fixup! Add oauth env vars

config/rbac/role.yaml

@@ -14,6 +14,20 @@ rules:
   - get
   - list
   - watch
+- apiGroups:
+  - ""
+  resources:
+  - pods
+  verbs:
+  - create
+  - get
+- apiGroups:
+  - apps
+  resources:
+  - deployments
+  verbs:
+  - create
+  - get
 - apiGroups:
   - authentication.k8s.io
   resources:
@@ -36,6 +50,28 @@ rules:
   - get
   - list
   - update
+- apiGroups:
+  - operator.cryostat.io
+  resources:
+  - cryostats
+  verbs:
+  - create
+  - get
+- apiGroups:
+  - operator.cryostat.io
+  resources:
+  - flightrecorders
+  verbs:
+  - get
+- apiGroups:
+  - operator.cryostat.io
+  resources:
+  - recordings
+  verbs:
+  - create
+  - delete
+  - get
+  - patch
 - apiGroups:
   - rbac.authorization.k8s.io
   resources:

internal/controllers/common/resource_definitions/resource_definitions.go

@@ -376,7 +376,6 @@ func NewCoreContainer(cr *operatorv1beta1.Cryostat, specs *ServiceSpecs, imageTa
 				Name:  "CRYOSTAT_AUTH_MANAGER",
 				Value: "io.cryostat.net.OpenShiftAuthManager",
 			},
-			// OpenShift OAuth env vars
 			{
 				Name:  "CRYOSTAT_OAUTH_CLIENT_ID",
 				Value: cr.Name,

internal/test/resources.go

@@ -763,6 +763,14 @@ func NewCoreEnvironmentVariables(minimal bool, tls bool, externalTLS bool, opens
 			Name:  "CRYOSTAT_CLIENTLIB_PATH",
 			Value: "/opt/cryostat.d/clientlib.d",
 		},
+		{
+			Name:  "CRYOSTAT_OAUTH_CLIENT_ID",
+			Value: "cryostat-serviceaccount-name",
+		},
+		{
+			Name:  "CRYOSTAT_OAUTH_ROLE",
+			Value: "cryostat-cluster-role",
+		},
 	}
 
 	if externalTLS {
@@ -871,15 +879,6 @@ func NewDatasourceEnvironmentVariables() []corev1.EnvVar {
 	}
 }
 
-func NewOAuthClientEnvironmentVariables() []corev1.EnvVar {
-	return []corev1.EnvVar{
-		{
-			Name:  "CRYOSTAT_OAUTH_CLIENT_ID",
-			Value: "cryostat",
-		},
-	}
-}
-
 func NewCoreEnvFromSource(tls bool) []corev1.EnvFromSource {
 	envsFrom := []corev1.EnvFromSource{
 		{