authn-trust: don't react to target CM updates

If kube-apiservers run at a different version (during upgrades) and
each has different opinion on what the `extension-apiserver-authentication`
config map should look like, they would start dueling with config map
writes.

This commit removes handling of the update events of the target CM
in order to reduce the amount of such dueling to once a minute, as
the controller is guaranteed to run at least once a minute anyway.

The idea is that a cluster state with two different versions of
kube-apiserver should never be permanent, and so a reduced amount of
dueling for that period is tolerable.

Author: stlaz

pkg/controlplane/controller/clusterauthenticationtrust/cluster_authentication_trust_controller.go

@@ -128,9 +128,6 @@ func NewClusterAuthenticationTrustController(requiredAuthenticationData ClusterA
 			AddFunc: func(obj interface{}) {
 				c.queue.Add(keyFn())
 			},
-			UpdateFunc: func(oldObj, newObj interface{}) {
-				c.queue.Add(keyFn())
-			},
 			DeleteFunc: func(obj interface{}) {
 				c.queue.Add(keyFn())
 			},