Bug: ApiToken secret is not cleaned up

[Starefossen]

ApiToken secret is not cleaned up when the ApiToken is deleted. Most likely due to
missing controller reference.

[Starefossen]

https://kubernetes.io/docs/concepts/overview/working-with-objects/owners-dependents/

[Starefossen]

How we do it for other resources:

unleasherator/pkg/resources/unleash.go

Line 71 in daeb2ff

if err := ctrl.SetControllerReference(unleash, serviceMonitor, scheme); err != nil {

[Reasonable-Solutions]

We have two cases, one case for instanceSecrets that do have an controller reference since they live in the same namespace and one for the operatorInstanceSecrets who live in another namespace and thus cannot have a controller reference.

I guess what we should do here is to add the apitoken-secret deletion to the finalizeroperations on the apitoken itself. Right?

[Starefossen]

The ApiToken secret can have a controller reference since it is stored in the same namespace as the ApiToken CRD resource itself.

What is needed in the finalizer operation is deleting the actual client from the Unleash instance.