Policy Controller has been updated to include a more recent build of OPA Gatekeeper (hash

## Announcement Policy Controller has been updated to include a more recent build of OPA Gatekeeper (hash: [3e66ee2](https://github.com/open-policy-agent/gatekeeper/tree/3e66ee2)). ## Feature The constraint template library includes a new template: `K8sAvoidUseOfSystemMastersGroup`. For reference, see the [Constraint template library](https://cloud.google.com/anthos-config-management/docs/latest/reference/constraint-template-library). ## Feature The constraint template library includes a new template: `K8sPSPWindowsHostProcess`. For reference, see the [Constraint template library](https://cloud.google.com/anthos-config-management/docs/latest/reference/constraint-template-library). ## Change Policy Controller bundles have been updated to the following versions: `asm-policy-v0.0.1`: `202309.0`, `cis-k8s-v1.5.1`: `202309.0`, `cost-reliability-v2023`: `202309.0`, `nist-sp-800-190`: `202309.0`, `nist-sp-800-53-r5`: `202309.0`, `nsa-cisa-k8s-v1.2`: `202309.0`, `pci-dss-v3.2.1`: `202309.0`, `policy-essentials-v2022`: `202309.0`, `psp-v2022`: `202309.0`, `pss-baseline-v2022`: `202309.0`, `pss-restricted-v2022`: `202309.0`. For reference, see [Policy Controller bundles overview](https://cloud.google.com/anthos-config-management/docs/concepts/policy-controller-bundles). ## Change Updated the Open Telemetry image from 0.54.0 to 0.86.0 to address security vulnerabilities. `otelcontribcol:v0.86.0` contains breaking changes. For more information about these changes, see the full changelog for [opentelemetry-collector-contrib](https://github.com/open-telemetry/opentelemetry-collector-contrib/blob/main/CHANGELOG.md). ## Fix Fixed a recurring transient error in the RootSync and RepoSync API. Transient errors are retried internally and surfaced to RootSync and RepoSync if failed eventually.