Dashboard pod is not allowed to create secrets

Somehow we missed this in testing, but when you run flask cli app install <app> on a new cluster, you'll get the following error:

kubernetes.utils.create_from_yaml.FailToCreateError: Error from server (Forbidden): {"kind":"Status","apiVersion":"v1","metadata":{},"status":"Failure","message":"secrets is forbidden: User \"system:serviceaccount:stackspin:dashboard\" cannot create resource \"secrets\" in API group \"\" in the namespace \"flux-system\"","reason":"Forbidden","details":{"kind":"secrets"},"code":403}

See also this job.

The reason: we didn't include create in the following rule for the dashboard clusterrole:

- apiGroups:
  - ""
  resources:
  - secrets
  - configmaps
  verbs:
  - list
  - get
  - patch
  - delete

The solution: we should include create.

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information

Admin message

Dashboard pod is not allowed to create secrets