Story (Required)

OpenShift Pipelines automatically grants the edit ClusterRole to the pipeline ServiceAccount in every namespace where the operator is active. To align with "Least Privilege" security principles, a new parameter legacyPipelineRbac has been introduced in the TektonConfig CRD. We need automated tests to ensure that toggling this parameter correctly controls the creation (or omission) of these RoleBindings in new and existing namespaces.

Done Checklist

• Code is completed, reviewed, documented and checked in
• Unit and integration test automation have been delivered and running cleanly in continuous integration/staging/canary environment
• Continuous Delivery pipeline(s) is able to proceed with new code included
• Customer facing documentation, API docs etc. are produced/updated, reviewed and published
• Acceptance criteria are met