Users who are working in a disconnected environment do not have direct access to Quay.io and therefore the CSO cannot pull security information for images in the cluster. We should allow users to define proxy variables for their cluster in the pod deployment or use cluster wide proxy settings.

NOTES

• Proxies can be set by editing the Subscription
• What happens with this customized Subscription upon operator upgrade ? (does it preserve?)
• How do we mount the proxy CAs
• For further reference on Subscription customization: https://access.redhat.com/documentation/en-us/openshift_container_platform/4.3/html/operators/olm-configuring-proxy-support

ACCEPTANCE CRITERIA

• If cluster has global proxy configured, they are used by CSO (including proxies that require certs)
• Users can overwrite the proxy configuration (environment variables)
• Proxies certs can be provided if necessary (if not set globally)