Allow mounting OAuth token for k8s auth

[jamding]

Is this a BUG REPORT or FEATURE REQUEST?:

Feature Request

What happened:

I am deploying kubeless-function-controller to a non-rbac k8s cluster using webhooks for auth/z. My authz policies reject any non-whitelisted serviceaccounts, and I cannot whitelist the controller-acct serviceaccount nor can I use an existing, whitelisted serviceaccount.

https://github.com/kubeless/kubeless's function controller allows mounting a k8s secret containing a bearer token for authz against k8s. See related issue: https://github.com/kubeless/kubeless/issues/877

What you expected to happen:

Supply a secret or additional mounted file containing the bearer token and use the bearer token for k8s actions instead of using a serviceaccount.

How to reproduce it (as minimally and precisely as possible): Use a webhook for k8s authz which rejects the kubeless service account. Anything else we need to know?:

Environment: Kubernetes version (use kubectl version): Client Version: version.Info{Major:"1", Minor:"11+", GitVersion:"v1.11.1-palantir1", GitCommit:"f31005ab029ab58f05349b193fa2c22bdbe27ad3", GitTreeState:"clean", BuildDate:"2018-07-24T19:50:58Z", GoVersion:"go1.10.3", Compiler:"gc", Platform:"linux/amd64"} Server Version: version.Info{Major:"1", Minor:"11+", GitVersion:"v1.11.1-palantir1", GitCommit:"f31005ab029ab58f05349b193fa2c22bdbe27ad3", GitTreeState:"clean", BuildDate:"2018-07-24T19:46:29Z", GoVersion:"go1.10.3", Compiler:"gc", Platform:"linux/amd64"} Kubeless version (use kubeless version): Kubeless version: v1.0.0-alpha.7 Cloud provider or physical cluster: AWS

[jamding]

Closed by #7