Created attachment 1976389 [details]
ssp operator rules

Description of problem: With CNV-v4.14.0.rhel9-1274, for ssp operator we are seeing global permission set for multiple rules. Since https://issues.redhat.com/browse/CNV-24031 is now closed, opening this bug to track the current failures.


Version-Release number of selected component (if applicable):
CNV-v4.14.0.rhel9-1274

How reproducible:
100%

Steps to Reproduce:
1. Check csv.spec.install.spec.clusterPermissions for ssp-operator
2.
3.

Actual results:
================
- apiGroups:
  - '*'
  resources:
  - persistentvolumeclaims
  verbs:
  - '*'
- apiGroups:
  - '*'
  resources:
  - secrets
  verbs:
  - '*'
- apiGroups:
  - cdi.kubevirt.io
  resources:
  - datavolumes
  verbs:
  - '*'
  - create
  - delete
  - get
  - list
  - patch
  - update
  - watch
- apiGroups:
  - kubevirt.io
  resources:
  - virtualmachines/finalizers
  verbs:
  - '*'
===============

Expected results:
No global permission for ssp operator should be present.

Additional info: