Bug 2058433

Document URL: https://docs.openshift.com/container-platform/4.7/cicd/builds/triggering-builds-build-hooks.html#builds-webhook-triggers_triggering-builds-build-hooks

Section Number and Name: All

Describe the issue: With in the webhook / build trigger docs, we referance the URL  structure: 

> https://<openshift_api_host:port>/oapi/v1/namespaces/<namespace>/buildconfigs/<name>/webhooks/<secret>/<servcie_type>

This API or URL path changed some time ago, and if you were / are to use this you will get a 403 error: 

> Hook executed successfully but returned HTTP 403 {"kind":"Status","apiVersion":"v1","metadata":{},"status":"Failure","message":"forbidden: User \"system:anonymous\" cannot post path \"/oapi/v1/namespaces/<namespace>/buildconfigs/<build_config>/webhooks/<secret>/<service_type>\"","reason":"Forbidden","details":{},"code":403}

This is caused by the kube 1.6 auth changes as denoted in https://kubernetes.io/docs/reference/access-authn-authz/authentication/#anonymous-requests which required the product to move from /oapi to /api and use RBAC controls to gate this access. 

- Note: the product already has the proper RBAC configs in place for `system:anonymous` to authenticate to the suggested endpoints below; however if your going to the wrong place... you first see an unauthenticated message vs a 404. 

Suggestions for improvement: Change the URL to match that of what `oc decribe bc <bc>` would show you. 

> https://<openshift_api_host:port>/apis/build.openshift.io/v1/namespaces/<namespace>/buildconfigs/<name>/webhooks/<secret>/<servcie_type>

Additional information: 

We will want to back port any fixes here as far back as feasible possible.