Namespaces are owned by organizations

Source: Developer or CI/CD pipeline
Stimulus: Creates a new namespace or project
Environment: Any APPUiO Zone
Artifact: kubectl, oc, or any other suitable Kubernetes client
Response: Namespace created and belongs to one of the creator’s organizations
Response measure: The organization to which the namespace belongs is granted the admin Role in the new namespace
Rationale: Namespace ownership must not be tied to individuals but to the organization. We consider giving all organization members admin permissions in new namespaces to be a safe default. In contrast to OpenShift’s default for projects of only granting the creator admin permissions, our default prevents that team members are left unable to access a namespace if the namespace creator forgets to adjust the permissions.