Problem with default controller user

[Demcheck]

What steps will reproduce the bug?

1. Enable SSL and LDAP auth

What is the expected behavior?

Working auth and cluster

What do you see instead?

Operator can't connect to new cluster

Possible solution

No response

NiFiKop version

v.1.1.1

Golang version

1.19

Kubernetes version

1.24

NiFi version

No response

Additional context

In the cluster logs I can see that operator is trying to connect to new cluster but hasn't had enough privilage. message from nifi-user log:

identity[CN=simplenifi-controller], groups[] does not have permission to access the requested resource. Unknown user with identity 'CN=simplenifi-controller'. Returning Forbidden response.

Manifest of cluster:

apiVersion: nifi.konpyutaika.com/v1
kind: NifiCluster
metadata:
  name: simplenifi
  namespace: myns
spec:
  service:
    headlessEnabled: true
    labels:
      cluster-name: simplenifi
  zkAddress: "zookeeper-client:2181"
  zkPath: /simplenifi
  managedAdminUsers:
    -  identity : "myldapuser"
       name: "myldapuser"
  externalServices:
    - metadata:
        labels:
          cluster-name: driver-simplenifi
      name: driver-ip
      spec:
        portConfigs:
          - internalListenerName: https
            port: 8443
        type: ClusterIP
  clusterImage: "apache/nifi:1.15.3"
  initContainerImage: 'bash:5.2.2'
  oneNifiNodePerNode: false
  ldapConfiguration:
    enabled: true
    url: myldapserver
    searchBase: mybasedn
    searchFilter: sAMAccountName={0}
  readOnlyConfig:
    nifiProperties:
      webProxyHosts:
        - test-nifi.mydomain
      overrideConfigs: |
        nifi.sensitive.props.key=thisIsABadSensitiveKeyPassword
  pod:
    labels:
      cluster-name: simplenifi
      app.kubernetes.io/name: testnifi
  nodeConfigGroups:
    default_group:
      imagePullPolicy: IfNotPresent
      isNode: true
      serviceAccountName: default
      storageConfigs:
        - mountPath: "/opt/nifi/nifi-current/logs"
          name: logs
          pvcSpec:
            accessModes:
              - ReadWriteOnce
            storageClassName: "autodelete"
            resources:
              requests:
                storage: 10Gi
        - mountPath: /opt/nifi/data
          name: data
          pvcSpec:
            accessModes:
              - ReadWriteOnce
            resources:
              requests:
                storage: 10Gi
            storageClassName: autodelete
      resourcesRequirements:
        limits:
          cpu: "0.5"
          memory: 2Gi
        requests:
          cpu: "0.5"
          memory: 2Gi
  nodes:
    - id: 1
      nodeConfigGroup: "default_group"
    - id: 2
      nodeConfigGroup: "default_group"
  propagateLabels: true
  nifiClusterTaskSpec:
    retryDurationMinutes: 10
  listenersConfig:
    clusterDomain: cluster.local
    internalListeners:
      - containerPort: 8443
        type: https
        name: https
      - containerPort: 6007
        type: cluster
        name: cluster
      - containerPort: 10000
        type: s2s
        name: s2s
      - containerPort: 9090
        type: prometheus
        name: prometheus
      - containerPort: 6342
        type: load-balance
        name: load-balance
    sslSecrets:
      tlsSecretName: "nifi-test-cert-simple"
      create: true