*: remove --insecure-allow-any-token option

e2e and integration tests have been switched over to the tokenfile authenticator instead. ```release-note The --insecure-allow-any-token flag has been removed from kube-apiserver. Users of the flag should use impersonation headers instead for debugging. ```
2025-09-17 15:13:08 +00:00 · 2017-07-17 15:59:15 -07:00
parent ebf24c14a9
commit e2f2ab67f2
16 changed files with 55 additions and 212 deletions
--- a/hack/make-rules/test-federation-cmd.sh
+++ b/hack/make-rules/test-federation-cmd.sh
@@ -43,7 +43,7 @@ function run_federation_apiserver() {
    --etcd-servers="http://${ETCD_HOST}:${ETCD_PORT}" \
    --storage-media-type="${KUBE_TEST_API_STORAGE_TYPE-}" \
    --cert-dir="${TMPDIR:-/tmp/}" \
-    --insecure-allow-any-token 1>&2 &
+    --token-auth-file=hack/testdata/auth-tokens.csv 1>&2 &
  APISERVER_PID=$!

  kube::util::wait_for_url "http://127.0.0.1:${API_PORT}/healthz" "apiserver"