Shellcheck is a linter for shell scripts. Since we have quite a few of
those for release packaging and examples, we'll benefit from an extra
set of (robot) eyes.
Note: I disabled https://github.com/koalaman/shellcheck/wiki/Sc2086 to
make this PR smaller. That specific check is for the most frequent
mistake in our scripts - not quoting env var expansions. I'll do a
separate PR cleaning those up.
`build.assets/pkg` is no longer used and was removed.
This script is similar to `examples/gke-auth/get-kubeconfig.sh` but
should work for any k8s setup.
It uses a service account bearer token for authentication instead of TLS
key/cert. These tokens shouldn't expire and are more appropriate for
automation. It also fetches the CA cert from the service account secret,
which is more reliable than assuming a `kube-dns` pod exists in the
cluster.
In addition, this script sets up the needed k8s RBAC objects for
impersonation, saving the user a few extra steps.