Description of problem: In a disconnected environment creating the ImageContentSourcePolicy providing mirror configuration for the operators setup in the same time with the operators subscriptions can lead to the issue described in BZ#1984829 where the operators InstallPlans get blocked and operators installation cannot succeed. In order to avoid this condition the ImageContentSourcePolicy needs to be created at deployment time which is not possible at this moment. To workaround this issue the ImageContentSourcePolicy can be injected in the ArgoCD container image by: cat 04-rh-internal-icsp.yaml apiVersion: operator.openshift.io/v1alpha1 kind: ImageContentSourcePolicy metadata: name: fec-disconnected-icsp spec: repositoryDigestMirrors: - mirrors: - {{ disconnected_registry }} source: registry.redhat.io Containerfile: FROM quay.io/redhat_emp1/ztp-site-generator:latest COPY 04-rh-internal-icsp.yaml /usr/src/hook/ztp/source-crs/extra-manifest/04-rh-internal-icsp.yaml Version-Release number of selected component (if applicable): 4.8
Assuming not a blocker for 4.9. Please look for blocker? BZs and make a blocker determination.
Linked PR supports ICSP as post-deployment configuration. This BZ is to include during deployment. Reopening.
PR 801 adds support for user-supplied extra manifests. These manifests are applied to the cluster during installation.
PR 862 adds support for phased installation of the post-installation configuration. The defaults apply the ICSP in the wave before Subscriptions. This ordering ensures that the ICSP exists prior to the subscription being created.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (OpenShift Container Platform 4.9.24 bug fix update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2022:0798