Merge pull request #96980 from tedaveryredhat/OSDOCS-15614

OSDOCS-15614:Update the z-stream RNs for 4.19.7

Author: dfitzmau

release_notes/ocp-4-19-release-notes.adoc

@@ -2830,6 +2830,55 @@ This section will continue to be updated over time to provide notes on enhanceme
 For any {product-title} release, always review the instructions on xref:../updating/updating_a_cluster/updating-cluster-web-console.adoc#updating-cluster-web-console[updating your cluster] properly.
 ====
 
+// 4.19.7
+[id="ocp-4-19-7_{context}"]
+=== RHSA-2025:12341 - {product-title} {product-version}.7 image release, bug fix, and security update advisory
+
+Issued: 05 August 2025
+
+{product-title} release {product-version}.7, which includes security updates, is now available. The list of bug fixes that are included in the update is documented in the link:https://access.redhat.com/errata/RHSA-2025:12341[RHSA-2025:12341] advisory. The RPM packages that are included in the update are provided by the link:https://access.redhat.com/errata/RHBA-2025:12342[RHBA-2025:12342] advisory.
+
+Space precluded documenting all of the container images for this release in the advisory.
+
+You can view the container images in this release by running the following command:
+
+[source,terminal]
+----
+$ oc adm release info 4.19.7 --pullspecs
+----
+
+[id="ocp-4-19-7-enhancements_{context}"]
+==== Enhancements
+
+* The KubeVirt Container Storage Interface (CSI) driver now supports volume expansion. Users can dynamically increase the size of their persistent volumes in their tenant cluster. This capability simplifies storage management, allowing for more flexible and scalable infrastructure. (link:https://issues.redhat.com/browse/OCPBUGS-58239[OCPBUGS-58239])
+
+[id="ocp-4-19-7-bug-fixes_{context}"]
+==== Bug fixes
+
+* Before this update, a plugin conflict in the console modal occurred due to multiple plugins using the same `CreateProjectModal` extension point. As a consequence, only one plugin extension was used and the list order could not be changed. With this release, an update to the plugin store resolves extensions in the same order that are defined in the console operator configuration. As a result, anyone with permission to update the operator configuration can set the priority of the plugin. (link:https://issues.redhat.com/browse/OCPBUGS-56280[OCPBUGS-56280])
+
+* Before this update, when you clicked *Configure* in an `AlertmanagerReceiversNotConfigured` alert on the *Overview* page, a runtime error occurred.  With this release, improved navigation handling ensures that no runtime errors occur when you click *Configure*. (link:https://issues.redhat.com/browse/OCPBUGS-57105[OCPBUGS-57105])
+
+* Before this update, the `/metrics/usage` endpoint was updated to include authentication and Cross-Site Request Forgery (CSRF) protections. Because of this, requests to this endpoint started failing with a "forbidden" error message because the requests lacked the necessary CSRF token in the request cookie. With this release, a CSRF token was added to the `/metrics/usage` request cookie, which resolved the “forbidden” error message. (link:https://issues.redhat.com/browse/OCPBUGS-58331[OCPBUGS-58331])
+
+* Before this update, when you configured an OpenID Connect (OIDC) provider for a `HostedCluster` resource with an Open ID cluster that did not specify a client secret, a default secret name was automatically generated. As a consequence, you could not configure OIDC public clients because these clients cannot use client secrets. With this release, a default secret name is not generated when no client secret is provided. As a result, you can configure OIDC public clients. (link:https://issues.redhat.com/browse/OCPBUGS-58683[OCPBUGS-58683])
+
+* Before this update, when a Bare Metal Host (BMH) was marked as `Provisioned` or `ExternallyProvisioned`, the system would try to deprovision it or power it off first and the `DataImage` attached to the BMH would also prevent deletion. This issue blocked or slowed down host removal, creating operational inefficiencies. With this release, if the BMH has the `detached annotation` status and deletion is requested, the BMH transitions to the deleting state, allowing for direct deletion. (link:https://issues.redhat.com/browse/OCPBUGS-59133[OCPBUGS-59133])
+
+* Before this update, downloads on control plane nodes were inconsistently scheduled because of a mismatch between the node selector for downloads and the console pods. As a consequence, downloads were scheduled on random nodes, which caused potential resource contention and sub-optimal performance. With this release, downloaded workloads consistently schedule on control plane nodes, which improves resource allocation. (link:https://issues.redhat.com/browse/OCPBUGS-59488[OCPBUGS-59488])
+
+* Before this update, a cluster upgrade to {product-title} 4.18 caused inconsistent egress IP allocation due to stale Network Address Translation (NAT) handling. This issue occurred only when you deleted an egress IP pod while the OVN-Kubernetes controller for an egress node was down. As a consequence, duplicate Logical Router Policies and egress IP usage occurred, which caused inconsistent traffic flow and outage. With this release, egress IP allocation cleanup ensures consistent and reliable egress IP allocation in {product-title} 4.18 clusters. (link:https://issues.redhat.com/browse/OCPBUGS-59530[OCPBUGS-59530])
+
+* Before this update, if you did not have sufficient privileges when you logged into the console, the `get started` message occupied excessive space on pages. This issue prevented the complete display of important status messages such as `no resources found`. As a consequence, truncated versions of the messages were displayed. With this release, the `get started` message is resized and the page's disable property is removed to use less screen space and to allow scrolling. This fix allows users to view complete statuses and information on all pages. You can now view complete statuses and information on all pages. As a result, the `get started` content remains fully accessible through scrolling, which ensures the visibility of new user guidance and important system messages. (link:https://issues.redhat.com/browse/OCPBUGS-59639[OCPBUGS-59639])
+
+* Before this update, when you cloned a `.tar` file with zero length, the `oc-mirror` ran indefinitely due to an empty archive file. As a consequence, no progress occurred when you mirrored a 0-byte `.tar` file. With this release, 0-byte `.tar` files are detected and reported as errors, which prevents the `oc-mirror` from hanging. (link:https://issues.redhat.com/browse/OCPBUGS-59779[OCPBUGS-59779])
+
+* Before this update, the `oc-mirror` did not detect Helm Chart images that used an aliased sub-chart. As a consequence, the Helm Chart images were missing after mirroring. With this release, the `oc-mirror` detects and mirrors Helm Chart images with an aliased sub-chart. (link:https://issues.redhat.com/browse/OCPBUGS-59799[OCPBUGS-59799])
+
+[id="ocp-4-19-7-updating_{context}"]
+==== Updating
+To update an {product-title} 4.19 cluster to this latest release, see xref:../updating/updating_a_cluster/updating-cluster-cli.adoc#updating-cluster-cli[Updating a cluster using the CLI].
+
 // 4.19.6
 [id="ocp-4-19-6_{context}"]
 === RHSA-2025:11673 - {product-title} {product-version}.6 image release, bug fix, and security update advisory