Bump sigs.k8s.io/controller-runtime from 0.17.3 to 0.18.1

[dependabot[bot]]

Bumps sigs.k8s.io/controller-runtime from 0.17.3 to 0.18.1.

Release notes

Sourced from sigs.k8s.io/controller-runtime's releases.

v0.18.1

What's Changed

• [release-0.18] :bug: Cache: Fix label defaulting of byObject when namespaces are configured by @​k8s-infra-cherrypick-robot in kubernetes-sigs/controller-runtime#2808
• [release-0.18] 🐛 correct kind source type by @​k8s-infra-cherrypick-robot in kubernetes-sigs/controller-runtime#2809

Full Changelog: https://github.com/kubernetes-sigs/controller-runtime/compare/v0.18.0...v0.18.1

v0.18.0

:warning: Breaking Changes

• Bump to k8s.io/* v1.30 (#2693 #2754 #2765 #2776 #2786)
• Remove deprecated v1alpha1.ControllerManagerConfiguration (#2648)
• admission.Decoder is now an interface (#2736)
• Source, Event, Predicate, Handler: Add generics support (#2783 #2796)
• client: Fix SubResourceCreateOptions signature in subresource client (#2766)

:sparkles: New Features

• cache: Add TransformStripManagedFields transform func (#2791)
• client: Add client.WithFieldOwner to configure client-wide FieldManager (#2771 #2777)
• controller: Add NewQueue option (#2767)
• manager: Export HTTP server runnable implementation (#2473)
• metrics/server: Add ListenConfig option (#2519)

:bug: Bug Fixes

• builder/webhook: Return error if For() is used multiple times (#2740)
• cache: Keep selectors when byObject.Namespaces is defaulted (#2747)
• cache: Prevent race when informers are started more than once (#2758)
• fake client: Allow fakeclient to patch CR with no resourceVersion (#2725)
• fake client: Do not consider an apply patch to be a strategic merge patch (#2679)
• manager: Prevent leader election when shutting down a non-elected manager (#2724)
• manager: Runnable group should check if stopped before enqueueing (#2757)
• restmapper: Clean restmapper cache if a version is notFound (#2663)
• restmapper: Fix cache invalidation (#2687)

:seedling: Others

• ci: Add OSSF scorecard action (#2714)
• ci: Improve github actions dependencies versions and permissions (#2715)
• ci: Pin checkout action in golangci-lint action, bump checkout action, use consistent tag format (#2729)
• ci: Update golangci-lint to v1.57.2 (#2708 #2751)
• ci: Update scorecard github action (#2728)
• ci: Use go-install for versioned dependencies (#2710)
• envtest: WaitForDefaultNamespace while starting up envtest (#2668)
• owners: Cleanup owners files (#2730)
• owners: Remove outdated testing framework approvers (#2709)
• predicate: Compare labels and annotations using maps.Equal (#2705)

... (truncated)

Commits

• cd2885e Merge pull request #2809 from k8s-infra-cherrypick-robot/cherry-pick-2806-to-...
• 06acde3 🐛 correct kind source type
• d6feaae Merge pull request #2808 from k8s-infra-cherrypick-robot/cherry-pick-2805-to-...
• 87cae4c bug: Cache: Fix label defaulting of byObject when namespaces are configured
• ed81fa6 Merge pull request #2796 from alvaroaleman/mark
• b35cd6b :book: Mark Typed Handlers as experimental
• b74908f Merge pull request #2793 from kubernetes-sigs/dependabot/github_actions/actio...
• a9db208 Merge pull request #2794 from kubernetes-sigs/dependabot/github_actions/actio...
• 757ae66 :seedling: Bump actions/upload-artifact from 4.3.1 to 4.3.3
• 18ae9e0 :seedling: Bump actions/checkout from 4.1.2 to 4.1.3
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)