What made Red Hat think it was a good idea to bind containers to a docker hosts’s /etc/rhsm and /etc/pki data?

I recently ran into a situation where a RHEL 7 docker host that’s primarily used for continuous integration jobs couldn’t use the ubi9/ubi container image. Why? Because the host didn’t have entitlements for RHEL 9.

After fiddling around with injecting RHEL 9 certs into the image I managed to enable the base repositories and a few extras, however that’s about the time I realized this whole thing was an exercise in futility. Basic packages like createrepo_c were completely missing and I wasn’t able to figure out which RHN channel provided it. Why are they separating rpmdevtools from createrepo_c at the repository level anyway; what’s the point?

I wasted a solid day sifting through the only relevant documentation Red Hat provides (for OpenShift, not Docker) before giving up and going with quay.io/centos/centos:stream9.

After that I was back in business, building and distributing RPMs in about three minutes time.