chore(deps): Update dependencies

[reneleonhardt]

What issue type does this pull request address? (keep at least one, remove the others)
/kind bugfix
/kind documentation

What does this pull request do? Which issues does it resolve? (use resolves #<issue_number> if possible)

🐞 Bug Fixes

• v0.19 references in docs

🔒 Security Fixes

• Require go 1.22.7 in go.mod (http security fixes)
• Fix several vulnerabilities in docs
• Fix a low vulnerability in grpc 1.64.0

Library	Vulnerability	Severity
@babel/traverse	CVE-2023-45133	CRITICAL
async	CVE-2021-43138	HIGH
axios	CVE-2023-45857	MEDIUM
browserslist	CVE-2021-23364
express	CVE-2024-29041
follow-redirects	CVE-2024-28849
got	CVE-2022-33987
json5	CVE-2022-46175	HIGH
minimatch	CVE-2022-3517
normalize-url	CVE-2021-33502
webpack	CVE-2024-43788	MEDIUM
webpack-dev-middleware	CVE-2024-29180	HIGH

📦👷📝🧑‍💻 Chores

• Update Go dependencies
• Update k8s versions (0.30.2 to 0.30.4, 0.29.6 to 0.29.8, 0.28.11 to 0.28.13, 0.27.15 to 0.27.16)
• Update etcd versions to 3.5.15-0 for k8s 0.30.4 (security fix), 3.5.12-0 for older k8s versions
• Added missing CoreDNS versions copied from k8s (or would bug fixes be allowed?)
• Update Dockerfiles (go 1.23, helm 3.15)
• Update docs dependencies
• Update GitHub Actions (kind, helm, syft, cosign, nodejs)
• Update devcontainer dependencies
• Let Dependabot update weekly, include docs and devcontainer
• Use semver in Dockerfiles to rebuild when source or target images have been updated

Please provide a short message that should be published in the vcluster release notes
chore(deps): Update dependencies

What else do we need to know?

• I didn't squash all commits yet, maybe it's easier to follow my update path that way, you can squash them of course 😅
• I didn't know if you would allow to update go to 1.23, so I only build images with it. If this is accepted I can update go.mod and CI afterwards.
• My general intention was to prepare the code base for adding k8s 1.31 as soon as k3s and k0s are available 🚀

[netlify]

✅ Deploy Preview for vcluster-docs canceled.

Built without sensitive environment variables

Name	Link
🔨 Latest commit	38252f6
🔍 Latest deploy log	https://app.netlify.com/sites/vcluster-docs/deploys/66dc74f8492a6300089946f7

[FabianKramm]

@reneleonhardt thanks for creating the PR and sorry for the delay! Thats a lot of changes we need to review, so it'll take a little longer, but hopefully I find some time this week

[reneleonhardt]

No problem, the last 2 weeks brought a dozen more updates, I integrated them in separate commits.
Can you run the pipelines to check if any tests fail?
It's not easy to do locally, and PR pipelines are not really running when I push... it would be very helpful if you would provide a small smoke test script in this repo, i.e. building a docker image and running e2e against it.

If you can, please update outdated dependencies in your api as well, i.e. k8s.io/utils, it would make maintaining apps much easier if own dependencies don't bring old transient versions with them.

Keep in mind to upgrade controller-runtime at the same time you upgrade to k8s 1.31, it brings breaking changes.

[FabianKramm]

@reneleonhardt thanks for updating the PR, really appreciate it! Seems like tests are failing, would be great if you could take a look at the problems