fix: restore missing batch/jobs permissions and add PVC permissions to executor role

[alexAtSourcegraph]

Problem

Customer reported that batch changes are failing with the error:

running command "step.kubernetes.step.0.pre": persistentvolumeclaims is 
forbidden: User "system:serviceaccount:sourcegraph-test:sg-executor" cannot 
create resource "persistentvolumeclaims" in API group "" in the namespace 
"sourcegraph-test"

Solution

Add missing persistentvolumeclaims permissions (create/delete / get / list) that the executor needs for batch change job execution, based on customer's working role configuration.

Checklist

• Follow the manual testing process
• Update changelog (NOT NECESSARY)
• Update Kubernetes update doc (NOT NECESSARY)

Test plan

• Follow the manual testing process

[jdpleiness]

@alexAtSourcegraph thanks for the PR! Would you mind filling in a description on what the intention of this PR is? We have some guidelines here for more info. Thanks 🙏

[jdpleiness]

Just a ping on this, I'm not really sure what the context of this PR is or what it's aimed at accomplishing. See #553 (comment)

[enriquegh]

Hey @jdpleiness sorry for the lull on this. Helping Alex with this PR.

I added some context on what the PR is trying to accomplish. One of our customer's is having an issue when creating batch changes via executors.

Let me know if you have any thoughts/questions.

[enriquegh]

If curious you can see the ticket (ask for Entitle Zendesk Light Agent access)
https://sourcegraph.zendesk.com/agent/tickets/19783

[jdpleiness]

Hey @jdpleiness sorry for the lull on this. Helping Alex with this PR.

I added some context on what the PR is trying to accomplish. One of our customer's is having an issue when creating batch changes via executors.

Let me know if you have any thoughts/questions.

Thanks for filling in the details 🙏