Fix secret permissions (#161)

Author: Anton

config/crd/bases/atlas.mongodb.com_atlasdatabaseusers.yaml

@@ -185,6 +185,10 @@ spec:
                   - type
                   type: object
                 type: array
+              connectionSecrets:
+                additionalProperties:
+                  type: string
+                type: object
               observedGeneration:
                 description: ObservedGeneration indicates the generation of the resource
                   specification that the Atlas Operator is aware of. The Atlas Operator

config/rbac/clusterwide/role.yaml

@@ -10,8 +10,12 @@ rules:
   resources:
   - secrets
   verbs:
+  - create
+  - delete
   - get
   - list
+  - patch
+  - update
   - watch
 - apiGroups:
   - atlas.mongodb.com

config/rbac/namespaced/role.yaml

@@ -11,8 +11,12 @@ rules:
   resources:
   - secrets
   verbs:
+  - create
+  - delete
   - get
   - list
+  - patch
+  - update
   - watch
 - apiGroups:
   - atlas.mongodb.com

pkg/controller/atlasdatabaseuser/atlasdatabaseuser_controller.go

@@ -47,9 +47,11 @@ type AtlasDatabaseUserReconciler struct {
 
 // +kubebuilder:rbac:groups=atlas.mongodb.com,resources=atlasdatabaseusers,verbs=get;list;watch;create;update;patch;delete
 // +kubebuilder:rbac:groups=atlas.mongodb.com,resources=atlasdatabaseusers/status,verbs=get;update;patch
+// +kubebuilder:rbac:groups="",resources=secrets,verbs=create;update;patch;delete
 
 // +kubebuilder:rbac:groups=atlas.mongodb.com,namespace=default,resources=atlasdatabaseusers,verbs=get;list;watch;create;update;patch;delete
 // +kubebuilder:rbac:groups=atlas.mongodb.com,namespace=default,resources=atlasdatabaseusers/status,verbs=get;update;patch
+// +kubebuilder:rbac:groups="",namespace=default,resources=secrets,verbs=create;update;patch;delete
 
 func (r *AtlasDatabaseUserReconciler) Reconcile(context context.Context, req ctrl.Request) (ctrl.Result, error) {
 	_ = context