ];
     User = "65534";
   };