Question about binding a volume to write to in container

[MarkusRodler]

Hello,

i tried using CBL Mariner 2.0 distroless to write into a directory that is mapped to a volume on the host but with no success. Here is my Dockerfile:

FROM mcr.microsoft.com/cbl-mariner/base/core:2.0 AS publish
ENV DOTNET_CLI_TELEMETRY_OPTOUT 1
RUN tdnf -y install dotnet-sdk-6.0 ca-certificates-microsoft
WORKDIR /app
COPY ["Dark.csproj", "./"]
RUN dotnet restore "Dark.csproj" --runtime linux-x64
COPY . .
RUN dotnet publish "Dark.csproj" \
    --configuration Release \
    --output /app/publish \
    # --no-restore \
    --runtime linux-x64 \
    --self-contained true

FROM mcr.microsoft.com/dotnet/runtime-deps:6.0-cbl-mariner2.0-distroless AS final
WORKDIR /app
EXPOSE 5000
COPY --from=publish --chown=app:app /app/publish .
ENV ASPNETCORE_URLS=http://+:5000
ENTRYPOINT ["./Dark"]

As You can see in the last COPY statement I want to make the /app directory writeable to the non-root app user. If I then build and run the Image with: docker run --rm -p 5000:5000 -v ${PWD}/Data/:/app/Data/ dark-repository-mariner I got this exception: Access to the path '/app/Data/dummyfile.txt' is denied.

What can I do to write something to the Data folder?

Thanke in advance.

Greetings, Markus