BUG 1670700: data/data/bootstrap: set metric-ca flags for kube-etcd-signer-server

[hexfusion]

This PR adds metric-signer CA's to kube-etcd-signer-server as part of voyage to etcd metrics by default. The eventual result is the etcd static pod procuring TLS certs with a separate chain of trust vs Peer and Server .

[hexfusion]

could not resolve inputs: could not determine inputs for step [input:root]: could not resolve base image: the server was unable to return a response in the time allotted, but may still be processing the request (get imagestreamtags.image.openshift.io release:golang-1.10)

/test unit

[hexfusion]

/retest

[s-urbaniak]

/approve

As discussed out of band: this, and especially the other corresponding PR https://github.com/openshift/installer/pull/1291/files "just" changes the secret location (and adds a configmap for the CA) of the etcd client secrets/cert. The fact that they are proxied is an opaque fact for the cluster monitoring operator. Note that the CA has to be loaded from a configmap now and the secret location has to be changed in the code that was introduced in openshift/cluster-monitoring-operator#239

[abhinavdahiya]

/lgtm

[openshift-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: abhinavdahiya, hexfusion, s-urbaniak

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• OWNERS [abhinavdahiya]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment