chore(deps): bump github.com/gardener/gardener from 1.118.3 to 1.124.0

[dependabot]

Bumps github.com/gardener/gardener from 1.118.3 to 1.124.0.

Release notes

Sourced from github.com/gardener/gardener's releases.

v1.124.0

[gardener/gardener]

⚠️ Breaking Changes

• [OPERATOR] ⚠️ The BackupBucket API field spec.secretRef has been removed, please migrate your backupbucket manifests to spec.credentialsRef! Gardener API server already has defaulted this field. by @​vpnachev #12517
• [USER] Starting with Kubernetes v1.34, setting the field .spec.cloudProfileName is be forbidden. The field will be dropped from existing Shoots once. Users are advised to drop this field and specify the cloud profile using the .spec.cloudProfile.name field instead. by @​LucaBernstein #11816

📰 Noteworthy

• [OPERATOR] The graduated feature gate NodeAgentAuthorizer has been removed. by @​oliver-goetz #12576
• [USER] Starting with Kubernetes v1.33, there are be API warnings for Shoots that have the .spec.cloudProfileName field set. Users are advised to drop this field and specify the cloud profile using the .spec.cloudProfile.name field instead. by @​LucaBernstein #11816

✨ New Features

• [USER] IPv4 or dual-stack shoots can now define IPv4 pod, service and node networks overlapping with networks of their seed. This works for both HA and non-HA shoots now. by @​domdom82 #12204
• [USER] The Shoot resource does now support configuring feature gates for the Vertical Pod Autoscaler (VPA). With this feature, end users can enable the InPlacePodVerticalScaling feature gate of VPA. For more details, see In-Place Updates of Pod Resources. by @​vitanovs #12339
• [OPERATOR] Istio service & workload dashboards are deployed now in Seeds and in Garden runtime cluster to improve observability when L7 load balancing is active. Additionally, the existing Istio dashboards for Seeds are now deployed in the Garden runtime cluster too. by @​oliver-goetz #12509
• [OPERATOR] The Seed and Garden resources do now support configuring feature gates for the Vertical Pod Autoscaler (VPA). With this feature, Gardener operators can enable the InPlacePodVerticalScaling feature gate of VPA. For more details, see In-Place Updates of Pod Resources. by @​vitanovs #12339
• [OPERATOR] Introduced a feature gate OpenTelemetryCollector that enables the creation of an OpenTelemetry Collector inside the control-plane of every Shoot. This will route logs through the aforementioned Collector, enabling Shoot logs to be stored in any backend. by @​rrhubenov #12428

🐛 Bug Fixes

• [OPERATOR] A bug in which gardener-node-agent was not able to in-place update OS versions that specify only MAJOR.MINOR in the os-release but MAJOR.MINOR.PATCH in the cloud profile is now fixed. by @​shafeeqes #12542
• [OPERATOR] A bug has been fixed which caused Pods from namespaces other than kube-system and labeled with node.gardener.cloud/critical-component=true to be considered by gardener-resource-manager. by @​rfranzke #12557
• [OPERATOR] A bug where WorkloadIdentity tokens used for etcd backups, i.e. in the context of BackupEntry resource, tried to include shoot and project info when the shoot resource is deleted is now fixed. by @​vpnachev #12516
• [OPERATOR] gardener-resource-manager is now excluded from pod-kube-apiserver-load-balancing webhook when running in garden runtime cluster. by @​oliver-goetz #12526
• [OPERATOR] A bug in shoot reconciliation that caused RewriteEncryptedDataAddLabel to be called for hibernated shoots, leading to a panic in the gardenlet, has been fixed. by @​acumino #12602
• [OPERATOR] A bug in the istio-ingress helm chart which could lead to a missing traffic distribution policy in the internal istio-ingressgateway service on certain Kubernetes versions has been fixed. by @​oliver-goetz #12541
• [OPERATOR] A bug has been fixed which prevented the seed-specific Plutono dashboards from being provided by gardenlet in case its seed cluster was the garden runtime cluster at the same time. by @​rfranzke #12476

🏃 Others

• [DEPENDENCY] The following dependencies have been updated:
  • envoyproxy/envoy from v1.34.1 to v1.34.2. Release Notes by @​gardener-ci-robot #12501
• [DEPENDENCY] The following dependencies have been updated:
  • gardener/machine-controller-manager from v0.58.0 to v0.59.0. Release Notes
  • github.com/gardener/machine-controller-manager from v0.58.0 to v0.59.0. by @​gardener-ci-robot #12482
• [DEPENDENCY] The following dependencies have been updated:
  • europe-docker.pkg.dev/gardener-project/releases/3rd/opentelemetry-operator/opentelemetry-operator from v0.127.0 to v0.129.1. by @​rrhubenov #12480
• [DEPENDENCY] The following dependencies have been updated:
  • credativ/vali from v2.2.24 to v2.2.25. Release Notes by @​gardener-ci-robot #12555
• [DEPENDENCY] The following dependencies have been updated:
  • gardener/machine-controller-manager from v0.59.1 to v0.59.2. Release Notes
  • github.com/gardener/machine-controller-manager from v0.59.1 to v0.59.2. by @​gardener-ci-robot #12595
• [DEPENDENCY] The following dependencies have been updated:
  • gardener/machine-controller-manager from v0.59.0 to v0.59.1. Release Notes
  • github.com/gardener/machine-controller-manager from v0.59.0 to v0.59.1. by @​gardener-ci-robot #12569
• [DEPENDENCY] The following dependencies have been updated:
  • credativ/plutono from v7.5.39 to v7.5.40. Release Notes by @​gardener-ci-robot #12554
• [DEPENDENCY] The following dependencies have been updated:
  • gardener/etcd-druid from v0.30.1 to v0.31.0. Release Notes
  • github.com/gardener/etcd-druid/api from v0.30.1 to v0.31.0. by @​rfranzke #12551
• [DEPENDENCY] The following dependencies have been updated:

... (truncated)

Commits

• 5af01d5 Release v1.124.0
• 4aae252 Replace DeepEqual with set equality for encrypted resources (#12602)
• 045d335 Update machine-controller-manager to v0.59.2 (#12595)
• afb7e8a Update quay.io/coreos/etcd Docker tag to v3.6.3 (#12590)
• 4279d8d [GEP-26] Remove deprecated backupBucket.spec.secretRef field (#12517)
• a311198 Remove NodeAgentAuthorizer feature gate (#12576)
• 48f2e5d Proceed with replacement of Shoot .spec.cloudProfileName field in favor of ...
• 8dd8caf Update dependency golangci/golangci-lint to v2.3.0 (#12585)
• efc855c Extend documentation on force-redeploy of Gardenlets (#12583)
• d3bc56c Update dependency securego/gosec to v2.22.7 (#12584)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #782.