In order to delete CRDs that it creates (ie when doing cleanup finalization for an AppInstance), kubit-applier needs delete permission.
kubit-cleanup-influxdb-c8g6l cleanup-manifests error: pruning CustomResourceDefinition.apiextensions.k8s.io licenses.influxdata.io: customresourcedefinitions.apiextensions.k8s.io "licenses.influxdata.io" is forbidden: User "system:serviceaccount:influxdb:kubit-applier" cannot delete resource "customresourcedefinitions" in API group "apiextensions.k8s.io" at the cluster scope
This PR adds the necessary delete permission to the existing ClusterRole. It also renames some functions and moves their calling location as a bit of added cleanup.
In order to delete CRDs that it creates (ie when doing cleanup finalization for an AppInstance),
kubit-applier
needs delete permission.This PR adds the necessary
delete
permission to the existingClusterRole
. It also renames some functions and moves their calling location as a bit of added cleanup.