All the controllers should use context for signalling termination of communication with API server. Once kcm cancels context all the cert controllers which are started via kcm should cancel the APIServer request in flight instead of hanging around.
The functionality to bootstrap node certificates is ready but is blocked
by a seperable issue discussed in:
https://github.com/kubernetes/community/pull/1982. The functionality
could be useful for power users who want to write their own approvers if
the feature could be promoted to beta. In it's current state this
feature doesn't help anybody.
I propose that we remove automated approval of node serving certificates
for now and work towards getting the node functionality to beta.
Automatic merge from submit-queue (batch tested with PRs 49615, 49321, 49982, 49788, 50355)
csr: add resync to csr approver
fixes https://github.com/kubernetes/kubernetes/issues/49787
```release-note
Fix an issue where if a CSR is not approved initially by the SAR approver is not retried.
```
