Revise associated privileges to the service account
Currently the runner ServiceAccount needs access to every verb of any resource.
This is not ideal for multiple reasons:
- It is excessive
- It obfuscates the required privileges for runner to operate
- It raises security concerns for users
- It will limit the deployment on restricted clusters
Preferably the rules should only cover the least required privileges.
/cc @mendeni @WarheadsSE
Edited by Hossein Pursultani