chore: add permissions to the admission controller

Signed-off-by: ShutingZhao <[email protected]>

scripts/config/standard/kyverno.yaml

@@ -4,6 +4,24 @@ features:
   omitEvents:
     eventTypes: []
 
+admissionController:
+  extraArgs:
+    v: 4
+  rbac:
+    clusterRole:
+      extraResources:
+        - apiGroups:
+            - '*'
+          resources:
+            - secrets
+          verbs:
+            - create
+            - update
+            - patch
+            - delete
+            - get
+            - list
+
 backgroundController:
   extraArgs:
     v: 4

test/conformance/chainsaw/generate/foreach/clusterpolicy/clone/sync/cpol-clone-list-sync-delete-source/1-1-policy.yaml

@@ -36,7 +36,6 @@ spec:
               - foreach-cpol-clone-list-sync-delete-source-target-ns-1
           apiVersion: v1
           kind: Secret
-          name: cloned-secret-{{ elementIndex }}-{{ ns }}
           namespace: '{{ ns }}'
           cloneList:
             kinds:

test/conformance/chainsaw/generate/foreach/clusterpolicy/clone/sync/cpol-clone-list-sync-delete-source/README.md

@@ -1,11 +1,11 @@
 ## Description
 
-This is a corner case test to ensure the corresponding downstream target is deleted when its trigger is deleted, for a generate cloneList type of policy.
+This test ensures the corresponding downstream target is deleted when its trigger is deleted, for a generate foreach cloneList type of policy.
 
 ## Expected Behavior
 
-If the downstream resources `mysecret-1` and `mysecret-2` are remained in the namespace `cpol-clone-list-sync-delete-source-trigger-ns-2`, the test passes. If not, the test fails.
+If the downstream resources `mysecret-1` is remained in the namespace `cpol-clone-list-sync-delete-source-trigger-ns-1`, the test fails. If not, the test passes.
 
 ## Reference Issue(s)
 
-https://github.com/kyverno/kyverno/issues/7535
+https://github.com/kyverno/kyverno/issues/3542