chore(deps): update dependency azure/azure-service-operator to v2.8.0

[renovate]

This PR contains the following updates:

Package	Update	Change
Azure/azure-service-operator	minor	v2.6.0 -> v2.8.0

---

Release Notes

Azure/azure-service-operator (Azure/azure-service-operator)

v2.8.0

Compare Source

Release notes

Breaking changes

Use "never" rather than "" to prevent syncing for AZURE_SYNC_PERIOD

The documentation always said that an AZURE_SYNC_PERIOD of "" meant to use the default value (15m), but
in actuality in the code "" meant never sync. This corrects the behavior to be as documented. After this release,
the behavior is as follows:

AZURE_SYNC_PERIOD	Meaning
omitted/not set	Use default value (15m)
""	Use default value (15m)
"never"	Do not sync
If you intend to prevent ASO from periodically syncing with Azure, set AZURE_SYNC_PERIOD to "never".
For more information, see #​3965.

containerservice.azure.com ManagedCluster property .spec.properties.windowsProfile.adminPassword is now a secret reference rather than a string

The spec.properties.windowsProfile.adminPassword on ManagedCluster has been changed from a string to a
SecretReference.
We try to avoid breaking changes, but in this case, allowing raw passwords in the spec is a security
problem and as such we've decided to make a break to correct this issue.
Action required: If the containerservice.azure.com/ManagedCluster resource is used in your cluster
and the spec.properties.windowsProfile.adminPassword property is set, follow the steps in the
breaking changes document

Upcoming Breaking changes

v20230202preview ManagedCluster will be removed, due to underlying Azure API version deprecation

Other versions will continue to be supported. We recommend you move to use a different CRD version to avoid
seeing errors from Azure due to the 2023-02-02-preview API being deprecated.

New resources

• Support new API version of DocumentDB resources (#​3967)
• Support Prom Rule groups and Azure Monitor accounts (workspaces) (#​4052)
• Support for RoleDefinition resource (#​4067)
• Support new AKS preview API version 2024-04-02-preview (#​4086)

Features

• Support multiple clouds in asoctl (#​4033)
• Support to specify image pull secrets in ASOv2 helm chart (#​4116)
• Expose default primary PrivateEndpoint PrivateIpAddress (#​4107)

Improvements

• Updated numerous Golang dependencies
• Update local tests and CI tests to use az login token or managed identity, not service principal (#​4003)

Bug fixes

• Fix bug where AZURE_USER_AGENT_SUFFIX was not getting set (#​4011)
• Fix bug where AZURE_SYNC_PERIOD "" meant "never sync" when it should have meant "use the default sync period" (see also the breaking changes) (#​4049)
• Fix bug where ManagedCluster WindowsProfile password was a string (see also the breaking changes) (#​4091)
• Fix bug where asoctl wasn't case-correcting enums when it should have been (#​4109)
• Fix bug where asoctl would sometimes copy the wrong value between two properties with the same name if they were flattened, such as .type and .properties.type (#​4108)

Documentation

• Improve secret rotation documentation, based on user pattern (#​4110)

Full Changelog: Azure/azure-service-operator@v2.7.0...v2.8.0

v2.7.0

Compare Source

Release notes

Breaking changes

Metrics endpoint has changed from 8080 to 8443 and now requires HTTPS

ASO no longer depends on kube-rbac-proxy and now correctly secures the metrics endpoint by default.

These options are configured via the following options in the Helm chart:

    --set metrics.secure=true/false (default: true)
    --set metrics.address=0.0.0.0:8443 (default)

For more details about how to scrape metrics, see the metrics guide.

Secret or ConfigMap values which cannot be written now trigger a reconcile error

Previously, if ASO couldn't find the corresponding secret/configmap value, it would just skip creating it with no error. This is almost
never what users expect: if they ask for a specific ConfigMap or Secret value to be exported they expect it to actually get exported. ASO now
behaves as expected in cases where it cannot find the value to export and will set an appropriate Ready condition warning.

See #​3925 for more details.

Upcoming Breaking changes

None

New resources

• Support new MySQL API version 2023-06-30 (#​3905)
• Support new Insight/Webtest API version 2022-06-15 (#​3911)
• New resource Backup Instance for Microsoft.DataProtection (#​3736)

Features

• Expose pprof endpoint at metrics URL when setting --set metrics.profiling=true/false (default: false) (#​3833)
• Managedidentity operatorspec supports export to a secret (#​3937)
• Add asoctl template command (#​3968)

Improvements

• Updated numerous Golang dependencies
• Support exporting eventhub keys (#​3882)
• Add namespace, label, and annotation support to asoctl import (#​3884)

Bug fixes

• Fix bug where Reconciling condition would sometimes fail to overwrite AzureResourceNotFound (#​3834)
• Fix bug where documentdb capacity failures had a very hard to understand error (#​3906)
• Fix bug where user requested secrets or configmaps were not emtited in some edge cases (#​3925)
• Fix asoctl bug that could prevent imported resources from being applied because of letter case differences in responses from ARM (#​3880)
• Fix asoctl bug where attempts to list the extension resource kubernetestconfiguration/extension could abort the import (#​3853)
• Fix asoctl panic when resource types case mismatched (#​3862)

Documentation

• Add ASOv1 to ASOv2 migration guide (#​3898)
• Improve various small doc nits (#​3909)
• Add best practices documentation and update other docs (#​3938)
• Improve ownership, adoption, and FAQ documentation (#​3966)

External Contributors

• @​mayankagg9722 made their first contribution in https://github.com/Azure/azure-service-operator/pull/3736
• @​mehighlow

Full Changelog: Azure/azure-service-operator@v2.6.0...v2.7.0

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.