In the NewSafeResourceName function, TALM truncates the policy name if needed. It could happen that the policy name is truncated such that the last character is ".". In this situation, the policy name would then be concatenated with "-" and a random generated suffix resulting in a policy name that follows this model: "policy_name.-suffix". This type of name is not accepted and the following error is seen either in ArgoCD or in the policy's status:

    - eventName: ztp-install.cgu-sriov-cloudransno-site9-spree-lb-du-cvslc-2q45j.178b853ab0ff0097
      lastTimestamp: "2023-10-06T12:42:51Z"
      message: 'NonCompliant; template-error; Failed to create policy template: ConfigurationPolicy.policy.open-cluster-management.io
        "cgu-sriov-cloudransno-site9-spree-lb-du-cvslcm-4.14.0-rc.-nr9fv" is invalid:
        metadata.name: Invalid value: "cgu-sriov-cloudransno-site9-spree-lb-du-cvslcm-4.14.0-rc.-nr9fv":
        a lowercase RFC 1123 subdomain must consist of lower case alphanumeric characters,
        ''-'' or ''.'', and must start and end with an alphanumeric character (e.g.
        ''example.com'', regex used for validation is ''[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'')'

OCP install with hub and at least one SNO. TALM installed. Version 4.13 preferably. I think this issue is also present in 4.12.

1. Create policy with the lb-du-cvslcm-4.14.0-rc.4 name
2. Create CGU with the cgu-sriov-cloudransno-site9-spree name
3. Apply the above CGU and enable it
4. Check the status of the policy created by TALM

No error in the status of the policy created by TALM.

We can work around this issue by choosing a different CGU name.
As a solution, TALM could either: truncate such that the last character is not "." or simply remove all the "." characters.