[GEP-26] Workload Identity support

[dimityrmirchev]

How to categorize this PR?

/area security ipcei /kind enhancement /label ipcei/workload-identity /platform azure

What this PR does / why we need it: This PR adds support for workload identity.

Which issue(s) this PR fixes: Part of https://github.com/gardener/gardener/issues/9586

Depends on:

• https://github.com/gardener/terraformer/pull/156
• https://github.com/gardener/machine-controller-manager-provider-azure/pull/167
• https://github.com/gardener/remedy-controller/pull/64

Special notes for your reviewer: cc @vpnachev

For the purpose of developing and testing this PR the local setup with extension + workload identity support can be utilised. https://github.com/gardener/gardener/blob/master/docs/deployment/getting_started_locally_with_extensions.md#setting-up-gardener-garden-on-kind-seed-on-gardener-cluster

Please see the relevant azure documentation https://learn.microsoft.com/en-us/entra/workload-id/workload-identity-federation-create-trust?pivots=identity-wif-apps-methods-azp

Release note:

The extension now supports `Shoot`s using `WorkloadIdentity`s instead of cloud provider credentials.

[gardener-robot]

@dimityrmirchev Label ipcei/workload-identity does not exist.

[gardener-robot]

@dimityrmirchev Label ipcei/workload-identity does not exist.

[gardener-robot]

@dimityrmirchev You need rebase this pull request with latest master branch. Please check.

[gardener-robot]

@dimityrmirchev Label ipcei/workload-identity does not exist.