ServiceBinding always says a Secret is available/ready even if Secret isnt present

[gmrodgers]

Bug description

When I create ServiceBinding where:

• the workload is a Pod that exists
• I've provided the correct RBAC for reading service
• the service is a Secret that doesn't exist

I get Ready=True

Expected behaviour

I getReady=False, the service does not exist.

Steps to reproduce the bug

$ kubectl run nginx --image=nginx --restart=Never

$ kapply() { kaf <(echo "$1") } # func for convenience

$ kapply '# iterate-stk-secret-reader.yaml
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: stk-secret-reader
  labels:
    servicebinding.io/controller: "true"
rules:
- apiGroups: [""]
  resources: ["secrets", "pods" ]
  verbs: ["get", "list", "watch"]'

$ kapply 'apiVersion: servicebinding.io/v1beta1
kind: ServiceBinding
metadata:
  name: test-sb
spec:
  name: database
  service:
    apiVersion: v1
    kind: Secret
    name: test
  workload:
    apiVersion: v1
    kind: Pod
    name: nginx'

$ kubectl get secrets        
No resources found in default namespace.

$ kubectl get servicebinding         
NAME      READY   REASON   AGE
test-sb   True    Ready    6m55s

**Version (Tanzu Application Platform version, K8s version) **

Definitely in 0.7.2 of this, unsure what versions are affecred.

Environment where the bug was observed (cloud, OS, etc)

I observed it in Kind