-
Bug
-
Resolution: Unresolved
-
Normal
-
None
-
None
-
3
-
False
-
None
-
False
-
-
-
OSDOCS Sprint 250
-
Important
-
0
The following is also not a OpenShift issue, but needs to be corrected.
Under the following solutions document:
https://access.redhat.com/solutions/6487721
The resolution showing that a volume needs to be added to the Clair podman run command is correct:
-v /path/to/Quay/ca.crt:/run/certs/ca.crt:Z
However, the given example is incorrect, where it attempts to mount a single file to two files within the container (/run/certs/ca.crt and /etc/pki/ca-trust/source/anchors/ca.crt):
podman run -d --restart=always --name clair -v /var/lib/clair-config:/clair/config:z -v /path/to/Quay/ca.crt:/run/certs/ca.crt:Z:/etc/pki/ca-trust/source/anchors/ca.crt:z quay.io/redhat/clair-jwt:v3.2.1
When attempting to perform a command using the example, the following error occurs:
$ podman run -d --name clairv4 \
> -p 8081:8081 -p 8088:8088 \
> -e CLAIR_CONF=/clair/config.yaml \
> -e CLAIR_MODE=combo \
> -v /root/internalca/rootCACert.pem:/run/certs/ca.crt:Z:/etc/pki/ca-trust/source/anchors/ca.crt:z \
> -v $QUAY/clairv4/config:/clair:Z \
> registry.redhat.io/quay/clair-rhel8:v3.10.3
Error: /root/internalca/rootCACert.pem:/run/certs/ca.crt:Z:/etc/pki/ca-trust/source/anchors/ca.crt:z: incorrect volume format, should be [host-dir:]ctr-dir[:option]
The document should have this as the example to mount to a single file:
podman run -d --restart=always --name clair -v /var/lib/clair-config:/clair/config:z -v /path/to/Quay/ca.crt:/run/certs/ca.crt:Z quay.io/redhat/clair-jwt:v3.2.1
