While assessing the multi-namespace installation mode, we've identified OLM generates roles and rolebindings in the copied CSV's namespace. However, we observe that the corresponding service account isn't created in that namespace, and rolebindings still reference service accounts in the original CSV's namespace. This behavior appears to be a potential bug rather than an intended feature. Additionally, it would be beneficial to enhance ClusterRole bindings to support multiple entries of service accounts, enabling more comprehensive and flexible management of operators across diverse namespaces. We kindly request your attention to these observations and consider them as potential issues to be addressed.

4.14

always

1. Install an operator which support multinamespace install mode.
2. Add a additional namespace in the operator group.

1. OLM exclusively generates roles and role bindings in the new namespace where the CSV was duplicated.
2. It maintains references to the original namespace's service accounts within the role bindings of the new namespace, rendering them unusable.

1. OLM should also generate the service account in the additional namespace where the CSV is copied.
2. OLM should ensure that rolebindings reference the appropriate service accounts within their respective namespaces.
3. OLM should refers the service accounts of all targeted namespaces in the clusterrolebindings.