/cc @yliaog

kubernetes/client-go#114 is the PR that put the bootstrap tokens under client-go, it seems there were some discussions about where to put them, and there were concerns raised about putting them under client-go.

The requirement is it needs to be accessible from under the following three directories:
k8s.io/kubernetes/cmd/kubeadm/app
k8s.io/kubernetes/pkg/controller/bootstrap
k8s.io/kubernetes/apiserver/plugin/pkg/authenticator/token/bootstrap

May I suggest to create another staging directory for them, something like:
staging/src/k8s.io/kubeadm/bootstrap/token/

kubeadm uses the bootstrap token authentication mechanism, but it does not belong to kubeadm. in particular, k8s.io/kubernetes/apiserver will not have kubeadm as a dependency.

of those locations, I would probably move them under k8s.io/kubernetes/apiserver/plugin/pkg/authenticator/token

@lavalamp k8s.io/bootstrap SGTM. I think it needs to be in the "core" organization as stuff in core will depend on it (e.g. the apiserver)

k8s.io/bootstrap or k8s.io/bootstrap-auth both sound fine, maybe the later. Do we expect non-auth content?

@sttts the bootstrap tokens are used for both JWS validation and auth.

@luxas sounds good. I guess the code will depend on k8s.io/apimachinery+code-generator and we will depend on it in kube? This means it must become a staging repo.

How about creating a PR moving the code into staging/src/k8s.io/bootstrap?

@luxas sounds good. I guess the code will depend on k8s.io/apimachinery+code-generator and we will depend on it in kube? This means it must become a staging repo.

Yep, I think that is the best option we have here.

How about creating a PR moving the code into staging/src/k8s.io/bootstrap?

👍
@liztio will look into this and help out as well. Right now she's OOO AFAIK, though.
We'll discuss the exact implementation plans we have in SIG Cluster Lifecycle and (hopefully) be able
to create a short proposal for how to proceed in more detail.
/assign @liztio

[MILESTONENOTIFIER] Milestone Issue: Up-to-date for process

@liztio @luxas @timothysc

staging/src/k8s.io/bootstrap looks good.

@yliaog do you want to help with this? I can guide you how to get started and we'll do this teamwork everyone together 😄?

Sure, I can help work on it.

When you're ready for the new repo to be created, you can submit a request here:
https://github.com/kubernetes/org/issues/new?template=repo-create.md

@timothysc in order for this to qualify for 1.12 release, it and all related PRs need the label priority/critical-urgent. Can you consider and triage?

@timothysc @luxas could you help add the label priority/critical-urgent to the PR (#67356), so it can merge?

Why is it critical? What is broken or blocked if it merges at the beginning of 1.13 instead of now?

client-go would still carry it in 1.12 in that case, it won't be broken, but less than ideal. The PR is simply moving code, hence fairly safe. That said I'm fine to wait for 1.13.

@lavalamp, @LiGgit - since it's currently code freeze, I'm suggesting holding off until master reopens in a couple weeks. I know it's frustrating. :(

Actually: it looks like the PR is ready and only missing critical/urgent label. Again, since technically it's not urgent, I leave the decision up to you.

/milestone clear

(to match the fact that the PR was moved out of 1.12)