From d6674e8ae137330f15542115bb359db034e78779 Mon Sep 17 00:00:00 2001
From: Mia Bennett <mia@chillfox.com>
Date: Wed, 5 Nov 2025 12:30:25 +0930
Subject: [PATCH 1/2] build(Dockerfile): [PPT-2278] add /tmp

---
 Dockerfile | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/Dockerfile b/Dockerfile
index 1f2c7f7..bdf20b2 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -52,6 +52,9 @@ RUN for binary in "/usr/bin/git" /app/bin/* /usr/libexec/git-core/*; do \
 RUN git config --system http.sslCAInfo /etc/ssl/certs/ca-certificates.crt
 RUN mkdir /repositories && chown -R appuser /repositories
 
+# Create tmp directory with proper permissions
+RUN rm -rf /tmp && mkdir -p /tmp && chmod 1777 /tmp
+
 # Build a minimal docker image
 FROM scratch
 WORKDIR /
@@ -83,6 +86,9 @@ COPY --from=build /usr/share/git-core/ /usr/share/git-core/
 COPY --from=build /usr/libexec/git-core/ /usr/libexec/git-core/
 COPY --chown=appuser:appuser --from=build /repositories /repositories
 
+# Copy tmp directory
+COPY --from=build /tmp /tmp
+
 # Use an unprivileged user.
 USER appuser:appuser
 

From 0cfab6466045907e55af005d2bfa702384301a25 Mon Sep 17 00:00:00 2001
From: Mia Bennett <mia@chillfox.com>
Date: Thu, 6 Nov 2025 13:27:43 +0930
Subject: [PATCH 2/2] build(Dockerfile): [PPT-2278] set permissions on /tmp

---
 Dockerfile | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/Dockerfile b/Dockerfile
index bdf20b2..277218b 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -89,6 +89,13 @@ COPY --chown=appuser:appuser --from=build /repositories /repositories
 # Copy tmp directory
 COPY --from=build /tmp /tmp
 
+# chmod for setting permissions on /tmp
+COPY --from=build /bin /bin
+COPY --from=build /lib/ld-musl-* /lib/
+RUN chmod -R a+rwX /tmp
+# hadolint ignore=SC2114,DL3059
+RUN rm -rf /bin /lib
+
 # Use an unprivileged user.
 USER appuser:appuser