Workload cluster release azure-29.4.0 for CAPZ

Changes compared to v29.3.0

Components

• cluster-azure from v1.4.0 to v1.5.0
• Kubernetes from v1.29.10 to v1.29.12

cluster-azure v1.4.0…v1.5.0

Changed

• Chart: Update cluster to v1.7.0.
  • Add teleport-init systemd unit to handle initial token setup before teleport service starts
  • Improve teleport service reliability by adding proper file and service dependencies and pre-start checks

Apps

• cert-manager from v3.8.1 to v3.8.2
• coredns from v1.22.0 to v1.23.0
• observability-bundle from v1.8.0 to v1.9.0

cert-manager v3.8.1…v3.8.2

Changed

• Changed ownership to team Shield

Removed

• Get rid of label giantswarm.io/monitoring_basic_sli as this slo generation label is not used anymore.

coredns v1.22.0…v1.23.0

Changed

• Update coredns image to 1.11.4.
• Explicitly expose liveness and readiness probe ports in deployments.

Removed

• Remove PodSecurityPolicy and associated Resources and values.

observability-bundle v1.8.0…v1.9.0

Added

• Add alloy v0.7.0 as alloyEvents.

Changed

• Upgrade alloy-logs and alloy-metrics to chart 0.7.0.
  • Bumps alloy from 1.4.2 to 1.5.0
• upgrade kube-prometheus-stack from 65.1.1 to 66.2.1
  • prometheus-operator CRDs from 0.75.0 to 0.78.1
  • prometheus-operator from 0.77.1 to 0.78.1
  • prometheus from 2.54.1 to 2.55.1
  • kube-state-metrics from 2.13.0 to 2.14.0
  • grafana from 8.5.0 to 8.6.0