[github.com/gardener/gardenctl-v2:v2.13.0] ✨ New Features

• [USER] ssh: Bastion ingress addresses and hostnames are now validated to prevent invalid IP addresses and non-DNS-compliant hostnames. by @petersutter [#678]
• [USER] Added sanity checks for user-provided and shoot node SSH keys by @petersutter [#674]
• [USER] The gardenctl ssh command now accepts a --shell flag to specify the shell used for escaping arguments when printing SSH commands. If not provided, it falls back to the GCTL_SHELL environment variable or defaults to bash. To set GCTL_SHELL automatically, source the gardenctl startup script in your shell profile (e.g., add source <(gardenctl rc bash) to ~/.bashrc), or use the --shell flag to avoid escaping issues. by @petersutter [#690]
• [USER] provider-env: Added workload identity support for provider environments on AWS, Azure, and GCP. Use the --workload-identity-token-expiration flag to control token validity duration (default: 1h). by @petersutter [#659]