Bump github.com/gardener/gardener from 1.113.0 to 1.114.0

[dependabot]

Bumps github.com/gardener/gardener from 1.113.0 to 1.114.0.

Release notes

Sourced from github.com/gardener/gardener's releases.

v1.114.0

[gardener/gardener]

⚠️ Breaking Changes

• [OPERATOR] The injection of a garden cluster kubeconfig into extension deployments running in the seed cluster does NO LONGER happen automatically. If you need it, make sure to set .injectGardenKubeconfig=true in your ControllerDeployment resources before you upgrade your gardenlets to this version. by @​rfranzke #11607
• [OPERATOR] ⚠️ Gardener does no longer support garden, seed, or shoot clusters with Kubernetes versions <= 1.26. Make sure to upgrade all existing clusters before upgrading to this Gardener version. by @​shafeeqes #10664
• [USER] The .spec.kubernetes.enableStaticTokenKubeconfig field in the Shoot API is deprecated and will be removed in Gardener v1.120. Please adapt your Shoot manifests accordingly. by @​shafeeqes #10664
• [USER] The .spec.kubernetes.kubeControllerManager.podEvictionTimeout field in the Shoot API is deprecated since Gardener v1.63 and will be removed in Gardener v1.120. Please adapt your Shoot manifests accordingly. by @​shafeeqes #10664
• [USER] A deny-all network policy is now deployed in the kube-system namespaces of Shoots with Kubernetes version >= v1.33. by @​AleksandarSavchev #11502

📰 Noteworthy

• [DEVELOPER] The SeedNamePredicate function in the pkg/controllerutils/predicate pkg is now dropped. by @​shafeeqes #11449
• [DEVELOPER] A new convenience tool extension-generator was added to generate Extension example manifests. Gardener extensions can execute this script in the scope of the build process to always check in and provide an up-to-date example in their repositories. by @​timuthy #11329
• [USER] All Seeds are now automatically labeled with name.seed.gardener.cloud/<name>=true (⚠ no longer seed.gardener.cloud/<name>=true) where <name> is their own name, and (if applicable) the name of their parent seed in case they are managed seeds. This label can be used as selector for requests. by @​rfranzke #11479
• [OPERATOR] Removed reversed-vpn-auth-server deployment as it was unused. See gardener/gardener#11214 by @​Wieneo #11338

✨ New Features

• [OPERATOR] Layer 7 load balancing for virtual-garden- and shoot-kube-apiservers can be activated via IstioTLSTermination feature gate in gardener-operator and gardenlet by @​oliver-goetz #11085
• [OPERATOR] Enhanced the Shoot and Garden APIs to configured minAllowed VPA values for etcds and kube-apiserver. See shoot example or garden example for more information. by @​timuthy #11252
• [OPERATOR] gardener-operator now waits for required Extensions to get ready early in the reconcile flow. It addresses use-cases where extensions run mutating webhooks in the garden runtime cluster that must be present when Garden components are deployed. by @​timuthy #11523
• [USER] When the scheduler succeeds to assign a Seed to a Shoot, its .status.lastOperation is set to nil (in case it was set to Create Pending). by @​rfranzke #11484

🐛 Bug Fixes

• [OPERATOR] To be compatible with containerd 2.0, calls to the ctr binary now have flags before arguments when pulling images from a registry during node bootstrap. by @​MrBatschner #11507
• [OPERATOR] Fixed a bug where the destination gardenlet acted on shoots in control plane migration too early. by @​timebertt #11521
• [OPERATOR] An issue was fixed that caused a deployment error when a Gardenlet resource referred to a remote cluster (spec.kubeconfigSecretRef defined). by @​timuthy #11580
• [DEVELOPER] local setup: An issue causing the machine-controller-manager-provider-local image not to be updated in the local setup when the images are cached is now fixed. by @​ialidzhikov #11472
• [DEVELOPER] SSH tunnel for local development with remote seed no longer fails with slow DNS. by @​matthias-horne #11538

🏃 Others

• [DEVELOPER] machinecontrollermanager, fluentoperator and extension components now use the CRDDeployer to deploy CRDs. by @​tobschli #11128
• [OPERATOR] The logging stack is now updated with the latest released components. by @​nickytd #11475
• [OPERATOR] Include VPA dashboards in plutono running within a Garden cluster with enabled VPA configuration. by @​vitanovs #11391
• [OPERATOR] Increase timeout used for waiting for CRD readiness to 2 minutes by @​ScheererJ #11503
• [OPERATOR] Update prometheus label of vpa-admission-controller and vpa-recommender ServiceMonitors from seed to garden when deployed by the garden-operator. With this change, the Garden cluster Prometheus will match the ServiceMonitors and start collecting metrics from the configured services. by @​vitanovs #11318
• [OPERATOR] API Server Request Rates Per Verb And Resource supports selection per Pod by @​hendrikKahl #11501
• [DEPENDENCY] The following dependencies have been updated:
  • quay.io/kiwigrid/k8s-sidecar from 1.30.0 to 1.30.1. by @​gardener-ci-robot #11476
• [DEPENDENCY] The following dependencies have been updated:
  • gardener/gardener-metrics-exporter from 0.35.0 to 0.36.0. Release Notes by @​gardener-ci-robot #11543
• [DEPENDENCY] The following dependencies have been updated:
  • quay.io/prometheus/node-exporter from v1.8.2 to v1.9.0. by @​gardener-ci-robot #11408
• [DEPENDENCY] The following dependencies have been updated:
  • quay.io/cortexproject/cortex from v1.18.1 to v1.19.0. by @​gardener-ci-robot #11542
• [DEPENDENCY] The following dependencies have been updated:
  • gardener/gardener-metrics-exporter from 0.34.0 to 0.35.0. Release Notes by @​gardener-ci-robot #11541

Helm Charts

• controlplane: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.114.0

... (truncated)

Commits

• cc87fd1 Release v1.114.0
• 106e549 Add missing g. to Expects in ControllerInstallation integration test (#...
• 547f9a9 [release-v1.114] Fixes restoration of multi-node etcds during control plane m...
• 604a4ac [release-v1.114] Make garden access for extensions an explicit opt-in feature...
• 3ec2d77 fix apiserver-proxy connectivity when using L7 loadbalancing and the "RemoveA...
• 6036529 [operator] Wait for required Extensions (#11523)
• 0f728f8 Cleanup integration tests (#11581)
• b404463 Fix Gardenlet Reconciliation (#11580)
• eec3389 Automerge patch and k8s.io/utils updates (#11566)
• a703709 Align CRD deployment to use the CRDDeployer (#11128)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[gardener-robot]

@dependabot[bot] Thank you for your contribution.

[gardener-robot-ci-3]

Thank you @dependabot[bot] for your contribution. Before I can start building your PR, a member of the organization must set the required label(s) {'reviewed/ok-to-test'}. Once started, you can check the build status in the PR checks section below.

[dependabot]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.