feat: use proper SELinux context for bind mounts

this change solves the issue I recently had after setting SELinux to
Enforcing mode and the containers suddenly could not access files
from the bind mounts anymore. the solution is to mount volumes with
either z (preferable here) or Z to have them automatically relabelled

 If you volume mount a image with -v /SOURCE:/DESTINATION:z docker will
 automatically relabel the content for you to s0. If you volume mount with
 a Z, then the label will be specific to the container, and not be able to
 be shared between containers.

ref: https://www.projectatomic.io/blog/2015/06/using-volumes-with-docker-can-cause-problems-with-selinux/

pertains:
* Makefile (volume args for kaniko)
* docker-compose.yml ($PWD to /src mount and a db volume)

[skip ci]

Makefile

@@ -10,7 +10,7 @@ pruneargs = system prune -af
 dcmdrun = $(dcmd) run --rm
 wdir = /src
 kanikoimg = gcr.io/kaniko-project/executor
-dargskaniko = -w=$(wdir) -v $$(pwd):$(wdir) $(kanikoimg)
+dargskaniko = -w=$(wdir) -v $$(pwd):$(wdir):z $(kanikoimg)
 kanikoargs = -c=$(wdir) --use-new-run --snapshotMode=redo --no-push
 krelease = $(dcmdrun) $(dargskaniko) -f=$(dfile) $(kanikoargs)
 kdebug = $(dcmdrun) $(dargskaniko) -f=$(dfiledev) $(kanikoargs)

docker-compose.yml

@@ -8,7 +8,7 @@ services:
     ports:
     - 127.0.0.1:8001:5000
     volumes:
-    - ./:/src
+    - $PWD:/src:z
     environment:
       ASPNETCORE_ENVIRONMENT: Development
       DB_CONNECTION_STRING: "User ID=postgres;Password=679968312e029a806c1905c40ec331aa199a1eb86bd0b9eb04057933e449bdc9ef8ef292a39b68cafa5689c901a17266;Server=db;Port=5432;Database=pwt;Integrated Security=true;Pooling=true;"
@@ -26,7 +26,7 @@ services:
     ports:
     - 127.0.0.1:5432:5432
     volumes:
-    - dbdata:/var/lib/postgresql/data
+    - dbdata:/var/lib/postgresql/data:z
     environment:
       POSTGRES_USER: postgres
       POSTGRES_PASSWORD: 679968312e029a806c1905c40ec331aa199a1eb86bd0b9eb04057933e449bdc9ef8ef292a39b68cafa5689c901a17266