rebase: bump sigs.k8s.io/controller-runtime from 0.17.3 to 0.18.1 in the k8s-dependencies group across 1 directory

[dependabot[bot]]

Bumps the k8s-dependencies group with 1 update in the / directory: sigs.k8s.io/controller-runtime.

Updates sigs.k8s.io/controller-runtime from 0.17.3 to 0.18.1

Release notes

Sourced from sigs.k8s.io/controller-runtime's releases.

v0.18.1

What's Changed

• [release-0.18] :bug: Cache: Fix label defaulting of byObject when namespaces are configured by @​k8s-infra-cherrypick-robot in kubernetes-sigs/controller-runtime#2808
• [release-0.18] 🐛 correct kind source type by @​k8s-infra-cherrypick-robot in kubernetes-sigs/controller-runtime#2809

Full Changelog: https://github.com/kubernetes-sigs/controller-runtime/compare/v0.18.0...v0.18.1

v0.18.0

:warning: Breaking Changes

• Bump to k8s.io/* v1.30 (#2693 #2754 #2765 #2776 #2786)
• Remove deprecated v1alpha1.ControllerManagerConfiguration (#2648)
• admission.Decoder is now an interface (#2736)
• Source, Event, Predicate, Handler: Add generics support (#2783 #2796)
• client: Fix SubResourceCreateOptions signature in subresource client (#2766)

:sparkles: New Features

• cache: Add TransformStripManagedFields transform func (#2791)
• client: Add client.WithFieldOwner to configure client-wide FieldManager (#2771 #2777)
• controller: Add NewQueue option (#2767)
• manager: Export HTTP server runnable implementation (#2473)
• metrics/server: Add ListenConfig option (#2519)

:bug: Bug Fixes

• builder/webhook: Return error if For() is used multiple times (#2740)
• cache: Keep selectors when byObject.Namespaces is defaulted (#2747)
• cache: Prevent race when informers are started more than once (#2758)
• fake client: Allow fakeclient to patch CR with no resourceVersion (#2725)
• fake client: Do not consider an apply patch to be a strategic merge patch (#2679)
• manager: Prevent leader election when shutting down a non-elected manager (#2724)
• manager: Runnable group should check if stopped before enqueueing (#2757)
• restmapper: Clean restmapper cache if a version is notFound (#2663)
• restmapper: Fix cache invalidation (#2687)

:seedling: Others

• ci: Add OSSF scorecard action (#2714)
• ci: Improve github actions dependencies versions and permissions (#2715)
• ci: Pin checkout action in golangci-lint action, bump checkout action, use consistent tag format (#2729)
• ci: Update golangci-lint to v1.57.2 (#2708 #2751)
• ci: Update scorecard github action (#2728)
• ci: Use go-install for versioned dependencies (#2710)
• envtest: WaitForDefaultNamespace while starting up envtest (#2668)
• owners: Cleanup owners files (#2730)
• owners: Remove outdated testing framework approvers (#2709)
• predicate: Compare labels and annotations using maps.Equal (#2705)

... (truncated)

Commits

• cd2885e Merge pull request #2809 from k8s-infra-cherrypick-robot/cherry-pick-2806-to-...
• 06acde3 🐛 correct kind source type
• d6feaae Merge pull request #2808 from k8s-infra-cherrypick-robot/cherry-pick-2805-to-...
• 87cae4c bug: Cache: Fix label defaulting of byObject when namespaces are configured
• ed81fa6 Merge pull request #2796 from alvaroaleman/mark
• b35cd6b :book: Mark Typed Handlers as experimental
• b74908f Merge pull request #2793 from kubernetes-sigs/dependabot/github_actions/actio...
• a9db208 Merge pull request #2794 from kubernetes-sigs/dependabot/github_actions/actio...
• 757ae66 :seedling: Bump actions/upload-artifact from 4.3.1 to 4.3.3
• 18ae9e0 :seedling: Bump actions/checkout from 4.1.2 to 4.1.3
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions

[dependabot[bot]]

Superseded by #4614.