Currently the following policy.csv is set to "g, system:cluster-admins, role:admin"

This means when a cluster admin logs into openshift gitops via Dex/SSO they can't really do anything useful, and the errors when they do something like a Sync aren't obvious. A less astute openshift user wouldn't even realize that system:cluster-admin and cluster-admin are different groups.

We should include cluster-admin as well as system:cluster-admin.

This is achievable with the following patch

oc patch argocd openshift-gitops -n openshift-gitops --type=merge -p='{"spec":{"rbac":

{"policy":"g, system:cluster-admins, role:admin\ng, cluster-admins, role:admin\n"}

}}'