Metrics Operator Lacks Permissions to Create Events

[rouzbehsedighi]

Problem

The metrics-operator is failing to emit Kubernetes events due to missing RBAC permissions. The following error is observed in the logs:

Server rejected event (will not retry!) err="events is forbidden: User \"system:serviceaccount:metrics-operator:metrics-operator\" cannot create resource \"events\" in API group \"\" in the namespace \"metrics-operator\""

This error occurs when the controller tries to emit an event like:

event="&Event{
  Reason: MetricAvailable,
  Message: metric is monitoring resource 'helm.crossplane.io/v1beta1, Kind=Release',
  InvolvedObject: {Kind: ManagedMetric, Namespace: metrics-operator, Name: managed-metric, ...}
  ...
}"

Root cause

The metrics-operator service account does not have the necessary RBAC permissions to create events in the metrics-operator namespace.