This commit expands the existing credential ID concept to cover X.509
certificates. We use the certificate's signature as the credential ID,
since this safe and unique.
Kubernetes-commit: 2ad2bd8907d979f709cd924af7986be71c31ce12
Service account authorization checks are done frequently and were
observed to perform 7% of allocations on a system running e2e tests.
The allocation comes from when we walk the authorization rules to
find matching service accounts.
Optimize the check for service account names to avoid allocating.
Kubernetes-commit: 4c87a14e6b1809359fcb6566d883a169ff0db259
Anish Ramasekar
Taahir Ahmed
James Munnelly
cici37
Clayton Coleman
Cao Shufeng
Dr. Stefan Schimanski