Secure fetching IPXE and Ignition

[defo89]

What would you like to be added:
We should consider how ipxe script and ignition content fetch can be secured.

Example: username/password (with ability to rotate) httpauth when calling /ipxe and /ignition endpoints.

[defo89]

If not possible we could fall back to NetworkPolicies, so that only calls from relevant discovery networks are allowed.