chore(deps): bump github.com/gardener/gardener/pkg/apis from 1.140.0 to 1.145.0

[dependabot]

Bumps github.com/gardener/gardener/pkg/apis from 1.140.0 to 1.145.0.

Release notes

Sourced from github.com/gardener/gardener/pkg/apis's releases.

v1.145.0

[github.com/gardener/gardener:v1.145.0]

⚠️ Breaking Changes

• [OPERATOR] The gardener-scheduler candidate determination strategy deployed by gardener-operator is now configurable via Garden.spec.virtualCluster.gardener.gardenerScheduler.candidateDeterminationStrategy (allowed values: SameRegion, MinimalDistance). The default is now SameRegion, matching the documented scheduler default; previously the strategy was hardcoded to MinimalDistance. Operators relying on the previous behavior must explicitly set the field to MinimalDistance. by @​marc1404 [#14963]
• [OPERATOR] The GA-ed and always enabled UseUnifiedHTTPProxyPort feature gate is removed. If you have references to this feature gate, clean them up before upgrading to this version of Gardener. by @​hammadzf [#14999]
• [USER] The GA-ed and unconditionally enabled InPlaceOrRecreate VPA feature gate is removed. It must be removed from Shoot/Seed/Garden manifests. by @​gardener-ci-robot [#14936]
• [DEVELOPER] The local development setup on macOS contains changes which affect the order of DNS resolvers in /etc/resolver/local.gardener.cloud file. In order to regenerate the /etc/resolver/local.gardener.cloud file you can either remove it, or manually re-order the DNS resolvers. by @​dnaeon [#14998]

📰 Noteworthy

• [OPERATOR] gardenlet migration code was removed that cleaned up ShootStates that were wrongfully created. by @​tobschli [#14981]
• [OPERATOR] gardenlet migration code was removed that converted the secret data to a new format, which was introduced with #14268. by @​tobschli [#14981]

✨ New Features

• [OPERATOR] Gardener can now support clusters with Kubernetes version 1.36. To allow creation/update of 1.36 clusters you will have to update the version of your provider extension(s) to a version that supports 1.36 as well. Please consult the respective releases and notes in the provider extension's repository. by @​ary1992 [#14924]
• [OPERATOR] The pvc-autoscaler can be deployed as a Seed cluster component. Operators can configure it by setting the .spec.settings.persistentVolumeClaimAutoscaler.enabled field to true in the Seed spec. The field is defaulted to false until further integrations with the observability stack. by @​RadaBDimitrova [#14991]
• [OPERATOR] Add logic to restart the OpenTelemetry Collector systemd service when it enters a degraded state due to resource leaks. by @​iypetrov [#14928]
• [DEVELOPER] Gardener can now support clusters with Kubernetes version 1.36. Extension developers have to prepare individual extensions as well to work with 1.36. by @​ary1992 [#14924]

🐛 Bug Fixes

• [OPERATOR] A bug has been fixed that prevented Gardenlet from reconciling shoots without an external cluster domain. by @​Wieneo [#14521]
• [OPERATOR] Fix a recent regression and two long-standing bugs in the Prometheus recording rules related to metering: a load regression in garden Prometheus caused by an added metadata label, metering accumulation resets across short outages, and inflated averages for short-lived shoots. by @​istvanballok [#14982]
• [DEVELOPER] The hack/usage/generate-kubeconfig.sh script is now fixed to no longer fail when invoked without arguments — it now correctly defaults to the shoot subcommand. by @​DobromirNPeev [#14990]
• [DEVELOPER] Update hack/usage/wait-for.sh to handle empty arrays gracefully in older Bash versions, preventing an unbound variable error. by @​iypetrov [#14973]

🏃 Others

• [OPERATOR] Align customverbauthorizer subject handling with RBAC subject types. by @​vpnachev [#15081]
• [OPERATOR] The blackbox exporter in the runtime cluster is granted access to private networks. This is only relevant for the local setup, where the istio ingresses are deployed in a docker container listening on private IPs. by @​vicwicker [#14962]
• [OPERATOR] A new helper script hack/rebootstrap-gardenlet.sh has been added to the Gardener repository that helps operators to manually re-bootstrap a gardenlet whose Kubeconfig (client certificate) has experired. More information can be found in here. by @​timuthy [#14805]
• [OPERATOR] EXPERIMENTAL_DISABLE_KUBERNETES_VERSION_CHECK flag logs check results but ignores errors. It also disables version check in the seed reconciler. by @​matthias-horne [#14989]
• [DEVELOPER] The vendored opentelemetry-operator API types under third_party/open-telemetry/opentelemetry-operator are now removed in favor of the newly introduced github.com/open-telemetry/opentelemetry-operator/apis sub-module. This decouples Gardener's sigs.k8s.io/controller-runtime version from the one used by opentelemetry-operator. by @​iypetrov [#14944]
• [DEVELOPER] The local docker registry is configured as insecure in remote local setup. by @​vicwicker [#15037]
• [DEPENDENCY] The following dependencies have been updated:
  • registry.k8s.io/autoscaling/vpa-admission-controller from 1.6.0 to 1.7.0.
  • registry.k8s.io/autoscaling/vpa-recommender from 1.6.0 to 1.7.0.
  • registry.k8s.io/autoscaling/vpa-updater from 1.6.0 to 1.7.0. by @​gardener-ci-robot [#14936]
• [DEPENDENCY] The following dependencies have been updated:
  • gcr.io/istio-release/pilot from 1.29.3 to 1.29.4.
  • gcr.io/istio-release/proxyv2 from 1.29.3 to 1.29.4.
  • istio.io/api from v1.29.3 to v1.29.4. by @​gardener-ci-robot [#14980]
• [DEPENDENCY] The following dependencies have been updated:
  • registry.k8s.io/kube-state-metrics/kube-state-metrics from v2.19.0 to v2.19.1. by @​gardener-ci-robot [#15036]
• [DEPENDENCY] The following dependencies have been updated:
  • credativ/vali from v2.2.33 to v2.2.34. Release Notes by @​gardener-ci-robot [#15034]
• [DEPENDENCY] The following dependencies have been updated:
  • gardener/gardener-discovery-server from v0.11.0 to v0.12.0. Release Notes by @​gardener-ci-robot [#15055]
• [DEPENDENCY] The following dependencies have been updated:
  • gardener/autoscaler from v1.35.0 to v1.35.1. Release Notes by @​gardener-ci-robot [#15057]
• [DEPENDENCY] The following dependencies have been updated:
  • envoyproxy/envoy from distroless-v1.38.0 to v1.38.1. Release Notes

... (truncated)

Commits

• 1cccf45 release v1.145.0
• bd2b209 [release-v1.145] Align customverbauthorizer subject handling with RBAC subj...
• 077a07c Update dependency gardener/autoscaler to v1.35.1 (#15057)
• 44fe204 Update dependency gardener/autoscaler to v1.34.3 (#15056)
• 4c5f42f Update gardener-discovery-server to v0.12.0 (#15055)
• 3cf87f0 [GEP-38] Introduce pvc-autoscaler for Seed clusters (#14991)
• 52dd8f7 Update dependency credativ/vali to v2.2.34 (#15034)
• a94e4a1 Update module github.com/onsi/gomega to v1.42.0 (#15050)
• 0e73687 remote-setup: Fix field name in the Garden resource (#15044)
• f3249de Update dependency kubernetes/kubernetes to v1.36.2 (#15038)
• Additional commits viewable in compare view

[gardener-prow]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign iypetrov for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment