this change solves the issue I recently had after setting SELinux to
Enforcing mode and the containers suddenly could not access files
from the bind mounts anymore. the solution is to mount volumes with
either z (preferable here) or Z to have them automatically relabelled
If you volume mount a image with -v /SOURCE:/DESTINATION:z docker will
automatically relabel the content for you to s0. If you volume mount with
a Z, then the label will be specific to the container, and not be able to
be shared between containers.
ref: https://www.projectatomic.io/blog/2015/06/using-volumes-with-docker-can-cause-problems-with-selinux/
pertains:
* Makefile (volume args for kaniko)
* docker-compose.yml ($PWD to /src mount and a db volume)
[skip ci]
* ./ instead of $PWD means that the mounted folder is not where the
command is run from but rather the folder local to the compose file
* use proper db creds format
surtur