Bug 2002363

Summary: Missing ability to provide deployment time ImageContentSourcePolicy during ZTP flow
Product: OpenShift Container Platform Reporter: Marius Cornea <mcornea>
Component: Telco EdgeAssignee: Ian Miller <imiller>
Telco Edge sub component: ZTP QA Contact: Marius Cornea <mcornea>
Status: CLOSED ERRATA Docs Contact:
Severity: high    
Priority: unspecified CC: aos-bugs, eparis, nstielau
Version: 4.8   
Target Milestone: ---   
Target Release: 4.10.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: No Doc Update
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2022-03-16 11:38:43 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Marius Cornea 2021-09-08 15:58:01 UTC 
Description of problem:

In a disconnected environment creating the ImageContentSourcePolicy providing mirror configuration for the operators setup in the same time with the operators subscriptions can lead to the issue described in BZ#1984829 where the operators InstallPlans get blocked and operators installation cannot succeed. In order to avoid this condition the ImageContentSourcePolicy needs to be created at deployment time which is not possible at this moment. 

To workaround this issue the ImageContentSourcePolicy can be injected in the ArgoCD container image by:


cat 04-rh-internal-icsp.yaml

apiVersion: operator.openshift.io/v1alpha1
kind: ImageContentSourcePolicy
metadata:
  name: fec-disconnected-icsp
spec:
  repositoryDigestMirrors:
  - mirrors:
    - {{ disconnected_registry }}
    source: registry.redhat.io


Containerfile:

FROM quay.io/redhat_emp1/ztp-site-generator:latest
COPY 04-rh-internal-icsp.yaml /usr/src/hook/ztp/source-crs/extra-manifest/04-rh-internal-icsp.yaml

 
Version-Release number of selected component (if applicable):
4.8
Comment 1 Nick Stielau 2021-10-07 17:19:08 UTC 
Assuming not a blocker for 4.9.  Please look for blocker? BZs and make a blocker determination.
Comment 2 Ian Miller 2021-10-19 11:56:30 UTC 
Linked PR supports ICSP as post-deployment configuration. This BZ is to include during deployment. Reopening.
Comment 4 Ian Miller 2022-03-03 14:53:16 UTC 
PR 801 adds support for user-supplied extra manifests. These manifests are applied to the cluster during installation.
Comment 5 Ian Miller 2022-03-03 14:56:16 UTC 
PR 862 adds support for phased installation of the post-installation configuration. The defaults apply the ICSP in the wave before Subscriptions. This ordering ensures that the ICSP exists prior to the subscription being created.
Comment 8 errata-xmlrpc 2022-03-16 11:38:43 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (OpenShift Container Platform 4.9.24 bug fix update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2022:0798