Bump github.com/gardener/gardener from 1.103.0 to 1.108.0

[dependabot]

Bumps github.com/gardener/gardener from 1.103.0 to 1.108.0.

Release notes

Sourced from github.com/gardener/gardener's releases.

v1.108.0

[gardener/gardener]

⚠️ Breaking Changes

• [USER] The url annotation in <shoot-name>.monitoring secrets in the project namespace is deprecated and will be removed soon. Please use the plutono-url annotation instead. by @​oliver-goetz #10735
• [OPERATOR] There is an incompatible change in the Garden (gardens.operator.gardener.cloud) custom resource, which required manual action:
  • Fields .spec.virtualCluster.dns.domains and .spec.runtimeCluster.ingress.domains were changed from type string to object with a field name and an optional field provider, e.g., in JSON format, replace "domains": ["domain1.example.com", "domain2.example.com"] with "domains": [{"name": "domain1.example.com"}, {"name": "domain2.example.com"}].
  • .spec.runtimeCluster.ingress.domains is required now
  • .spec.virtualCluster.dns.domains is required now by @​MartinWeindel #10645
• [OPERATOR] The optional deployment of cert-management component has been removed. As it was only introduced recently and probably not used, this change should have no impact typically. by @​MartinWeindel #10802

📰 Noteworthy

• [USER] Allow changing shoot.spec.cloudProfile between CloudProfile and its descendant NamespacedCloudProfiles. by @​LucaBernstein #10811

✨ New Features

• [USER] Allow for custom machine images in NamespacedCloudProfiles and add the spec.providerConfig field. by @​LucaBernstein #10629
• [USER] The URLs of Shoot plutono, prometheus and alertmanager are now stored as annotations in <shoot-name>.monitoring secret in the project namespace. by @​oliver-goetz #10735
• [OPERATOR] Enhance the gardener-operator to deploy DNSRecords and BackupBucket for the virtual garden resource.
  DNSRecords are only deployed if at least one provider is specified at .spec.dns.providers in the Garden resource.
  A BackupBucket is created if the .spec.virtualCluster.etcd.backup section is specified. An existing backup bucket on the infrastructure becomes automatically managed this way. by @​MartinWeindel #10645
• [DEVELOPER] gardener-apiserver: The ExtensionLabels admission plugin now also sets labels to WorkloadIdentitys. by @​dimityrmirchev #10786

🐛 Bug Fixes

• [DEVELOPER] gardener-node-agent applies inline files before applying containerd registries now. by @​oliver-goetz #10831

🏃 Others

• [DEPENDENCY] The registry.k8s.io/kube-state-metrics/kube-state-metrics image has been updated to v2.14.0. by @​gardener-ci-robot #10818
• [DEPENDENCY] The quay.io/prometheus/prometheus image has been updated to v2.55.1. by @​gardener-ci-robot #10804
• [DEPENDENCY] The gardener/etcd-druid image has been updated to v0.24.1. Release Notes by @​gardener-ci-robot #10843
• [OPERATOR] Fixed an issue that that could occur during control plane migration causing the core.gardener.cloud/v1beta1.BackupEntry to be reconciled after it was successfully migrated, but before it was restored. by @​plkokanov #10761
• [OPERATOR] The deployment of BackupBucket resource in the runtime cluster is skipped if no suitable operator extension is deployed. by @​MartinWeindel #10837
• [OPERATOR] Following components in gardener logging stack are updated: fluent-operator to v3.2.0, fluent-bit to v3.1.8, gardener/logging to v0.62.0 by @​nickytd #10790
• [OPERATOR] The following image has been updated:
  • europe-docker.pkg.dev/gardener-project/releases/gardener/autoscaler/vertical-pod-autoscaler/vpa-recommender: 1.2.1 -> 1.2.1-gardener-build.3 (Release notes vpa-1.2.1-gardener-build.2 and Release notes vpa-1.2.1-gardener-build.3) by @​ialidzhikov #10785
• [DEVELOPER] The hack/sast.sh script accepts two new optional flags:
  • --exclude-dirs: comma-separated list of dirs to exclude
  • --report-dir: where to store the gosec report by @​Kostov6 #10766
• [DEVELOPER] The provider-local admission is now deployed with the local kind setup. by @​LucaBernstein #10629

Helm Charts

• controlplane: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.108.0
• gardenlet: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.108.0
• operator: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.108.0
• resource-manager: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.108.0

Docker Images

• admission-controller: europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.108.0
• apiserver: europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.108.0
• controller-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.108.0
• gardenlet: europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.108.0

... (truncated)

Commits

• 834a347 Release v1.108.0
• b942a2e chore(deps): update etcd-druid to v0.24.1 (#10843)
• 92b227b Apply inline files before applying containerd registries (#10831)
• e54df98 Allow control-plane blackbox exporter to talk to kube-apiserver service (#10842)
• 3b4fe7c chore(deps): update quay.io/coreos/etcd docker tag to v3.5.17 (#10840)
• 62a64b1 chore(deps): update etcd-druid to v0.23.3 (#10838)
• c51a271 Skip deployment of BackupBucket resource if no suitable operator extension ...
• 8a0ac2f Remove ResourceNames restriction from 'create' verb (#10832)
• e9038c6 Support switching cloud profile referenced in Shoot from `NamespacedCloudPr...
• 2de78f5 Add --exclude-dirs and --report-dir flags to sast.sh (#10766)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)