From c3c413f0d14760a274e6d66fb8b06ef40e6dd0be Mon Sep 17 00:00:00 2001
From: Felix Kunde <felix-kunde@gmx.de>
Date: Tue, 25 Feb 2020 12:58:20 +0100
Subject: [PATCH] fix deletion on conflict resolution

---
 pkg/controller/postgresql.go | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/pkg/controller/postgresql.go b/pkg/controller/postgresql.go
index 6cf3e36b7..6a850a339 100644
--- a/pkg/controller/postgresql.go
+++ b/pkg/controller/postgresql.go
@@ -508,6 +508,14 @@ func (c *Controller) submitRBACCredentials(event ClusterEvent) error {
 		return fmt.Errorf("could not create pod service account %q : %v", c.opConfig.PodServiceAccountName, err)
 	}
 
+	// create role only if binding references a role
+	// if not role is empty and we rely on an existing cluster role
+	if c.PodServiceAccountRole != nil {
+		if err := c.createRole(namespace); err != nil {
+			return fmt.Errorf("could not create role %q : %v", c.PodServiceAccountRole.Name, err)
+		}
+	}
+
 	if err := c.createRoleBindings(namespace); err != nil {
 		return fmt.Errorf("could not create role binding %q : %v", c.PodServiceAccountRoleBinding.Name, err)
 	}