Cincinnati has a plugin dkrv2-secondary-metadata-scrape

which can be used to scrape the graph-data container directly from registry. 

By moving to this plugin, we can move away from the current init-container method, which would have benefits like support for graph-data images that just contained YAML and similar config, and did not include binaries like the UBI cp we use in init containers. Using the plugin to get fresh graph-data content also avoids the need to rebuild the primary metadata cache via many expensive registry scrapes whenever graph-data updates the secondary metadata.

To use this plugin, add the following snippet to gb.toml

[[plugin_settings]]
name="dkrv2-secondary-metadata-scrape"
registry = "quay.io"
repository = "pmahajan/cincinnati-graph-datas"
tag = "latest"
output_directory = "/tmp/dkrv2chk"
credentials_path = "credentials_file"

The plugin is intelligent enough to remove irrelavent files from the container.

Sample dockerfile for making this plugin work: 

FROM busybox as downloader
ADD https://github.com/openshift/cincinnati-graph-data/archive/38658d97fb5f5fd457d6b99dbd3832d2754dbb01.tar.gz /graph-data.tar.gz
RUN mkdir -p /graph-data
RUN tar xav -C /graph-data -f /graph-data.tar.gz --no-same-owner
FROM scratch
COPY --from=downloader /graph-data/* /

 
We will need to change the cincinnati-operator to pass the options to the operand binary. We don't expect this to be a large change.
 

Challenges: 

We need to fix the dkregistry container permissions issues before we can move to using dkrv2 in operator https://issues.redhat.com/browse/OTA-920 

Reference:

Slack Thread 

Definition of Done: 

• Cincinnati Operator uses the dkrv2 plugin by default to scrape graph-data (only) in disconnected environment