Pass secrets from the host down to internal podman containers

This change will allow RHEL subscriptions from the host to flow
to internal containers.

Fixes: containers/common#1735

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>

contrib/podmanimage/stable/Containerfile

@@ -41,6 +41,9 @@ RUN sed -e 's|^#mount_program|mount_program|g' \
            /usr/share/containers/storage.conf \
            > /etc/containers/storage.conf
 
+# Setup internal Podman to pass subscriptions down from host to internal container
+RUN printf '/run/secrets:/run/secrets\n' > /etc/containers/mounts.conf
+
 # Note VOLUME options must always happen after the chown call above
 # RUN commands can not modify existing volumes
 VOLUME /var/lib/containers

contrib/podmanimage/testing/Containerfile

@@ -40,6 +40,9 @@ RUN sed -e 's|^#mount_program|mount_program|g' \
            /usr/share/containers/storage.conf \
            > /etc/containers/storage.conf
 
+# Setup internal Podman to pass secrets/subscriptions down from host to internal container
+RUN printf '/run/secrets:/run/secrets\n' > /etc/containers/mounts.conf
+
 # Note VOLUME options must always happen after the chown call above
 # RUN commands can not modify existing volumes
 VOLUME /var/lib/containers

contrib/podmanimage/upstream/Containerfile

@@ -47,6 +47,9 @@ RUN sed -e 's|^#mount_program|mount_program|g' \
            /usr/share/containers/storage.conf \
            > /etc/containers/storage.conf
 
+# Setup internal Podman to pass secrets/subscriptions down from host to internal container
+RUN printf '/run/secrets:/run/secrets\n' > /etc/containers/mounts.conf
+
 # Note VOLUME options must always happen after the chown call above
 # RUN commands can not modify existing volumes
 VOLUME /var/lib/containers