devworkspace-che-role is forbidden when deploying Che with DevWorkspace operator

[l0rd]

Describe the bug

Installation of nightly Che with devworkspace enabled fails.

This is the error message I see in the Che operator logs:

time="2021-03-15T10:01:15Z" level=info msg="Creating a new object: ClusterRole, name devworkspace-che-role"
time="2021-03-15T10:01:16Z" level=error msg="clusterroles.rbac.authorization.k8s.io \"devworkspace-che-role\" is forbidden: user \"system:serviceaccount:workspaces-server:che-operator\" (groups=[\"system:serviceaccounts\" \"system:serviceaccounts:workspaces-server\" \"system:authenticated\"]) is attempting to grant RBAC permissions not currently held:\n{APIGroups:[\"\"], Resources:[\"configmap\"], Verbs:[\"create\" \"delete\" \"get\" \"list\" \"patch\" \"update\" \"watch\"]}\n{APIGroups:[\"apps\"], Resources:[\"deployments/finalizers\"], ResourceNames:[\"devworkspace-che-operator\"], Verbs:[\"update\"]}\n{APIGroups:[\"che.eclipse.org\"], Resources:[\"*\"], Verbs:[\"*\"]}\n{APIGroups:[\"che.eclipse.org\"], Resources:[\"chemanagers\"], Verbs:[\"*\"]}\n{APIGroups:[\"che.eclipse.org\"], Resources:[\"chemanagers/finalizers\"], Verbs:[\"update\"]}\n{APIGroups:[\"che.eclipse.org\"], Resources:[\"chemanagers/status\"], Verbs:[\"get\" \"patch\" \"update\"]}"
time="2021-03-15T10:01:17Z" level=info msg="Removing 'cheWorkspaces.clusterpermissions.finalizers.che.eclipse.org'

Che version

nightly

Steps to reproduce

Deploy Che a fresh OCP 4.7.1 cluster with chectl and a CR patch to enable devworkspace.

Runtime

OpenShift 4.7.1

Installation method

$ chectl version
chectl/0.0.20210314-next.c60bdec darwin-x64 node-v12.21.0
$ cat ./patch.yaml
spec:
  devWorkspace:
    enable: true
$ chectl server:deploy --che-operator-cr-patch-yaml=patch.yaml -p openshift --no-olm-suggested-namespace -n workspaces-server

Environment

OpenShift Dev Cluster