Description of problem:
As stated on this comment  and described by myself on this KCS article , on a cluster with ImageContentSourcePolicy  set, only global pull secrets  can be created. They cannot be added into a project .
Steps to Reproduce:
1. Configure ImageContentSourcePolicy in a cluster.
2. Add a pull secret into a project by linking it to its "default" service account.
3. Inside the project, try to pull images from the registry related to the new pull secret.
- ImagePullBackOff error.
- The images are pulled correctly
If this is considered a normal behaviour, please kindly move this bug to Documentation because I think this should be explained. In that case, Documentation Team could use my KCS article as a reference.
Just to clarify, where are you pulling the image from? Is it from one of the mirrors your configured via ICSP, or is it from the original location that you are mirroring?
If it is from one of the mirrors, only the global pull secret will work.
The user affected has confirmed that, indeed, they were using mirrors via ICSP.
Thanks for confirming that Lucas. In that case, this is not a bug. It just needs to be documented better, so moving over to the docs team.