This bug was initially created as a copy of Bug #2116644

I am copying this bug because:

Description of problem:

The cluster is having cluster proxy configured as below:

~~~
apiVersion: v1
items:

• apiVersion: config.openshift.io/v1
  kind: Proxy
  ....
  ....
  spec:
  trustedCA:
  name: custom-ca <<<
  ~~~

However, the custom-ca was only created in openshit-config namespace by following https://docs.openshift.com/container-platform/4.10/networking/enable-cluster-wide-proxy.html.

However, while importing the disk, the importer pod is in ContainerCreating status and we have the below events:

~~~
12m Warning FailedMount pod/importer-rhel7-sophisticated-parrotfish MountVolume.SetUp failed for volume "cdi-proxy-cert-vol" : configmap "custom-ca" not found
~~~

This is because the custom-ca is not available in the namespace where we are importing the disk. The user has to manually copy the ConfigMap custom-ca to the namespace for the import to work.

Version-Release number of selected component (if applicable):

OpenShift Virtualization 4.10.3

How reproducible:

100 %

Steps to Reproduce:

1. Add spec.trustedCA in the cluster-wide proxy configuration.
2. Create the ConfigMap that contains CA certificates in openshift-config namespace.
3. Try to import a image in namespace other than openshift-config. The importer pod will be stuck in `ContainerCreating` status.

Actual results:

Importer pod is failing to start with error "MountVolume.SetUp failed for volume "cdi-proxy-cert-vol" : configmap "custom-ca" not found"

Expected results:

Since the error is creating confusion, it would be ideal if the ConfigMap is automatically copied to the namespace where the user is trying to import the VM/disk. If not, I think we should mention this is the documentation to copy the ConfigMap manually.

Additional info: