From 56910ea261c20203fec9e1d2b00d14c736be1a3f Mon Sep 17 00:00:00 2001
From: Zachary Winnerman <98712682+zwinnerman-fleetdm@users.noreply.github.com>
Date: Wed, 10 Aug 2022 09:22:13 -0400
Subject: [PATCH] Add vuln database config for sandbox (#7126)

---
 .../lambda/deploy_terraform/fleet/templates/deployment.yaml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/infrastructure/sandbox/PreProvisioner/lambda/deploy_terraform/fleet/templates/deployment.yaml b/infrastructure/sandbox/PreProvisioner/lambda/deploy_terraform/fleet/templates/deployment.yaml
index 84f145a2e5..2d973d3c51 100644
--- a/infrastructure/sandbox/PreProvisioner/lambda/deploy_terraform/fleet/templates/deployment.yaml
+++ b/infrastructure/sandbox/PreProvisioner/lambda/deploy_terraform/fleet/templates/deployment.yaml
@@ -54,6 +54,8 @@ spec:
             value: "1"
           - name: FLEET_LICENSE_ENFORCE_HOST_LIMIT
             value: "true"
+          - name: FLEET_VULNERABILITIES_DATABASES_PATH
+            value: /tmp/vuln
           {{- if ne .Values.packaging.enrollSecret "" }}
           - name: FLEET_PACKAGING_GLOBAL_ENROLL_SECRET
             value: "{{ .Values.packaging.enrollSecret }}"
@@ -303,6 +305,8 @@ spec:
           - name: osquery-logs
             mountPath: /logs
           {{- end }}
+          - name: tmp
+            mountPath: /tmp
         {{- end }}
       {{- if .Values.gke.cloudSQL.enableProxy }}
       - name: cloudsql-proxy
@@ -349,6 +353,8 @@ spec:
           emptyDir:
             sizeLimit: "{{ .Values.osquery.logging.filesystem.volumeSize }}"
         {{- end }}
+        - name: tmp
+          emptyDir:
       {{- end }}
       {{- with .Values.nodeSelector }}
       nodeSelector: