Setup sippy ns, add spiffxp to debug

[spiffxp]

I think there's a mismatch between group name and ns for rbac.

I had commented earlier that the convention to follow is naming the namespace/group after the app in question, instead of the community group responsible for it.

Let's start down that path (and add my non-privileged account to the existing group for troubleshooting)

[hasheddan]

/lgtm

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: hasheddan, spiffxp

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [spiffxp]
• groups/OWNERS [spiffxp]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[spiffxp]

Applied namespace changes

spiffxp@cloudshell:~/k8s.io/infra/gcp/namespaces (kubernetes-public)$ ./ensure-namespaces.sh gke_kubernetes-public_us-central1_aaa

[spiffxp]

Yeah, mismatch between group name and namespace is the problem. This group doesn't exist.

$ k describe rolebindings -n wg-reliability-sippy namespace-user
Name:         namespace-user
Labels:       <none>
Annotations:  <none>
Role:
  Kind:  Role
  Name:  namespace-user
Subjects:
  Kind   Name                                               Namespace
  ----   ----                                               ---------
  Group  k8s-infra-rbac-wg-reliability-sippy@kubernetes.io

I would prefer to correct and rectify with the sippy NS I just created

[spiffxp]

Part of #1900