We add ServiceAccounts, Roles and Rolebindings as owned resources when setting up the tenant and cluster controllers. This ensures that a reconcile of the owning tenant or cluster is triggered if its associated ServiceAccount is deleted.
Additionally, we change the owner reference on the tenant ServiceAccount, Role and RoleBinding to be a controller reference so that the reconcile for a tenant is actually triggered when its ServiceAccount is deleted. Notably, reconciles aren't triggered for owned resources, if the owner reference isn't a controller reference (cf. documentation for controllerutil.SetControllerReference and controllerutil.SetOwnerReference)
Split out from #234
Checklist
[x] Keep pull requests small so they can be easily reviewed.
[x] Categorize the PR by setting a good title and adding one of the labels:
bug, enhancement, documentation, change, breaking, dependency
as they show up in the changelog
We add ServiceAccounts, Roles and Rolebindings as owned resources when setting up the tenant and cluster controllers. This ensures that a reconcile of the owning tenant or cluster is triggered if its associated ServiceAccount is deleted.
Additionally, we change the owner reference on the tenant ServiceAccount, Role and RoleBinding to be a controller reference so that the reconcile for a tenant is actually triggered when its ServiceAccount is deleted. Notably, reconciles aren't triggered for owned resources, if the owner reference isn't a controller reference (cf. documentation for controllerutil.SetControllerReference and controllerutil.SetOwnerReference)
Split out from #234
Checklist
bug
,enhancement
,documentation
,change
,breaking
,dependency
as they show up in the changelog