feat: add oidc's auth provider

[snappyyouth]

#3662

What is the problem you're trying to solve
I will like to add support to scheduler such that also clusters that use oidc authentication will work.
webhook-manager belike:

controller-manager belike:

scheduler belike:

Describe the solution you'd like
add oidc's auth provider in the /cmd/scheduler/main.go /cmd/webhook-manager/main.go /cmd/controller-manager/main.go

_ "k8s.io/client-go/plugin/pkg/client/auth"

Arfter adding, all the comment running expectedly.

controller-manager belike:

scheduler belike:

[volcano-sh-bot]

Welcome @snappyyouth!

It looks like this is your first PR to volcano-sh/volcano.

Thank you, and welcome to Volcano. 😃

[lowang-bh]

/ok-to-test

[Monokaix]

The image in description is missing: )

[snappyyouth]

The image in description is missing: )

thx for the reminder.I has supplemented some images in the description .

[Monokaix]

/lgtm

[hwdef]

Will it have any impact on the current usage, or output more error logs without using oidc?

[snappyyouth]

Will it have any impact on the current usage, or output more error logs without using oidc?

Sorry, I don't quite understand what you mean?
It have nothing impact on the current usage.
In current production, we must configure the config file through oidc auditing. Without oidc, all volcano components cannot run.
In addition, with the continuous practice of K8S, auditing operations is a trend, and I think it is necessary to add oidc authentication.

[hwdef]

Will it have any impact on the current usage, or output more error logs without using oidc?

Sorry, I don't quite understand what you mean? In current production, we must configure the config file through oidc auditing. Without oidc, all volcano components cannot run. In addition, with the continuous practice of K8S, auditing operations is a trend, and I think it is necessary to add oidc authentication.

I mean if i don't use oidc. Will this change cause any confusion for me?
I briefly checked the code and found that if init fails, an error will be print.

https://github.com/kubernetes/client-go/blob/71959c526d543a5e4c3ca6fb808f535c2726483f/plugin/pkg/client/auth/oidc/oidc.go#L52

[snappyyouth]

Will it have any impact on the current usage, or output more error logs without using oidc?

Sorry, I don't quite understand what you mean? In current production, we must configure the config file through oidc auditing. Without oidc, all volcano components cannot run. In addition, with the continuous practice of K8S, auditing operations is a trend, and I think it is necessary to add oidc authentication.

I mean if i don't use oidc. Will this change cause any confusion for me? I briefly checked the code and found that if init fails, an error will be print.

https://github.com/kubernetes/client-go/blob/71959c526d543a5e4c3ca6fb808f535c2726483f/plugin/pkg/client/auth/oidc/oidc.go#L52

if you don't use oidc. This change will't cause any confusion for you.

Errors only occur when registering repeatedly.
https://github.com/kubernetes/client-go/blob/71959c526d543a5e4c3ca6fb808f535c2726483f/rest/plugin.go#L66

And when your config didn't use oidc, AuthProvider is nil. The program will skip.
https://github.com/kubernetes/client-go/blob/71959c526d543a5e4c3ca6fb808f535c2726483f/rest/transport.go#L139

All in all, it's completely safe!

[hwdef]

/approve

[volcano-sh-bot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: hwdef

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [hwdef]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment