kube-rbac-proxy warn about deprecation and future breaking changes

[antonincms]

trafficstars

What do you want to happen?

Since kube-rbac-proxy 0.14.1, it warn that some of the flags that kubebuilder scaffolds are deprecated :

Flag --logtostderr has been deprecated, will be removed in a future release, see https://github.com/kubernetes/enhancements/tree/master/keps/sig-instrumentation/2845-deprecate-klog-specific-flags-in-k8s-components
W0807 14:58:44.167326       1 kube-rbac-proxy.go:152]
==== Deprecation Warning ======================

Insecure listen address will be removed.
Using --insecure-listen-address won't be possible!

The ability to run kube-rbac-proxy without TLS certificates will be removed.
Not using --tls-cert-file and --tls-private-key-file won't be possible!

For more information, please go to https://github.com/brancz/kube-rbac-proxy/issues/187

===============================================
I0807 14:58:44.167366       1 kube-rbac-proxy.go:272] Valid token audiences:
I0807 14:58:44.167421       1 kube-rbac-proxy.go:363] Generating self signed cert as no cert is provided
I0807 14:58:44.947435       1 kube-rbac-proxy.go:414] Starting TCP socket on 0.0.0.0:8443
I0807 14:58:44.947768       1 kube-rbac-proxy.go:421] Listening securely on 0.0.0.0:8443

We could easily remove the --logtostderr=true but I don't know what would be the best solution for --tls-cert-file and --tls-private-key-file that will become mandatory.

I think we could use certificates from cert-manager, but it would make cert-manager required (maybe kube-rbac-proxy could be disabled by default to not force that requirement).