[gardener/diki]

✨ New Features

[USER] Added new option acceptedPods to DISA Kubernetes STIGS 242415 rule which allows the user to configure environment variables for selected pods to be accepted. by @AleksandarSavchev [#61]
[USER] Added new option expectedFileOwner to DISA Kubernetes STIGS pod-files rule which allows the user to select which users and groups are expected. The options defaults to expecting only ID 0 for users and groups. by @AleksandarSavchev [#52]
[USER] Diki now supports DISA Kubernetes STIG version v1r11. by @dimityrmirchev [#65]
[DEVELOPER] Diki now has a basic implementation of a virtual garden provider. by @dimityrmirchev [#71]

[USER] DISA Kubernetes STIGs pod-files rule now expects 0640 permission setting for *.key files of mandatory components. This change improves the 242467 rule which requires 0600 permissions for such files. 0600 is not enforced since k8s does not provide an easy way to change the owner of a file and containers are expected to run as nonroot. by @AleksandarSavchev [#60]
[USER] A bug causing rule 242414 to crash when no options for the rule were set was fixed. by @AleksandarSavchev [#61]
[USER] DISA Kubernetes STIGs Kubelet rules now creates diki pods only on nodes with free allocatable space. by @AleksandarSavchev [#59]

[USER] DISA Kubernetes STIGs 242442 rule no longer checks shoot pods that are not managed by Gardener. by @AleksandarSavchev [#56]
[DEPENDENCY] Upgraded diki base image: gcr.io/distroless/static-debian11 -> gcr.io/distroless/static-debian12 by @AleksandarSavchev [#91]

[OPERATOR] Added an installer script to install etcdctl on demand whenever needed by @aaronfern [gardener/ops-toolbelt#96]

[OPERATOR] Changed the default ops-toolbelt container image to eu.gcr.io/sap-se-gcr-k8s-public/eu_gcr_io/gardener-project/gardener/ops-toolbelt:latest by @tedteng [gardener/ops-toolbelt#95]