Add additional explicitly listed permission

Signed-off-by: Daniel Fan <[email protected]>

bundle/manifests/operand-deployment-lifecycle-manager.clusterserviceversion.yaml

@@ -594,9 +594,9 @@ spec:
                 app.kubernetes.io/instance: operand-deployment-lifecycle-manager
                 app.kubernetes.io/managed-by: operand-deployment-lifecycle-manager
                 app.kubernetes.io/name: operand-deployment-lifecycle-manager
-                productName: IBM_Cloud_Platform_Common_Services
                 intent: projected-odlm
                 name: operand-deployment-lifecycle-manager
+                productName: IBM_Cloud_Platform_Common_Services
             spec:
               affinity:
                 nodeAffinity:
@@ -680,9 +680,13 @@ spec:
           - operator.ibm.com
           resources:
           - operandconfigs
+          - operandconfigs/status
           - operandregistries
+          - operandregistries/status
           - operandrequests
+          - operandrequests/status
           - operandbindinfos
+          - operandbindinfos/status
           verbs:
           - create
           - delete
@@ -697,6 +701,7 @@ spec:
           - configmaps
           - secrets
           - services
+          - namespaces
           verbs:
           - create
           - delete
@@ -717,6 +722,31 @@ spec:
           - patch
           - update
           - watch
+        - apiGroups:
+          - operators.coreos.com
+          resources:
+          - operatorgroups
+          - installplans
+          verbs:
+          - create
+          - delete
+          - get
+          - list
+          - patch
+          - update
+          - watch
+        - apiGroups:
+          - k8s.keycloak.org
+          resources:
+          - keycloaks
+          verbs:
+          - create
+          - delete
+          - get
+          - list
+          - patch
+          - update
+          - watch
         serviceAccountName: operand-deployment-lifecycle-manager
     strategy: deployment
   installModes:

config/manager/manager.yaml

@@ -10,6 +10,7 @@ metadata:
     app.kubernetes.io/instance: "operand-deployment-lifecycle-manager"
     app.kubernetes.io/managed-by: "operand-deployment-lifecycle-manager"
     app.kubernetes.io/name: "operand-deployment-lifecycle-manager"
+    productName: IBM_Cloud_Platform_Common_Services
   name: operand-deployment-lifecycle-manager
   namespace: system
 spec:
@@ -24,6 +25,7 @@ spec:
         app.kubernetes.io/instance: operand-deployment-lifecycle-manager
         app.kubernetes.io/managed-by: "operand-deployment-lifecycle-manager"
         app.kubernetes.io/name: "operand-deployment-lifecycle-manager"
+        productName: IBM_Cloud_Platform_Common_Services
         intent: projected-odlm
       annotations:
         productName: "IBM Cloud Platform Common Services"

config/rbac/role.yaml

@@ -40,9 +40,13 @@ rules:
   - operator.ibm.com
   resources:
   - operandconfigs
+  - operandconfigs/status
   - operandregistries
+  - operandregistries/status
   - operandrequests
+  - operandrequests/status
   - operandbindinfos
+  - operandbindinfos/status
 - verbs:
   - create
   - delete
@@ -57,6 +61,7 @@ rules:
   - configmaps
   - secrets
   - services
+  - namespaces
 - verbs:
   - create
   - delete
@@ -69,3 +74,28 @@ rules:
   - route.openshift.io
   resources:
   - routes
+- verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+  apiGroups:
+  - operators.coreos.com
+  resources:
+  - operatorgroups
+  - installplans
+- verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+  apiGroups:
+  - k8s.keycloak.org
+  resources:
+  - keycloaks