OSDOCS-12973: Documented the 4.17.10 z-stream release notes

release_notes/ocp-4-17-release-notes.adoc

@@ -2874,6 +2874,76 @@ This section will continue to be updated over time to provide notes on enhanceme
 For any {product-title} release, always review the instructions on xref:../updating/updating_a_cluster/updating-cluster-web-console.adoc#updating-cluster-web-console[updating your cluster] properly.
 ====
 
+// 4.17.10
+[id="ocp-4-17-10_{context}"]
+=== RHBA-2024:11522 - {product-title} {product-version}.10 bug fix, and security update advisory
+
+Issued: 02 January 2024
+
+{product-title} release {product-version}.10 is now available. The list of bug fixes that are included in the update is documented in the link:https://access.redhat.com/errata/RHBA-2024:11522[RHBA-2024:11522] advisory. The RPM packages that are included in the update are provided by the link:https://access.redhat.com/errata/RHBA-2024:11525[RHBA-2024:11525] advisory.
+
+Space precluded documenting all of the container images for this release in the advisory.
+
+You can view the container images in this release by running the following command:
+
+[source,terminal]
+----
+$ oc adm release info 4.17.10 --pullspecs
+----
+
+[id="ocp-4-17-10-enhancements_{context}"]
+==== Enhancements
+
+[id="ocp-4-17-10-node-tuning-operator_{context}"]
+===== Node Tuning Operator architecture detection
+
+The Node Tuning Operator can now properly select kernel arguments and management options for Intel and AMD CPUs. (link:https://issues.redhat.com/browse/OCPBUGS-43664[*OCPBUGS-43664*]) 
+
+[id="ocp-4-17-10-bug-fixes_{context}"]
+==== Bug fixes
+
+// SME review
+* Previously, when the webhook token authenticator was enabled and had the authorization type set to `None`, the {product-title} web console would consistently crash. With this release, a bug fix ensures that this configuration does not cause the {product-title} web console to crash. (link:https://issues.redhat.com/browse/OCPBUGS-46390[*OCPBUGS-46390*])
+
+* Previously, a hard eviction of a pod in a node caused a pod to enter a termination grace period instead of instantly shutting down and getting deleted by the kubelet. Each pod that enters a termination grace period exhausts the resources of the node. With this release, a bug fix ensures that a pod enter a `1` second termination grace period so that the kubelet can shut down and then delete the pod. (link:https://issues.redhat.com/browse/OCPBUGS-46364[*OCPBUGS-46364*])
+
+// https://issues.redhat.com/browse/OCPBUGS-46082 marked as internal. Check closer to the release date if the Jira switched status.
+
+// SME review
+* Previously, the `SiteConfig` custom resource (CR) configuration, which configures ingress rules and sevices for a cluster, caused the `BareMetalHost` CR to remain in a deleted state instead of being deleted as part of the cluster cleanup operation. With this release, this issue no longer occurs provided that you update to the GitOps Operator to version 1.13 or a later version. (link:https://issues.redhat.com/browse/OCPBUGS-46071[*OCPBUGS-46071*]) 
+
+* Previously, when you attempted to use {olm-first} to upgrade an Operator, the upgrade was blocked and an `error validating existing CRs against new CRD's schema` message was generated. An issue existed with {olm}, whereby {olm} erroneously identified incompatibility issues validating existing custom resources (CRs) against the new Operator version's custom resource definitions (CRDs). With this release, the validation is corrected so that Operator upgrades are no longer blocked. (link:https://issues.redhat.com/browse/OCPBUGS-46054[*OCPBUGS-46054*]) 
+
+// OCPBUGS-46002 mentions the latest Kubernetes version but is the note needed?
+
+* Previously, a `PipelineRuns` CR that used a resolver could not be rerun on the {product-title} web console. If you attempted ro rerun the CR, a `Invalid PipelineRun configuration, unable to start Pipeline.` was generated. With this release, you can now rerun a `PipelineRuns` CR that uses resolver without experience this issue. (link:https://issues.redhat.com/browse/OCPBUGS-45949[*OCPBUGS-45949*]) 
+
