kubie ctx needs cluster admin role

[nextsux]

It's unable to enter context which is scopet only to one namespace:

kubie ctx gitlab@cluster
Error: Error calling kubectl: Error from server (Forbidden): namespaces is forbidden: User "system:serviceaccount:klum:gitlab cannot list resource "namespaces" in API group "" at the cluster scope

where gitlab@cluster has role like this:

rules:
- apiGroups:
  - ""
  - extensions
  - apps
  resources:
  - '*'
  verbs:
  - '*'
- apiGroups:
  - batch
  resources:
  - jobs
  - cronjobs
  verbs:
  - '*'

[sbstp]

Hmm I didn't think of this use case. I use kubectl get namespaces to verify that the namespaces are valid. In this case the user cannot list namespaces. I could turn the namespace error into a warning such as Warning: could not verify if namespace exists when you enter a namespace or context.

If there's a way of verifying if a user has access to a namespace without listing them it could work also, but I'm not aware of such a feature.

[nextsux]

Oh I see, I was wondering why you need that. I do not know about about other way either. But I think warning should be enough.

[mory91]

For example in our company, different teams have access to certain namespaces and there are a few people who have access to the whole cluster.
To implement this, we can do kubectl get namespace sample-ns and if this doesn't return error we know the user has access to the namespace.

[sbstp]

Hey, I think #60 will help with this. You can disable namespace checking completely.