All of the CRC pipelines used to be located under the 'crc-pipelines' namespace on appsrep05ue1 and appsrep09ue1 clusters.

There was a service account named 'rhdh-pipelines-bot' in this namespace that had read access within the namespace. Now that the namespace is gone, we need to determine a new home for the SA to live in, and then update this role:

https://gitlab.cee.redhat.com/service/app-interface/-/merge_requests/131136/diffs#34c917851c633299abb577f874acf20b2cf2a33e_10_10

Once the new service account is determined, we need to update the cluster kubernetes token here in vault: https://gitlab.cee.redhat.com/service/app-interface/-/blob/master/resources/services/backstage/stage/backstage-env-vars.secret.yml?ref_type=heads#L32-33 

We can fetch the token for the new SA with:

oc project <project where SA resides>
oc describe sa <name of SA> | grep 'Tokens:' | awk '{print $2}' | xargs oc describe secret | grep 'token:' | awk '{print $2}'

Finally, appstage-lib needs to be updated. We are only adding annotations to a component if we see that its pipelinesProvider is based in the 'crc-pipelines' namespace (which no longer exists:
https://gitlab.cee.redhat.com/hcm-engprod/appstage-lib/-/blob/main/src/mappers/componentMapper.ts#L178 

Probably the best approach is to instead filter for clusters which we know RHDH has access to (appsrep09ue1) and add annotations for all the pipelines we find located on an "accessible cluster", an MR to get started with (that needs testing and cleaning up) is here: https://gitlab.cee.redhat.com/hcm-engprod/appstage-lib/-/merge_requests/37