Update dependencies (minor)

[gardener-ci-robot]

This PR contains the following updates:

Package	Type	Update	Change
github.com/gardener/gardener	require	minor	v1.94.1 -> v1.95.1
github.com/onsi/ginkgo/v2	require	minor	v2.17.3 -> v2.18.0

---

Release Notes

gardener/gardener (github.com/gardener/gardener)

v1.95.1

Compare Source

[gardener/gardener]

🏃 Others

• [OPERATOR] gardenlet: An issue causing the blackbox-exporter Deployment to be created and to be unhealthy in the Shoot control plane for Shoots with .spec.purpose=testing is now fixed. by @​ialidzhikov [#​9798]

Docker Images

• admission-controller: europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.95.1
• apiserver: europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.95.1
• controller-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.95.1
• gardenlet: europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.95.1
• node-agent: europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.95.1
• operator: europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.95.1
• resource-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.95.1
• scheduler: europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.95.1

v1.95.0

Compare Source

[gardener/gardener]

⚠️ Breaking Changes

• [OPERATOR] The .monitoring.shoot.remoteWrite.queueConfig field is no longer available in the gardenlet component configuration. If needed, you have to register a webhook for the monitoring.coreos.com/v1.Prometheus object named shoot in the shoot namespaces. The webhook can inject the needed configuration in .spec.remoteWrite[0].queueConfig. by @​rfranzke [#​9695]

📰 Noteworthy

• [DEVELOPER] The extensions.gardener.cloud/v1alpha1.Worker resource now has a new .spec.pools[].userDataSecretRef field which references a Secret containing the actual user data. the .spec.pools[].userData field is deprecated and will be removed in a future version. Worker extensions should fetch the user data from the secret and can use the extensions/pkg/controller/worker.FetchUserData helper function for it. by @​rfranzke [#​9722]
• [DEVELOPER] The legacy method for extensions to provide observability configuration for shoot clusters (via ConfigMaps labelled with extensions.gardener.cloud/configuration=monitoring) is deprecated and will be removed in a future release. Please refer to this document to get information about the new, recommended way, and start migrating to it. by @​rfranzke [#​9695]

✨ New Features

• [OPERATOR] Gardener can now support clusters with Kubernetes version 1.30. To allow creation/update of 1.30 clusters you will have to update the version of your provider extension(s) to a version that supports 1.30 as well. Please consult the respective releases and notes in the provider extension's repository. by @​shafeeqes [#​9689]
• [OPERATOR] A new feature gate named VPAAndHPAForAPIServer is introduced to gardenlet. When enabled, the Shoot Kubernetes API Server is scaled simultaneously by VPA and HPA on the same metric (CPU and memory usage). The new feature aims to replace the existing HVPA autoscaling mechanism for the Shoot Kubernetes API server. by @​ialidzhikov [#​9678]
• [USER] It is now possible to configure Projects with the "four-👀 approval concept for deletion" concept. For now, this can only be applied to Shoots. If configured, the user confirming a Shoot deletion (via the confirmation.gardener.cloud/deletion annotation) must not be the same user who is sending the DELETE request. This can help preventing accidental/unintentional Shoot deletion. Find all information about the feature in this document. by @​rfranzke [#​9680]
• [DEVELOPER] Gardener can now support clusters with Kubernetes version 1.30. Extension developers have to prepare individual extensions as well to work with 1.30. by @​shafeeqes [#​9689]

🐛 Bug Fixes

• [OPERATOR] A bug has been fixed which caused regeneration of managedresource-shoot-core-system-* Secrets on each Shoot reconciliation. by @​rfranzke [#​9718]
• [USER] A bug has has been fixed which caused unneeded gardener-node-agent reconciliations after each Shoot reconciliation even if the underlying OperatingSystemConfig did not contain relevant changes. by @​rfranzke [#​9723]

🏃 Others

• [OPERATOR] e2e-kind tests can now run successfully in an IPv4-only environment by @​ScheererJ [#​9693]
• [OPERATOR] Validation of DNSRecords: allow domain names starting with an underscore "_" by @​MartinWeindel [#​9714]
• [OPERATOR] The istio ingress gateway access log now includes the connections initiated via apiserver-proxy, i.e. cluster-internal communication via kubernetes.default.svc.cluster.local. by @​ScheererJ [#​9686]
• [OPERATOR] Replaced HVPA for the vali StatefulSet with VPA. Additionally, the curator kube-rbac-proxy and telegraf containers of the vali StatefulSet now specify CPU resource requests of 5m each. by @​plkokanov [#​9611]
• [OPERATOR] Updated MCM metrics list used to configure prometheus by @​rishabh-11 [#​9684]
• [OPERATOR] The kube-controller-manager component is now scaled by VPA, instead of HVPA. by @​andrerun [#​9698]
• [OPERATOR] Modified the CPU and memory resource requests for the plutono container to 5m and 45Mi, respectively. Additionally, reduced the vali container CPU resource requests to 20m. by @​plkokanov [#​9754]

Docker Images

• admission-controller: europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.95.0
• apiserver: europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.95.0
• controller-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.95.0
• gardenlet: europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.95.0
• node-agent: europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.95.0
• operator: europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.95.0
• resource-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.95.0
• scheduler: europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.95.0

v1.94.2

Compare Source

[gardener/gardener]

🐛 Bug Fixes

• [USER] A bug has has been fixed which caused unneeded gardener-node-agent reconciliations after each Shoot reconciliation even if the underlying OperatingSystemConfig did not contain relevant changes. by @​rfranzke [#​9731]

Docker Images

• admission-controller: europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.94.2
• apiserver: europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.94.2
• controller-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.94.2
• gardenlet: europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.94.2
• node-agent: europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.94.2
• operator: europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.94.2
• resource-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.94.2
• scheduler: europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.94.2

onsi/ginkgo (github.com/onsi/ginkgo/v2)

v2.18.0

Compare Source

2.18.0

Features

• Add --slience-skips and --force-newlines [f010b65]
• fail when no tests were run and --fail-on-empty was set [d80eebe]

Fixes

• Fix table entry context edge case [42013d6]

Maintenance

• Bump golang.org/x/tools from 0.20.0 to 0.21.0 (#​1406) [fcf1fd7]
• Bump github.com/onsi/gomega from 1.33.0 to 1.33.1 (#​1399) [8bb14fd]
• Bump golang.org/x/net from 0.24.0 to 0.25.0 (#​1407) [04bfad7]

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Renovate Bot.

[gardener-robot]

@gardener-ci-robot Thank you for your contribution.