Bump github.com/gardener/gardener from 1.100.1 to 1.101.0

[dependabot[bot]]

Bumps github.com/gardener/gardener from 1.99.0 to 1.101.0.

Release notes

Sourced from github.com/gardener/gardener's releases.

v1.101.0

[gardener/gardener]

⚠️ Breaking Changes

• [DEVELOPER] The legacy method of providing monitoring configuration via ConfigMaps labeled with extensions.gardener.cloud/configuration=monitoring has been removed. See this instead. by @​rfranzke #10220
• [DEVELOPER] The IPv4 addresses for the local Gardener setup was changed from 127.0.0.x to 172.18.255.x (default kind subnet) to resolve an issue on developer machines which can't use additional IP addressed from the 127.0.0.0/8 space. Please consider updating your /etc/hosts file to adjust to the the newly added addresses. Please see Deploying Gardener Locally#Accessing the Shoot Cluster for more details. by @​MartinWeindel #10019
• [DEVELOPER] github.com/gardener/gardener/plugin/pkg/utils.ProjectForNamespaceFromLister has been deprecated and will be removed in a future release, use github.com/gardener/gardener/pkg/utils/gardener.ProjectForNamespaceFromLister instead. by @​vpnachev #10042

📰 Noteworthy

• [DEVELOPER] Evaluate shoot.Spec.CloudProfile and shoot.Spec.CloudProfileName fields together to determine the applicable cloud profile in order to prepare for namespaced cloud profiles. by @​LucaBernstein #10093
• [DEPENDENCY] A new field class was added to resources of the extensions.gardener.cloud API group. Together with the newly introduced predicate HasClass, it serves as a mean to split responsibilities of extension controllers for extensions belonging to different type of targets, i.e. shoot (default) or garden. Handling is backwards compatible, so that extensions are still responsible for shoot extension resources without any adjustments. If you intend to already support the reconciliation of extensions belonging to the garden class (cluster), please consider adding the ExtensionClass parameter (see here for more information). by @​timuthy #10254
• [OPERATOR] The VPAAndHPAForAPIServer feature gate has been promoted to beta and is now turned on by default. by @​ialidzhikov #10207
• [OPERATOR] VPA MaxAllowed is no longer hard-coded to fixed values (4/7/8 cores and 25/28G) for kube-apiserver, etcd, and prometheus. Operators must ensure sufficiently large worker pools for control plane components. For details, see this document. by @​andrerun #10208
• [OPERATOR] The graduated CoreDNSQueryRewriting feature gate has been dropped. by @​ScheererJ #10230
• [OPERATOR] The graduated MutableShootSpecNetworkingNodes feature gate has been dropped. by @​ScheererJ #10231
• [USER] Use shoot.Spec.CloudProfile as the primary directive to specify the cloud profile to use. The value will by synced to the field shoot.Spec.CloudProfileName (until it is deprecated and eventually removed in the future). If no cloud profile kind is provided, it will default to CloudProfile. by @​LucaBernstein #10093

✨ New Features

• [OPERATOR] gardener-operator is now capable of deploying gardenlets into unmanaged seed clusters. Read more about it here. by @​rfranzke #10161
• [OPERATOR] gardener-operator is now capable of auto-updating the Helm chart reference (.spec.deployment.helm.ociRepository.ref) in seedmanagement.gardener.cloud/v1alpha1.Gardenlet resources. Read all about it here. by @​rfranzke #10218
• [OPERATOR] gardener-operator is now capable of installing ControllerRegistration and ControllerInstallation objects in the virtual cluster based on operator.gardener.cloud/v1alpha1.Extension resources. by @​kon-angelo #10006
• [OPERATOR] A new field Bastion was introduced to the CloudProfile. by @​hebelsan #10233

🐛 Bug Fixes

• [OPERATOR] Valitail is now pinned to v2.2.15 (depends on glibc 2.32) by @​nickytd #10282
• [OPERATOR] updatecacerts.service systemd unit on nodes with Debian OS does not fail anymore if /usr/local/share/ca-certificates directory is empty. by @​ScheererJ #10242
• [OPERATOR] Fixed a bug in the vpa-eviction-requirements controller causing etcds to be evicted for downscaling outside of their maintenance window. by @​voelzmo #10202

