Bump github.com/gardener/gardener from 1.103.0 to 1.104.0

[dependabot]

Bumps github.com/gardener/gardener from 1.103.0 to 1.104.0.

Release notes

Sourced from github.com/gardener/gardener's releases.

v1.104.0

[gardener/gardener]

⚠️ Breaking Changes

• [USER] A bug has been fixed which was allowing users to set Shoot oidc configurations for the kube-apiserver without setting the clientID and issuerURL fields in spec.kubernetes.kubeAPIServer.oidcConfig, which would lead to the kube-apiserver stuck in a Error state. gardener-apiserver now requires both clientID and issuerURL fields to be set when the spec.kubernetes.kubeAPIServer.oidcConfig field is specified. by @​AleksandarSavchev #10461
• [OPERATOR] credentialsBinding.credentialsRef is now an immutable field. by @​dimityrmirchev #10365

📰 Noteworthy

• [USER] Users are allowed to change shoot.spec.credentialsBindingName and reference another CredentialsBinding only if they have the permissions to read both the old and newly referenced credential. by @​dimityrmirchev #10365
• [USER] Users can migrate from shoot.spec.secretBindingName to shoot.spec.credentialsBindingName only if the referenced credential remains the same and is not changed during the process. by @​dimityrmirchev #10365
• [OPERATOR] Allow project users to read NamespacedCloudProfiles and for project admins to make adjustments to machine types and volume types. by @​LucaBernstein #10485
• [OPERATOR] Alerts based on the proposals_failed_total metric of the etcd cluster are not raised anymore. by @​renormalize #10524
• [DEVELOPER] A new predicate extensions/pkg/predicate.GardenSecurityProviderType can be used to select resources from the security.gardener.cloud group that are related to the passed provider type. by @​dimityrmirchev #10499

✨ New Features

• [OPERATOR] The gardener-operator metrics are now automatically scraped by the garden Prometheus. by @​maboehm #10464
• [OPERATOR] Introduce custom RBAC verbs to allow for modification of .spec.{kubernetes,machineImages} in NamespacedCloudProfiles. by @​LucaBernstein #10485
• [OPERATOR] The feature gate NewVPN is introduced for the gardenlet component. If enabled, the new VPN implementation (Golang rewrite) is used for all Shoots of the respective Seed. In this case, the old implementation can be disabled for a single Shoot by annotating the shoot resource with alpha.control-plane.shoot.gardener.cloud/disable-new-vpn=true. For Seeds with disabled feature gate, the new implementation can be enabled for a single shoot by annotating it with alpha.control-plane.shoot.gardener.cloud/disable-new-vpn=false. by @​MartinWeindel #9774

🐛 Bug Fixes

• [USER] Fixed disk read/write panel in the shoot's etcd dashboards by @​rickardsjp #10493
• [DEVELOPER] An issue was fixed that rejected the creation of workerless shoots in the local setup. by @​timuthy #10498

🏃 Others

• [DEPENDENCY] The gardener/hvpa-controller image has been updated to v0.17.0. Release Notes by @​gardener-ci-robot #10508
• [DEPENDENCY] The quay.io/prometheus-operator/prometheus-config-reloader image has been updated to v0.76.2. by @​gardener-ci-robot #10500
• [DEPENDENCY] The gardener/machine-controller-manager image has been updated to v0.54.0. Release Notes by @​gardener-ci-robot #10528
• [DEPENDENCY] The gardener/alpine-conntrack image has been updated to 3.20.3. Release Notes by @​gardener-ci-robot #10487
• [DEPENDENCY] The envoyproxy/envoy image has been updated to v1.31.1. Release Notes by @​gardener-ci-robot #10531
• [OPERATOR] Federate apiserver_total_request metric to the Prometheus longterm instance by @​jguipi #10457
• [OPERATOR] Allow empty networking.nodes in case of IPv6 only shoots. by @​axel7born #10533
• [OPERATOR] Improved node utilisation by reducing requests for etcd-druid managed pods. by @​unmarshall #10540
• [DEVELOPER] Install go in the remote local setup from the go download site instead of using the apk package manager. by @​vicwicker #10502

Helm Charts

• controlplane: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.104.0
• gardenlet: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.104.0
• operator: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.104.0
• resource-manager: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.104.0

Docker Images

• admission-controller: europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.104.0
• apiserver: europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.104.0
• controller-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.104.0
• gardenlet: europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.104.0
• node-agent: europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.104.0
• operator: europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.104.0
• resource-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.104.0
• scheduler: europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.104.0

Commits

• 6a71cf9 Release v1.104.0
• aed268d reduced etcd container requests and VPA minAllowed as per gardener/etcd-druid...
• 53bbb47 Remove etcd proposal alerts. (#10524)
• affd0b9 chore(deps): update dependency gardener/machine-controller-manager to v0.54.0...
• 571f721 Clean up unused --seed-kubecfg-path flag from the Shoot creation framework ...
• c3e8770 Allow empty networking.nodes in case of IPv6 only shoots. (#10533)
• d326380 chore(deps): update dependency envoyproxy/envoy to v1.31.1 (#10531)
• be8aced Enhance compare-k8s-feature-gates.sh script (#10532)
• 029dd81 fix(deps): update kubernetes packages to v0.29.9 (#10515)
• 3abeb31 Harden Project controller integration tests with NamespacedCloudProfiles (#10...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[gardener-prow]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign plkokanov for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[gardener-robot-ci-1]

Thank you @dependabot[bot] for your contribution. Before I can start building your PR, a member of the organization must set the required label(s) {'reviewed/ok-to-test'}. Once started, you can check the build status in the PR checks section below.