Bump authn-k8s, conjur-api-go, summon and other dependencies

[szh]

Desired Outcome

• Use the latest versions of conjur-authn-k8s-client with support for JWT and tracing.
• Use the latest version of other dependencies.

Implemented Changes

• Updated versions of dependencies
• Modified internal/providers/conjur/provider.go to use the new authn flow that supports JWT
• Added go:build ignore flags to sample CRD go files to avoid compilation errors. These files are provided for documentation purposes and are not meant to be compiled with the project.

Connected Issue/Story

CyberArk internal issue link: ONYX-16170

Definition of Done

• Using latest version of cyberark dependencies
• All tests pass

Changelog

• The CHANGELOG has been updated, or
• This PR does not include user-facing changes and doesn't require a
  CHANGELOG update

Test coverage

• This PR includes new unit and integration tests to go with the code
  changes, or
• The changes in this PR do not require tests

Documentation

• Docs (e.g. READMEs) were updated in this PR
• A follow-up issue to update official docs has been filed here: insert issue ID
• This PR does not require updating any documentation

Behavior

• This PR changes product behavior and has been reviewed by a PO, or
• These changes are part of a larger initiative that will be reviewed later, or
• No behavior was changed with this PR

Security

• Security architect has reviewed the changes in this PR,
• These changes are part of a larger initiative with a separate security review, or
• There are no security aspects to these changes

[tzheleznyak]

LGTM

[szh]

Waiting to update until new authn-k8s-client is released

[diverdane]

Looks great!!! Thanks to you and @tzheleznyak for getting this moving along!
A couple of suggestions, but your call on those.

[diverdane]

Since you're making changes in this section of the code... This may be a personal preference sort of thing, but instead of using a but instead of bunch of if...if-else...if-else statements, we could use a switch:

switch {
case provider.Username != "" && provider.APIKey != "":
    // Conjur provider using API key. Do stuff
case tokenFile != "":
    // Conjur provider using access token. Do stuff
case provider.AuthnURL != "" && strings.Contains(provider.AuthnURL, "authn-k8s"):
    // Conjur provider using authenticator. Do stuff
default:
    // Return error
}

For me, the switch is easier to see what's going on, but your call, don't want to hold up on this.

[szh]

Looking at the Effective Go style guide:

It's therefore possible—and idiomatic—to write an if-else-if-else chain as a switch

So I'll make this change

[diverdane]

Nice, it's much easier to read!

[diverdane]

I'm wondering if we should include a CHANGELOG.md entry to say that we bumped K8s API version to 1.23.
This might be considered a user-facing change, since it affects in which Kubernetes clusters the SP can be run.
(Although this may only affect users who are using CRD/CRs to configure the SP... since I think that's why we're depending on Kubernetes API client and machinery?).

[szh]

I believe it only affect CRDs

[diverdane]

Nice work. These K8s updates are always so tricky.

[codeclimate]

Code Climate has analyzed commit 5adc53c and detected 1 issue on this pull request.

Here's the issue category breakdown:

Category	Count
Style	1

The test coverage on the diff in this pull request is 100.0% (50% is the threshold).

This pull request will bring the total coverage in the repository to 54.8% (0.0% change).

View more on Code Climate.

[diverdane]

LGTM!!!

[diverdane]

Nice, it's much easier to read!