ServiceMonitor RBAC for authenticated metrics endpoints

Add additional permission to allow Prometheus in OCP
to access authenticated metrics without HTTP 500 errors.

Author: anik120

deploy/chart/templates/0000_90_olm_00-service-monitor.yaml

@@ -87,4 +87,27 @@ rules:
   - get
   - list
   - watch
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: operator-lifecycle-manager-metrics-reader
+rules:
+- nonResourceURLs:
+  - "/metrics"
+  verbs:
+  - get
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: operator-lifecycle-manager-metrics-reader
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: operator-lifecycle-manager-metrics-reader
+subjects:
+- kind: ServiceAccount
+  name: prometheus-k8s
+  namespace: {{ .Values.monitoring.namespace }}
 {{ end }}