Add a role for Data Science Pipelines end user

[DharmitD]

Description

Adding a role for the DSP end user to utlize for long term programmatic access.

How Has This Been Tested?

• Deploy DSPO and create a DSPA instance
• Create a ServiceAccount in a different namespace. Here's an example:

kind: ServiceAccount
apiVersion: v1
metadata:
  name: test-dsp-service-account
  namespace: test-dspa-sa

• Create a RoleBinding that binds the role defined in this PR, in the same namespace as the DSPA instance. Reference the SA in this RoleBinding. Here's a sample RoleBinding that can be applied:

kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: ds-pipeline-user-access-sample
  namespace: <same-namespace-as-DSP-instance>
subjects:
  - kind: ServiceAccount
    name: test-dsp-service-account
    namespace: test-dspa-sa
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: ds-pipeline-user-access-sample

• Create a token for this SA:
  export SA_TOKEN=$(oc sa new-token test-dsp-service-account -n test-dspa-sa)

• Curl to the Pipelines API Server using this token and the UI route:
  ROUTE=$(oc get route ds-pipeline-ui-sample --template={{.spec.host}})

curl -H "Authorization: Bearer ${SA_TOKEN}" https://${ROUTE}/apis/v1beta1/pipelines

You should find the demo pipeline listed out with it's specifications.

Merge criteria:

• The commits are squashed in a cohesive manner and have meaningful messages.
• Testing instructions have been added in the PR body (for PRs involving changes that are not immediately obvious).
• The developer has manually tested the changes and verified that the changes work

[HumairAK]

Tested with quay.io/opendatahub/data-science-pipelines-operator:pr-112

Works as described, gained access with an SA in a different namespace that previously did not have access after creating the rolebinding as described in OP.

/lgtm
/approve

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: HumairAK

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [HumairAK]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment