Add bootstrap token support

[anson627]

This pull request adds support for using Kubernetes bootstrap tokens as a new authentication method for AKS Flex Node, alongside existing Azure Arc and Service Principal options. It updates documentation, configuration validation, the kubelet installer logic, and tests to fully support this new deployment path. The changes make it easier to deploy AKS Flex Nodes in dynamic, hyperscale environments with minimal dependencies.

Key changes include:

Documentation Updates

• Added a comprehensive guide for deploying AKS Flex Node using bootstrap tokens to docs/usage.md, including setup steps, configuration, RBAC, troubleshooting, and a comparison table with Arc and Service Principal methods. [1] [2] [3]

Configuration and Validation

• Introduced a regex pattern and validation logic for bootstrap tokens in pkg/config/config.go. Updated the main configuration validator to ensure only one authentication method (Arc, Service Principal, Managed Identity, or Bootstrap Token) is enabled at a time, and that bootstrap tokens match the required format. [1] [2] [3]

Kubelet Installer Logic

• Updated pkg/components/kubelet/kubelet_installer.go to:
  • Detect and handle bootstrap token authentication, generating a kubeconfig file that uses the token if configured.
  • Skip token script creation for bootstrap tokens (not needed).
  • Add --rotate-certificates=true to kubelet flags for automatic client certificate rotation. [1] [2] [3] [4] [5]

Tests

• Extended configuration loading and validation tests in pkg/config/config_test.go to cover bootstrap token scenarios and ensure correct mutual exclusivity with other authentication methods. [1] [2] [3]