namespaces: give SAs access to get pod/status

Service Accounts need to be able to `get` `pod/status`.

`warnet run SCENARIO --debug` does use `wait_for_pod` which calls `read_namespaced_pod_status` which
is likely where we were running into the permissions issue.

Author: mplsgrant

resources/charts/namespaces/values.yaml

@@ -19,7 +19,7 @@ roles:
         resources: ["persistentvolumeclaims", "namespaces"]
         verbs: ["get", "list"]
       - apiGroups: [""]
-        resources: ["events"]
+        resources: ["events", "pods/status"]
         verbs: ["get"]
   - name: pod-manager
     rules:
@@ -36,5 +36,5 @@ roles:
         resources: ["persistentvolumeclaims", "namespaces"]
         verbs: ["get", "list"]
       - apiGroups: [""]
-        resources: ["events"]
-        verbs: ["get"]
+        resources: ["events", "pods/status"]
+        verbs: ["get"]