+* Previously, when you used the *Form View* to edit `Deployment` or `DeploymentConfig` API objects on the {product-title} web console, duplicate `ImagePullSecrets` parameters existed in the YAML configuration for either object. With this release, a fix ensures that duplicate `ImagePullSecrets` parameters do not get automatically added for either object. (link:https://issues.redhat.com/browse/OCPBUGS-45948[*OCPBUGS-45948*])
+
+// SME review
+* Previously, the `aws-sdk-go-v2` software development kit (SDK) failed to authenticate an `AssumeRoleWithWebIdentity` API operation on an {aws-first} {sts-first} cluster. With this release, `pod-identity-webhook` now includes a default region so that this issue no longer persists. (link:https://issues.redhat.com/browse/OCPBUGS-45938[*OCPBUGS-45938*])
+
+// SME review
+* Previously, the installation of an {aws-short} cluster failed when the service control policy (SCP) had `false` specified for its `AssociatePublicIpAddress` parameter. With this release, a fix ensures that this SCP configuration no longer causes the installation of an {aws-short} cluster to fail. (link:https://issues.redhat.com/browse/OCPBUGS-45186[*OCPBUGS-45186*])
+
+// SME review
+* Previously, an additional `name` property was being passed into a *CSV details* on the Prometheus web console. The additonal property impacted the *CSV details* page results by causing the operand list to filter by cluster service version (CSV) name and this in turn resulted in an empty list. With this release, the extra `name` property is no longer passed to the *CSV details* page, so that the results now list available operands as expected. (link:https://issues.redhat.com/browse/OCPBUGS-45938[*OCPBUGS-45938*])
+
+* Previously, when you ran the `oc adm node-image create` command, the command would sometimes command fail and output an `image can't be pulled` error message. With this release, a fix adds a retry mechanism to the command so that if the command fails to pull images from a release workload, a retry operation ensures the command runs as expected. (link:https://issues.redhat.com/browse/OCPBUGS-45517[*OCPBUGS-45517*])
+
+* Previously, an {ibm-power-server-name} cluster installation failed on installer-provisioned infrastructure because the installation program used a random network type instead of using of the specified network type that was specified in the `install-config.yaml` configuration file. With this release, the installation program now uses the network type that is specified in the `install-config.yaml` so that this issue no longer persists. (link:https://issues.redhat.com/browse/OCPBUGS-45484[*OCPBUGS-45484*])
+
+// SME review
+* Previously, the validation of Non-Uniform Memory Access (NUMA) node topologies expected equal core indices. This expectation caused the Performance Profile Creator (PPC) to report inaccurate information for compute nodes. With this release, the validation check no longer expects equal core indices so that the PPC now reports accurate information for compute nodes. (link:https://issues.redhat.com/browse/OCPBUGS-44644[*OCPBUGS-44644*])
+
+// https://issues.redhat.com/browse/OCPBUGS-43714 is already a known issue in the 4.17 notes. No need to duplicate the note.
+
+* Previously, installing an {aws-short} cluster in either the Commercial Cloud Services (C2S) region or the Secret Commercial Cloud Services (SC2S) region failed because the installation program added unsupported security groups to the load balancer. With this release, the installation program no longer adds unsupported security groups to the load balancer for a cluster that needs to be installed in either the C2S region or SC2S region. (link:https://issues.redhat.com/browse/OCPBUGS-42763[*OCPBUGS-42763*])
+
+[id="ocp-4-17-10-updating_{context}"]
+==== Updating
+To update an {product-title} 4.17 cluster to this latest release, see xref:../updating/updating_a_cluster/updating-cluster-cli.adoc#updating-cluster-cli[Updating a cluster using the CLI].
+
 // 4.17.9
 [id="ocp-4-17-9_{context}"]
 === RHBA-2024:11010 - {product-title} {product-version}.9 bug fix, and security update advisory