Create Kubernetes service account with role admin
Problem to solve
The service account created by the Kubernetes integration should be able to create further service accounts, roles and role bindings to deploy applications that need to communicate with Kubernetes.
Intended users
Unknown
Further details
Currently service accounts are created with the cluster role edit, which is automatically maintained and contains access all normal objects.
It does however not include access to roles and role bindings.
This means that deploying and testing permission changes, even within this one namespace, can't be done via the Kubernetes integration.
This can be fixed by applying the admin cluster role, which includes access to those objects.
Proposal
Change Clusters::Gcp::Kubernetes::PROJECT_CLUSTER_ROLE_NAME to admin.
Permissions and Security
Documentation
Update "Environment namespace" row in https://docs.gitlab.com/ee/user/project/clusters/add_remove_clusters.html#rbac-cluster-resources