build(deps): bump github.com/open-policy-agent/gatekeeper/v3 from 3.19.2 to 3.20.0

[dependabot]

Bumps github.com/open-policy-agent/gatekeeper/v3 from 3.19.2 to 3.20.0.

Release notes

Sourced from github.com/open-policy-agent/gatekeeper/v3's releases.

v3.20.0

Notable Changes

• 💾 A new driver to export violations on disk.
• 🎓 VAP integration is beta and enabled by default, hence VAP/VAPB resources will be generated by default for CT/C with K8sNativeValidation engine with CEL code.
• 🔗 A new Connection CRD replaced ConfigMap in order to establish connections with export backends.

Features

• mapping dryrun to audit in vapb (#3915) #3915 (Jaydip Gabani)
• adding driver to export to disk (#3832) #3832 (Jaydip Gabani)
• Graduating VAP generation to beta (#3995) #3995 (Jaydip Gabani)
• Export Connection CR (#3999) #3999 (Noah Reisch)

Bug Fixes

• removing readinessprobe for webhook at start of the pod (open-policy-agent/gatekeeper#4059) (open-policy-agent/gatekeeper#4065) open-policy-agent/gatekeeper#4065 (Jaydip Gabani)
• only enabling CEL driver with flag value (#3900) #3900 (Jaydip Gabani)
• error on deleting GK resources when delete operation is enabled (#3921) #3921 (Jaydip Gabani)
• scope of webhook configurations (#3676) #3676 (plavy)
• making sure latest CT version is updated in CT controller to avoid writing errors (#3983) #3983 (Jaydip Gabani)
• add RBAC for finalizers when running with OwnerReferencesPermissionEnforcement admission plugin (#3961) #3961 (Jaydip Gabani)
• unreliable webhook behaviour on gatekeeper pod startup and shutdown (#3780) #3780 (Benjamin Ritter)
• removing connection from map before closing it to avoid locking on latest connection update (#3946) #3946 (Jaydip Gabani)
• making sure VAPB is only deleted for constraints if it was enabled (#4034) #4034 (Jaydip Gabani)
• disk export path to handle dir deletes (#4021) #4021 (Noah Reisch)

Documentation

• adding opa v1 docs and tests (#3908) #3908 (Jaydip Gabani)
• adding available variables and updating faq (#3927) #3927 (Jaydip Gabani)
• Add Flags Reference (#3782) #3782 (Ian Stanton)

Continuous Integration

• bumping k8s version in testing and crd.Dockerfile (#3925) #3925 (Jaydip Gabani)
• release checklist (#3990) #3990 (Sertaç Özercan)

Chores

• Prepare v3.20.0 release (#4067) #4067 (github-actions[bot])
• bump golang from 75e6700 to 00eccd4 in /test/externaldata/dummy-provider (#3914) #3914 (dependabot[bot])
• bump golang from 75e6700 to 00eccd4 in /test/image (#3913) #3913 (dependabot[bot])
• bump the all group with 2 updates (#3912) #3912 (dependabot[bot])
• bump golang from 75e6700 to 00eccd4 (#3911) #3911 (dependabot[bot])
• bump golang from 75e6700 to 00eccd4 in /build/tooling (#3910) #3910 (dependabot[bot])
• Add pods/resize subresource to mutating and validating webhooks (#3778) #3778 (Ian Stanton)
• bump golang.org/x/net from 0.37.0 to 0.38.0 (#3920) #3920 (dependabot[bot])
• bump codecov/codecov-action from 5.4.0 to 5.4.2 in the all group (#3924) #3924 (dependabot[bot])
• bump http-proxy-middleware from 2.0.7 to 2.0.9 in /website (#3922) #3922 (dependabot[bot])
• adding helm variable for mutating subresources (#3916) #3916 (Jaydip Gabani)
• Patch docs for 3.19.1 release (#3937) #3937 (github-actions[bot])
• Patch docs for 3.18.3 release (#3938) #3938 (github-actions[bot])
• bump the all group with 2 updates (#3940) #3940 (dependabot[bot])
• bump the k8s group with 5 updates (#3939) #3939 (dependabot[bot])
• removing gator test alpha note from gator test --help (#3943) #3943 (Martin Alexander)

... (truncated)

Commits

• f42e229 chore: Prepare v3.20.0 release (#4067)
• 96a4db0 fix: removing readinessprobe for webhook at start of the pod (#4059) (#4065)
• 7833120 chore: Prepare v3.20.0-rc.0 release (#4038)
• a696953 fix: disk export path to handle dir deletes (#4021)
• f32d56e fix: making sure VAPB is only deleted for constraints if it was enabled (#4034)
• 2d0ad30 chore: bump the all group with 2 updates (#4035)
• c5caf6b chore: exposing TTL in disk driver (#4028)
• 1808073 fix: removing connection from map before closing it to avoid locking on lates...
• 99507ca chore: bumping to latest frameworks commit (#4026)
• 721733e chore: template controller manager operations (#3968)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #109.