Clusterscoped resources are not cleaned up when monitoring-stack is deleted

[sthaha]

OwnerReferences do not work across namespaces and it equally applies to cluster-scoped resources
See: https://kubernetes.io/docs/concepts/overview/working-with-objects/owners-dependents/#owner-references-in-object-specifications

Cluster-scoped dependents can only specify cluster-scoped owners. In v1.20+, if a cluster-scoped dependent specifies a namespaced kind as an owner, it is treated as having an unresolvable owner reference, and is not able to be garbage collected.

Thus deleting the monitoring-stack will not delete the cluster-roles it creates. A workaround for it is to use finalizers on monitoring-stack and get the reconciler to delete clusterscoped resources before removing the finalizer.

[lihongyan1]

Reproduced the issue with following steps:

1. Install ObO and create monitoringstack example-app-monitoring-stack
2. Delete ObO and delete the monitoringstack example-app-monitoring-stack
3. The following cluster-scoped resources are left on the cluster

• ClusterRole example-app-monitoring-stack-prometheus
• ClusterRoleBinding example-app-monitoring-stack-prometheus