Remove 'get node' call during bootstrapping

plugin/pkg/auth/authorizer/rbac/bootstrappolicy/policy.go

@@ -244,8 +244,6 @@ func ClusterRoles() []rbac.ClusterRole {
 			// a role to use for bootstrapping a node's client certificates
 			ObjectMeta: metav1.ObjectMeta{Name: "system:node-bootstrapper"},
 			Rules: []rbac.PolicyRule{
-				// used to check if the node already exists
-				rbac.NewRule("get").Groups(legacyGroup).Resources("nodes").RuleOrDie(),
 				// used to create a certificatesigningrequest for a node-specific client certificate, and watch for it to be signed
 				rbac.NewRule("create", "get", "list", "watch").Groups(certificatesGroup).Resources("certificatesigningrequests").RuleOrDie(),
 			},

plugin/pkg/auth/authorizer/rbac/bootstrappolicy/testdata/cluster-roles.yaml

@@ -577,12 +577,6 @@ items:
       kubernetes.io/bootstrapping: rbac-defaults
     name: system:node-bootstrapper
   rules:
-  - apiGroups:
-    - ""
-    resources:
-    - nodes
-    verbs:
-    - get
   - apiGroups:
     - certificates.k8s.io
     resources: