[release-4.15] MULTIARCH-4084: Reduce the policy access scope to specific instance

[Neha-dot-Yadav]

This is a cherry-pick of #3491

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: Neha-dot-Yadav
Once this PR has been reviewed and has the lgtm label, please assign sjenning for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[openshift-ci-robot]

@Neha-dot-Yadav: This pull request references MULTIARCH-4084 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the bug to target the "4.15.0" version, but no target version was set.

In response to this:

What this PR does / why we need it:
This PR reduces the permission access scope to Service Instance for various CRs.

Which issue(s) this PR fixes (optional, use fixes #<issue_number>(, fixes #<issue_number>, ...) format, where issue_number might be a GitHub issue, or a Jira story:
Fixes #https://issues.redhat.com/browse/MULTIARCH-4084

Checklist

• Subject and description added to both, commit and PR.
• Relevant issues have been referenced.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[Neha-dot-Yadav]

/assign @dharaneeshvrd

[Neha-dot-Yadav]

/test e2e-aws

[dharaneeshvrd]

Please comment, why it needs to be after the resources created

[Neha-dot-Yadav]

Added a comment,
please let me know if it is understandable?

[dharaneeshvrd]

Any reason to move this after deleteCOS?

[Neha-dot-Yadav]

Yes, deleteSecrets needs powerVsCloudInstanceID value, which it is getting from the code after deleteCOS.

[dharaneeshvrd]

Suggested change

	func deleteSecrets(name, namespace, CloudInstanceID string, accountID string, resourceGroupID string) error {
	func deleteSecrets(name, namespace, cloudInstanceID string, accountID string, resourceGroupID string) error {

[dharaneeshvrd]

Its good practice to use templating here.

[Neha-dot-Yadav]

Added the provision to use templating,
please let me know, if any further changes are required?

[openshift-ci-robot]

@Neha-dot-Yadav: No Jira issue is referenced in the title of this pull request.
To reference a jira issue, add 'XYZ-NNN:' to the title of this pull request and request another refresh with /jira refresh.

In response to this:

What this PR does / why we need it:
This PR reduces the permission access scope to Service Instance for various CRs.

Which issue(s) this PR fixes (optional, use fixes #<issue_number>(, fixes #<issue_number>, ...) format, where issue_number might be a GitHub issue, or a Jira story:
Fixes #https://issues.redhat.com/browse/MULTIARCH-4084

Checklist

• Subject and description added to both, commit and PR.
• Relevant issues have been referenced.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[openshift-ci]

@Neha-dot-Yadav: all tests passed!

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

[openshift-ci-robot]

@Neha-dot-Yadav: This pull request references MULTIARCH-4084 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the bug to target the "4.15.0" version, but no target version was set.

In response to this:

What this PR does / why we need it:
This PR reduces the permission access scope to Service Instance for various CRs.

Which issue(s) this PR fixes (optional, use fixes #<issue_number>(, fixes #<issue_number>, ...) format, where issue_number might be a GitHub issue, or a Jira story:
Fixes #https://issues.redhat.com/browse/MULTIARCH-4084

Checklist

• Subject and description added to both, commit and PR.
• Relevant issues have been referenced.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[openshift-ci-robot]

@Neha-dot-Yadav: This pull request references MULTIARCH-4084 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the bug to target the "4.15.0" version, but no target version was set.

In response to this:

This is a cherry-pick of #3491

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.