CloudServiceAccountRequestController should recreate secret if deleted

[wtrocki]

If MSAR deleted then-secret should be deleted.
If Secret is deleted then the MSAR controller recreates that.

We should remove the service account in MAS-SSO

[secondsun]

@pmuir Since we are limiting users to two serviceaccounts, should we delete the service account also now too?

[pmuir]

I don't think this temporary limitation on service accounts should change our logic.

[wtrocki]

So we will be increasing limits to more than 2 per user after some time?
We have issue to improve error message for limits in #174
In the error message we probably need to send URL for users to remove them, but I found that if we keep limit for 2 then there is very little margin for users even in eval phase. If someone does something wrong in the namespace usually we would ask them to try again in the other namespace, but in this situation this will be another service account (probably hitting the limit).

If we would get 3-4 service accounts per user we could avoid possible problems.
When working on summit we could simply tell someone to remove resource and try again. But if service account stays then we need to redirect them to UI to remove them etc. (more convoluted flow)

[wtrocki]

Ok. Creating separate issue to provide troubleshooting documentation. Aka your Own Kafka with 2 service accounts help :D

[wtrocki]

This is on hold for long time and is causing bug when resource is deleted making it hard to cleanup things.