Comment 3 for bug 1841226

Switching to token auth is the obvious answer, but CIS doesn't like it: https://github.com/aquasecurity/kube-bench/blob/7cd6b32ebb5f6c9503daf6069fe8480e41020505/cfg/cis-1.5/master.yaml#L336-L360

We also need to update kubernetes-dashboard authentication-mode config:
https://github.com/charmed-kubernetes/cdk-addons/blob/d7db3be73e96f1eb13db069c0e61f2f458e4e63a/cdk-addons/apply#L63
https://github.com/charmed-kubernetes/charm-kubernetes-master/blob/1e090ff6c9371a8be014f3f0774a4fcd1882cc89/config.yaml#L272-L278
https://github.com/charmed-kubernetes/charm-kubernetes-master/blob/1e090ff6c9371a8be014f3f0774a4fcd1882cc89/reactive/kubernetes_master.py#L1231-L1235
https://github.com/kubernetes/dashboard/blob/1f66b1c1fde5282f2b5146c6e94018a916610b28/docs/common/dashboard-arguments.md

kubernetes-dashboard appears to only support basic and token auth. If we move away from token auth for CIS then we might need to drop kubernetes-dashboard too.