From 8f6606832382bf24ffe65a832b8ba8615bf1c351 Mon Sep 17 00:00:00 2001
From: Charith Ellawala <charithe@users.noreply.github.com>
Date: Wed, 26 Apr 2023 13:45:49 +0100
Subject: [PATCH] fix: Mark /tmp as a container volume (#1546)

Explicitly mark `/tmp` and `/.cache` as volumes so that the directories
are automatically created within the container.

Ideally `/tmp` should be a `tmpfs` mount and `/.cache` should be a
persistent mount, especially when the `bundle` driver is in use.

Signed-off-by: Charith Ellawala <charith@cerbos.dev>
---
 Dockerfile.cerbos | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Dockerfile.cerbos b/Dockerfile.cerbos
index 45f56363f..dc8447c60 100644
--- a/Dockerfile.cerbos
+++ b/Dockerfile.cerbos
@@ -4,7 +4,7 @@ RUN apk add -U --no-cache ca-certificates && update-ca-certificates
 FROM scratch
 EXPOSE 3592 3593
 ENV CERBOS_CONFIG="__default__"
-VOLUME ["/policies"]
+VOLUME ["/policies", "/tmp", "/.cache"]
 ENTRYPOINT ["/cerbos"]
 CMD ["server"]
 HEALTHCHECK --interval=1m --timeout=3s CMD ["/cerbos", "healthcheck"]