fix(tools): replace promql.exec with metrics-data.read (#53)

The actual permission needed is `metrics-data.read`.

Author: tembleking

README.md

@@ -110,82 +110,82 @@ The server dynamically filters the available tools based on the permissions asso
 
 - **`kubernetes_list_clusters`**
   - **Description**: Lists the cluster information for all clusters or just the cluster specified.
-  - **Required Permission**: `promql.exec`
+  - **Required Permission**: `metrics-data.read`
   - **Sample Prompt**: "List all kubernetes clusters" or "Show me info for cluster 'production-gke'"
 
 - **`kubernetes_list_nodes`**
   - **Description**: Lists the node information for all nodes, all nodes from a cluster or just the node specified.
-  - **Required Permission**: `promql.exec`
+  - **Required Permission**: `metrics-data.read`
   - **Sample Prompt**: "List all kubernetes nodes in the cluster 'production-gke'" or "Show me info for node 'node-123'"
 
 - **`kubernetes_list_workloads`**
   - **Description**: Lists all the workloads that are in a particular state, desired, ready, running or unavailable. The LLM can filter by cluster, namespace, workload name or type.
-  - **Required Permission**: `promql.exec`
+  - **Required Permission**: `metrics-data.read`
   - **Sample Prompt**: "List all desired workloads in the cluster 'production-gke' and namespace 'default'"
 
 - **`kubernetes_list_pod_containers`**
   - **Description**: Retrieves information from a particular pod and container.
-  - **Required Permission**: `promql.exec`
+  - **Required Permission**: `metrics-data.read`
   - **Sample Prompt**: "Show me info for pod 'my-pod' in cluster 'production-gke'"
 
 - **`kubernetes_list_cronjobs`**
   - **Description**: Retrieves information from the cronjobs in the cluster.
-  - **Required Permission**: `promql.exec`
+  - **Required Permission**: `metrics-data.read`
   - **Sample Prompt**: "List all cronjobs in cluster 'prod' and namespace 'default'"
 
 - **`troubleshoot_kubernetes_list_top_unavailable_pods`**
   - **Description**: Shows the top N pods with the highest number of unavailable or unready replicas in a Kubernetes cluster, ordered from highest to lowest.
-  - **Required Permission**: `promql.exec`
+  - **Required Permission**: `metrics-data.read`
   - **Sample Prompt**: "Show the top 20 unavailable pods in cluster 'production'"
 
 - **`troubleshoot_kubernetes_list_top_restarted_pods`**
   - **Description**: Lists the pods with the highest number of container restarts in the specified scope (cluster, namespace, workload, or individual pod). By default, it returns the top 10.
-  - **Required Permission**: `promql.exec`
+  - **Required Permission**: `metrics-data.read`
   - **Sample Prompt**: "Show the top 10 pods with the most container restarts in cluster 'production'"
 
 - **`troubleshoot_kubernetes_list_top_400_500_http_errors_in_pods`**
   - **Description**: Lists the pods with the highest rate of HTTP 4xx and 5xx errors over a specified time interval, allowing filtering by cluster, namespace, workload type, and workload name.
-  - **Required Permission**: `promql.exec`
+  - **Required Permission**: `metrics-data.read`
   - **Sample Prompt**: "Show the top 20 pods with the most HTTP errors in cluster 'production'"
 
 - **`troubleshoot_kubernetes_list_top_network_errors_in_pods`**
   - **Description**: Shows the top network errors by pod over a given interval, aggregated by cluster, namespace, workload type, and workload name. The result is an average rate of network errors per second.
-  - **Required Permission**: `promql.exec`
+  - **Required Permission**: `metrics-data.read`
   - **Sample Prompt**: "Show the top 10 pods with the most network errors in cluster 'production'"
 
 - **`troubleshoot_kubernetes_list_count_pods_per_cluster`**
   - **Description**: List the count of running Kubernetes Pods grouped by cluster and namespace.
-  - **Required Permission**: `promql.exec`
+  - **Required Permission**: `metrics-data.read`
   - **Sample Prompt**: "List the count of running Kubernetes Pods in cluster 'production'"
 
 - **`troubleshoot_kubernetes_list_underutilized_pods_by_cpu_quota`**
   - **Description**: List Kubernetes pods with CPU usage below 25% of the quota limit.
-  - **Required Permission**: `promql.exec`
+  - **Required Permission**: `metrics-data.read`
   - **Sample Prompt**: "Show the top 10 underutilized pods by CPU quota in cluster 'production'"
 
 - **`troubleshoot_kubernetes_list_underutilized_pods_by_memory_quota`**
   - **Description**: List Kubernetes pods with memory usage below 25% of the limit.
-  - **Required Permission**: `promql.exec`
+  - **Required Permission**: `metrics-data.read`
   - **Sample Prompt**: "Show the top 10 underutilized pods by memory quota in cluster 'production'"
 
 - **`troubleshoot_kubernetes_list_top_cpu_consumed_by_workload`**
   - **Description**: Identifies the Kubernetes workloads (all containers) consuming the most CPU (in cores).
-  - **Required Permission**: `promql.exec`
+  - **Required Permission**: `metrics-data.read`
   - **Sample Prompt**: "Show the top 10 workloads consuming the most CPU in cluster 'production'"
 
 - **`troubleshoot_kubernetes_list_top_cpu_consumed_by_container`**
   - **Description**: Identifies the Kubernetes containers consuming the most CPU (in cores).
-  - **Required Permission**: `promql.exec`
+  - **Required Permission**: `metrics-data.read`
   - **Sample Prompt**: "Show the top 10 containers consuming the most CPU in cluster 'production'"
 
 - **`troubleshoot_kubernetes_list_top_memory_consumed_by_workload`**
   - **Description**: Lists memory-intensive workloads (all containers).
-  - **Required Permission**: `promql.exec`
+  - **Required Permission**: `metrics-data.read`
   - **Sample Prompt**: "Show the top 10 workloads consuming the most memory in cluster 'production'"
 
 - **`troubleshoot_kubernetes_list_top_memory_consumed_by_container`**
   - **Description**: Lists memory-intensive containers.
-  - **Required Permission**: `promql.exec`
+  - **Required Permission**: `metrics-data.read`
   - **Sample Prompt**: "Show the top 10 containers consuming the most memory in cluster 'production'"
 
    ## Requirements
@@ -244,11 +244,12 @@ To use the MCP server tools, your API token needs specific permissions in Sysdig
 
 **Permissions Mapping:**
 
-| Permission | Sysdig UI Permission Name |
-|------------|---------------------------|
-| `policy-events.read` | Threats: "Policy Events" (Read) |
-| `sage.exec` | SysQL: "AI Query Generation" (EXEC) |
-| `risks.read` | Risks: "Access to risk feature" (Read) |
+| Permission           | Sysdig UI Permission Name                   |
+|----------------------|---------------------------------------------|
+| `metrics-data.read`  | Data Access Settings: "Metrics Data" (Read) |
+| `policy-events.read` | Threats: "Policy Events" (Read)             |
+| `risks.read`         | Risks: "Access to risk feature" (Read)      |
+| `sage.exec`          | SysQL: "AI Query Generation" (Exec)         |
 
 **Additional Permissions:**