Currently the operator code uses precreated credetnialRequest yaml files bundled at container build, these are normally used with mint mode CCO.
When managed identities support the operator will need to create the secret (bypassing CCO) based on provided values (clientid, tenantid, subid) provided by the user at operator deployment time.

I was guided by CCO team to bypass the redundant CCO usage as instruct here

see the STS support doc