🏃 Others

• [DEPENDENCY] The registry.k8s.io/coredns/coredns image has been updated to v1.11.3. by @​gardener-ci-robot #10224
• [DEPENDENCY] The gardener/alpine-conntrack image has been updated to 3.20.2. Release Notes by @​gardener-ci-robot #10206
• [DEPENDENCY] The gardener/etcd-druid image has been updated to v0.22.4. Release Notes by @​gardener-ci-robot #10260
• [OPERATOR] An issue preventing kubectl rollout restart to work for Deployments, DaemonSets and StatefulSets managed by a ManagedResource is now resolved. by @​Kostov6 #10192
• [OPERATOR] The CPU and memory resource requests of the istio-proxy container for the istio-ingressgateway deployment have been changed to 300m and 600Mi, respectively.
  The HPA maxReplicas for the istio-ingressgateway deployment have been increased from 5 to 9. When deployed for multiple zones, the maxReplicas are increased from 4 to 6 per zone. by @​plkokanov #10226
• [OPERATOR] In case multiple network ranges are configured via infrastructure status propagation for pod, service or node network, gardenlet will check whether they comply to the requirements of Kubernetes components like kube-apiserver, kube-controller-manager, and kube-proxy. by @​ScheererJ #10148
• [OPERATOR] Removed the addition of the annotation: cluster-autoscaler.kubernetes.io/safe-to-evict: false for the HA etcd-main to improve node utilization. by @​ishan16696 #10235
• [OPERATOR] The STATUS column of seeds was improved, when they are listed via kubectl. Earlier the field tend to oscillated, especially when extensions and system components are scaled frequently. by @​timuthy #10237
• [OPERATOR] [Secretsmanager] Drop old CA from bundle if not valid anymore. by @​MartinWeindel #10158
• [OPERATOR] Separate kube-state-metrics deployments for seed and garden-runtime cluster by @​chrkl #10062
• [USER] Displaying unhealthy nodes in the shoot Plutono dashboard was improved to show nodes with taints used for taint based eviction. Earlier, nodes with custom NoSchedule taints distorted this view, as actual healthy nodes were shown as problematic. by @​timuthy #10214
• [DEVELOPER] local setup: Registry caches for eu.gcr.io and ghcr.io are now removed as there are no images from these upstream registries. by @​ialidzhikov #10185
• [DEVELOPER] The images of the registry caches used in the extensions local setup are now updated to distribution/distribution@3.0.0 beta.1. by @​ialidzhikov #10180

Helm Charts

• controlplane: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.101.0
• gardenlet: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.101.0
• operator: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.101.0
• resource-manager: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.101.0

... (truncated)

Commits

• bd0a908 Release v1.101.0
• 61460a0 [release-v1.101] Revert "Drop deprecated .spec.pools[].userData from `extensi...
• 91ad4f9 [release-v1.101] Improve the SeedConditionFailing alert when nodes are rolled...
• fbcf8a6 [release-v1.101] Pin valitail version to v2.2.15 (#10282)
• aa54cc1 chore(deps): update golang (#10274)
• cdbd376 fix(deps): update module golang.org/x/tools to v0.24.0 (#10273)
• 19f076c fix(deps): update module golang.org/x/text to v0.17.0 (#10271)
• c368a87 Add class field to extensions.gardener.cloud APIs (#10254)
• f11d8ff Drop VPA MaxAllowed: KAPI,Etcd,Prometheus (#10208)
• 4d852a3 fix(deps): update module github.com/gardener/etcd-druid to v0.22.4 (#10262)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[gardener-prow[bot]]

LGTM label has been added.

Git tree hash: 0194e40f16f462648bb44de7f7eeb1e7aa9abf44

[gardener-prow[bot]]

New changes are detected. LGTM label has been removed.

[gardener-prow[bot]]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: Once this PR has been reviewed and has the lgtm label, please ask for approval from dimitar-kostadinov. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files: - **[OWNERS](https://github.com/gardener/gardener-extension-registry-cache/blob/main/OWNERS)** Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment

[ialidzhikov]

@dependabot rebase

[dependabot[bot]]

Looks like this PR is already up-to-date with main! If you'd still like to recreate it from scratch, overwriting any edits, you can request @dependabot recreate.

[gardener-prow[bot]]

@dependabot[bot]: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
pull-gardener-extension-registry-cache-verify-image-build	f9bbe3f6d7a7f17f4d0a762b015233c4f20b9d49	link	true	/test pull-gardener-extension-registry-cache-verify-image-build
pull-gardener-extension-registry-cache-unit	f9bbe3f6d7a7f17f4d0a762b015233c4f20b9d49	link	true	/test pull-gardener-extension-registry-cache-unit
pull-gardener-extension-registry-cache-e2e-kind	f9bbe3f6d7a7f17f4d0a762b015233c4f20b9d49	link	true	/test pull-gardener-extension-registry-cache-e2e-kind

Full PR test history. Your PR dashboard. Command help for this repository. Please help us cut down on flakes by linking this test failure to an open flake report or filing a new flake report if you can't find an existing one. Also see our testing guideline for how to avoid and hunt flakes.

Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes-sigs/prow](https://github.com/kubernetes-sigs/prow/issues/new?title=Prow%20issue:) repository. I understand the commands that are listed [here](https://go.k8s.io/bot-commands).

[dependabot[bot]]

Superseded by #236.