From 860469d4b14f69e13677cf4173634fa21f07a0ec Mon Sep 17 00:00:00 2001 From: Benjamin Admin Date: Mon, 8 Jun 2026 18:15:11 +0200 Subject: [PATCH] fix(agents): Default-Vault-Pfad nach /tmp damit Container-User schreiben kann MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit /app/artifacts gehört root und appuser darf nicht mkdir machen — Endpoint crashte mit PermissionError. Default jetzt /tmp/breakpilot/agent_runs. EVIDENCE_VAULT_ROOT-Env-Var bleibt für persistente Volumes nutzbar. Co-Authored-By: Claude Opus 4.7 (1M context) --- .../compliance/services/specialist_agents/_evidence_vault.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/backend-compliance/compliance/services/specialist_agents/_evidence_vault.py b/backend-compliance/compliance/services/specialist_agents/_evidence_vault.py index 44fa8572..c0cf71c6 100644 --- a/backend-compliance/compliance/services/specialist_agents/_evidence_vault.py +++ b/backend-compliance/compliance/services/specialist_agents/_evidence_vault.py @@ -50,9 +50,10 @@ logger = logging.getLogger(__name__) def _vault_root() -> Path: - """Resolved at call time so tests can monkeypatch the env var.""" + """Resolved at call time so tests can monkeypatch the env var. + Default to /tmp so the appuser can always write (container-friendly).""" return Path(os.environ.get( - "EVIDENCE_VAULT_ROOT", "/app/artifacts/agent_runs", + "EVIDENCE_VAULT_ROOT", "/tmp/breakpilot/agent_runs", ))