Bump github.com/gardener/gardener from 1.89.0 to 1.90.0

[dependabot]

Bumps github.com/gardener/gardener from 1.89.0 to 1.90.0.

Release notes

Sourced from github.com/gardener/gardener's releases.

v1.90.0

[gardener/gardener]

⚠️ Breaking Changes

• [OPERATOR] The UseGardenerNodeAgent feature gate has been promoted to GA. It was already enabled by default and can now no longer be turned off. The feature gate will be removed in a future release. by @​rfranzke #9208
• [OPERATOR] ⚠️ Gardener does no longer support garden, seed, or shoot clusters with Kubernetes versions == 1.24. Make sure to upgrade all existing clusters before upgrading to this Gardener version. by @​shafeeqes #8989
• [OPERATOR] The APIServerFastRollout feature gate has been promoted to GA. It was already enabled by default and can now no longer be turned off. The feature gate will be removed in a future release. by @​oliver-goetz #9214
• [DEVELOPER] The pkg/envtest package has been moved to test/envtest. Most component packages in pkg/component have been moved. The pkg/openapi and pkg/registry packages have been moved to pkg/apiserver/*. by @​rfranzke #9217
• [DEVELOPER] Function signature of infrastructure controller NewReconciler has changed from NewReconciler(manager.Manager, Actuator, ConfigValidator) to NewReconciler(manager.Manager, Actuator, ConfigValidator, map[gardencorev1beta1.ErrorCode]func(string) bool). by @​acumino #9321
• [USER] The spec.kubernetes.allowPrivilegedContainers field in the Shoot API is deprecated and will be removed in a future version. This field is not relevant to Shoots with kubernetes versions >= 1.25. Please adapt your controllers accordingly. by @​shafeeqes #8989

📰 Noteworthy

• [USER] It is no longer possible to add or change the .spec.seedSelector field in Shoots when spec.seedName is already set. by @​rfranzke #9212

✨ New Features

• [OPERATOR] DNSRecord resources for seed and shoot clusters now have an annotation indicating their target ip stack (dns.gardener.cloud/ip-stack set to either ipv4, ipv6, or dual-stack). by @​ScheererJ #9289
• [OPERATOR] gardener-resource-manager's health check controller now checks whether VerticalPodAutoscalers report the ConfigUnsupported condition. by @​rfranzke #9211
• [USER] It is now possibleto specify some cluster-autoscaler related options per worker pool in Shoots via spec.provider.workers[].clusterAutoscaler. Read more about it here. by @​aaronfern #9245
• [USER] In order to fine-tune VPA CPU recommendations, the CPU target percentile parameter for vpa-recommender can now be configured in the Shoot specification via the .spec.kubernetes.verticalPodAutoscaler.targetCPUPercentile field. by @​voelzmo #9279
• [DEVELOPER] It is now possible to provide configuration for the aggregate Prometheus running in seed clusters' garden namespaces. Read all about it here. by @​rfranzke #9200

🐛 Bug Fixes

• [DEPENDENCY] An issue was fixed that sometimes led to leaked extension-controlplane-shoot-webhooks which blocked the shoot deletion. by @​timuthy #9209
• [DEPENDENCY] hack/hook-me.sh now ensures the required network connectivity so that the quic tunnel can be successfully established. by @​vpnachev #8909
• [USER] A bug causing shoot force-deletion to get stuck in case the secrets referred by the DNS Records are outdated is now fixed. by @​acumino #9324

🏃 Others

• [OPERATOR] Update Istio to v1.19.7 by @​axel7born #9215
• [OPERATOR] Bump alpine to 3.19.1 by @​ary1992 #9315
• [OPERATOR] Enhance NodeNotHealthy Prometheus alert to fire immediately. by @​adenitiu #9314
• [OPERATOR] gardener-node-agent now terminates itself (leading to a restart of its systemd unit) in case it determines that the hostname of its node has changed. by @​rfranzke #9280
• [OPERATOR] Resource requests of istio ingress gateway are reduced and its horizontal autoscaling behaviour specified in more detail, including scale-up under memory pressure by @​ScheererJ #9250
• [OPERATOR] The VerticalPodAutoscaler object for the shoot Prometheus is now labeled with app=prometheus,role=monitoring, similar to the corresponding StatefulSet. by @​nickytd #9244
• [OPERATOR] Set reinvocationPolicy: IfNeeded for VPA admission-controller webhook to ensure that webhooks injecting sidecar containers will not trigger and endless eviction loop. by @​voelzmo #9191
• [DEPENDENCY] The following dependencies are updated:
  • k8s.io/* : v0.28.4 -> v0.29.2
  • sigs.k8s.io/controller-runtime: v0.16.3 -> v0.17.2 by @​shafeeqes #9174
• [USER] The validation error shown when a user tries to change the .spec.seedName field of a Shoot will now also display the old and new values to better indicate that a change was attempted. by @​plkokanov #9294

[gardener/dependency-watchdog]

⚠️ Breaking Changes

• [OPERATOR] Change OCI Image Registry from GCR (eu.gcr.io/gardener-project) to Artifact-Registry (europe-docker.pkg.dev/gardener-project/releases). Users should update their references. by @​ccwienkgardener/dependency-watchdog#93
• [OPERATOR] DWD no longer depends on checking the reachability of Kube-API server via external load-balancer as kube-proxy path optimizations makes that impossible on infrastructures which have a static IP for the LB. Instead it now depends on node leases that are periodically renewed by each node running in the shoot cluster to determine its scaling action (scale-down/up). by @​rishabh-11gardener/dependency-watchdog#94

🏃 Others

• [OPERATOR] Make kcmNodeMonitorGraceDuration optional in the prober config and use a default value of 40s if not specified in the shoot and the config. by @​rishabh-11gardener/dependency-watchdog#101
• [DEVELOPER] Use ginkgolinter instead of self baked gomegacheck by @​himanshu-kungardener/dependency-watchdog#95

... (truncated)

Commits

• 37ce1ed Release v1.90.0
• aa5567f Destroy DNSRecords separately (#9324)
• acf1c59 Consider errors from configValidator for ErrorCodes (#9321)
• 49adb9e [release-v1.90] NodeNotHealthy prometheus alert (#9314)
• 4eb86e4 [release-v1.90] Update module github.com/prometheus-operator/prometheus-opera...
• bf2dd5e Bump alpine to 3.19.1 (#9315)
• c2d8945 upgrade mcm to 0.52.0 in go.mod (#9310)
• 07052b5 Remove redundant doc for autoscaling configuration (#9303)
• 39700af Delete networkingv1.Ingress instead of networkingv1beta1.Ingress (#9299)
• db31dd7 Add cpu target percentile parameter to VPA options in Shoot spec (#9279)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Release note:

Bumps github.com/gardener/gardener from 1.89.0 to 1.90.0.

[gardener-robot]

@dependabot[bot] Thank you for your contribution.

[gardener-robot-ci-3]

Thank you @dependabot[bot] for your contribution. Before I can start building your PR, a member of the organization must set the required label(s) {'reviewed/ok-to-test'}. Once started, you can check the build status in the PR checks section below.

[MartinWeindel]

/cla

[gardener-robot]

@MartinWeindel I reached out successfully to the cla-assistant to recheck this pull request.

[MartinWeindel]

/lgtm