grafana fails with rbac errors on startup #44
Description
steps to reproduce
scripts/setup.sh
monitoring/setup.sh
the grafana operator fails to start up the grafana pod itself, and the following error appears in the logs for the operator:
grafana-operator-controller-manager-85c8457c4b-rvgml 2026-01-05T19:14:08.081Z error Reconciler error {"controller": "grafana", "controllerGroup": "grafana.integreatly.org", "controllerKind": "Grafana", "Grafana": {"name":"grafana","namespace":"grafana"}, "namespace": "grafana", "name": "grafana", "reconcileID": "01afe12c-f995-45a0-92e2-1a1f4632f78a", "error": "updating grafana version in spec: grafanas.grafana.integreatly.org \"grafana\" is forbidden: User \"system:serviceaccount:grafana:grafana-operator-controller-manager\" cannot update resource \"grafanas\" in API group \"grafana.integreatly.org\" in the namespace \"grafana\""}
it looks like the out-of-the-box privilege configuration with the official grafana operator is missing the update verb. will write a quick PR to add a service account and role for grafana, similar to what is done in monitoring/prometheus-instance/deploy_prometheus.yaml