conditionally assign some of sensitive RBAC permissions to operator clusterrole

[rksharma95]

Feature Request

Short Description

some of the RBAC permissions assigned to the operator clusterrole are not required in all the cases. For example, update and patch permissions for deployments, statefulsets, daemonsets and replicasets are not needed if flag annotateResources is set to false.

KubeArmor/KubeArmor/config/config.go

Line 165 in b88c8f5

annotateResources := flag.Bool(ConfigAnnotateResources, false, "for kubearmor deployment without kubearmor-controller")

these permissions should be assigned conditionally only when required.

Describe the solution you'd like

have a helm config to assign annotateResources with kubearmor-operator helm chart and use that value to conditionally assign RBAC permissions.

Describe alternatives you've considered

A description of any alternative solutions or features you've considered. E.g, Alternatively, KubeArmor could shower flower petals on alien invaders and win their hearts with humanity.