use apiGroup without version in webapp auth howto

[jamieklassen]

This is purely a docs change. While I was attempting to follow these instructions, I kept seeing errors like

{"level":"info","timestamp":"2023-03-16T19:42:34.050803Z","caller":"k8s.io/utils@v0.0.0-20230115233650-391b47cb4029/trace/trace.go:219$trace.(*Trace).logTrace","message":"Trace[580760707]: \"create\" kind:TokenCredentialRequest (16-Mar-2023 19:42:34.050) (total time: 0ms):\nTrace[580760707]: ---\"failure\" failureType:token authentication,msg:no such authenticator 0ms (19:42:34.050)\nTrace[580760707]: [51.899µs] [51.899µs] END\n"}

I googled around for this error and encountered the similar (but not the same, due to their use of the CLI) #1211. Anyway, upon digging through the code I figured out that the error was being raised here:

pinniped/internal/controller/authenticator/authncache/cache.go

Line 100 in 0aa4892

return nil, ErrNoSuchAuthenticator

Which suggested to me that the authncache was not being populated correctly. After a bit more digging I found that it was the jwtcachefiller who was responsible for this, and it was using cache keys like this:

pinniped/internal/controller/authenticator/jwtcachefiller/jwtcachefiller.go

Lines 104 to 108 in 0aa4892

	cacheKey := authncache.Key{
	APIGroup: auth1alpha1.GroupName,
	Kind: "JWTAuthenticator",
	Name: ctx.Key.Name,
	}

Looking a little closer at the APIGroup value there, I found

pinniped/generated/latest/apis/concierge/authentication/v1alpha1/register.go

Line 12 in 0aa4892

const GroupName = "authentication.concierge.pinniped.dev"

There's no /v1alpha1 at the end there! Stripping this from my TokenCredentialRequest allowed me to move forward.

Release note:

NONE

[cfryanr]

Thanks @jamieklassen!