What version of eunomia are you using?

$ kubectl get -n eunomia-operator endpoints/eunomia-operator -o jsonpath='{.subsets[*].addresses[*].targetRef.name}' | xargs -I% kubectl exec -n eunomia-operator % -- curl -sS localhost:8383/metrics | grep eunomia_build_info

eunomia version: v0.1.3

Does this issue reproduce with the latest release?

Yes

What operating system and processor architecture are you using (kubectl version)?

$ kubectl version
Client Version: version.Info{Major:"1", Minor:"15", GitVersion:"v1.15.1", GitCommit:"4485c6f18cee9a5d3c3b4e523bd27972b1b53892", GitTreeState:"clean", BuildDate:"2019-07-18T09:18:22Z", GoVersion:"go1.12.5", Compiler:"gc", Platform:"darwin/amd64"}
Server Version: version.Info{Major:"1", Minor:"17", GitVersion:"v1.17.0", GitCommit:"70132b0f130acc0bed193d9ba59dd186f0e634cf", GitTreeState:"clean", BuildDate:"2019-12-07T21:12:17Z", GoVersion:"go1.13.4", Compiler:"gc", Platform:"linux/amd64"}

What did you do?

Used Eunomia to manage namespace scoped resources without the eunomia-runner-list ClusterRole.

What did you expect to see?

Eunomia to manage namespace scoped resources without logging errors saying it does not have access to list cluster scoped resources.

Eunomia runner jobs should be able to run successfully without logging errors/warnings about permissions for resource kinds it is not trying to manage. Ideally, when Eunomia is trying to determine what resources it should delete, it should only check the resource kinds it has access to provision.

What did you see instead?

The Eunomia runner logged a error for every cluster scoped resource it did not have access to list.

Additional Context
In issue #240 a ClusterRole was added in to hide the Forbidden error logs as a temporary workaround, however this is likely more access than a user would want to provide the Eunomia runner pod, and it has to be a ClusterRoleBinding to prevent the misleading logs.