🐛 Reduce permission for cluster manager and klusterlet

[qiujian16]

Summary

Related issue(s)

Fixes open-cluster-management-io/registration-operator#361

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: qiujian16

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [qiujian16]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Comparison is base (4a1a890) 61.76% compared to head (ea05bb9) 61.73%.
Report is 1 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #325      +/-   ##
==========================================
- Coverage   61.76%   61.73%   -0.04%     
==========================================
  Files         132      132              
  Lines       13989    13992       +3     
==========================================
- Hits         8641     8638       -3     
- Misses       4583     4587       +4     
- Partials      765      767       +2     

Flag	Coverage Δ
unit	61.73% <ø> (-0.04%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[zhiweiyin318]

/lgtm

[sparkEchooo]

Thanks for your reply!
The fixes is effective.
By the way, if it's a real issue and has been fixed, can I get a CVE-number:)
Looking forward to your reply!