Add annotations for service monitor and Deployment

[omerap12]

Issue

#3694

Description

Add conditionally annotations to Kubernetes resources based on whether service monitoring is enabled or pod annotations are provided. If service monitoring is enabled, it adds Prometheus scrape annotations. If pod annotations are specified, they are included as well.

For this values.yaml snippet:

serviceMonitor:
  # Specifies whether a service monitor should be created
  enabled: true
  # Namespace to create the service monitor in
  namespace:
  # Labels to add to the service monitor
  additionalLabels: {}
  # Prometheus scrape interval
  interval: 1m
  # Prometheus scrape timeout
  scrapeTimeout:
  # Relabelings to apply to samples before ingestion
  relabelings:
  # Metric relabelings to apply to samples before ingestion
  metricRelabelings:

We get:

# Source: aws-load-balancer-controller/templates/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: release-name-aws-load-balancer-controller
  namespace: default
  labels:
    helm.sh/chart: aws-load-balancer-controller-1.7.1
    app.kubernetes.io/name: aws-load-balancer-controller
    app.kubernetes.io/instance: release-name
    app.kubernetes.io/version: "v2.7.0"
    app.kubernetes.io/managed-by: Helm
spec:
  replicas: 2
  revisionHistoryLimit: 10
  selector:
    matchLabels:
      app.kubernetes.io/name: aws-load-balancer-controller
      app.kubernetes.io/instance: release-name
  template:
    metadata:
      labels:
        app.kubernetes.io/name: aws-load-balancer-controller
        app.kubernetes.io/instance: release-name
      annotations:
        prometheus.io/scrape: "true"
        prometheus.io/port: "8080"
    spec:
      serviceAccountName: release-name-aws-load-balancer-controller
      volumes:
      - name: cert
        secret:
          defaultMode: 420
          secretName: aws-load-balancer-tls
      securityContext:
        fsGroup: 65534
      containers:
      - name: aws-load-balancer-controller
        args:
        - --cluster-name=omer
        - --ingress-class=alb
        securityContext:
          allowPrivilegeEscalation: false
          readOnlyRootFilesystem: true
          runAsNonRoot: true
        image: "public.ecr.aws/eks/aws-load-balancer-controller:v2.7.0"
        imagePullPolicy: IfNotPresent
        volumeMounts:
        - mountPath: /tmp/k8s-webhook-server/serving-certs
          name: cert
          readOnly: true
        ports:
        - name: webhook-server
          containerPort: 9443
          protocol: TCP
        - name: metrics-server
          containerPort: 8080
          protocol: TCP
        resources:
          {}
        livenessProbe:
          failureThreshold: 2
          httpGet:
            path: /healthz
            port: 61779
            scheme: HTTP
          initialDelaySeconds: 30
          timeoutSeconds: 10
        readinessProbe:
          failureThreshold: 2
          httpGet:
            path: /readyz
            port: 61779
            scheme: HTTP
          initialDelaySeconds: 10
          successThreshold: 1
          timeoutSeconds: 10
      terminationGracePeriodSeconds: 10
      affinity:
        podAntiAffinity:
          preferredDuringSchedulingIgnoredDuringExecution:
          - weight: 100
            podAffinityTerm:
              labelSelector:
                matchExpressions:
                - key: app.kubernetes.io/name
                  operator: In
                  values:
                  - aws-load-balancer-controller
              topologyKey: kubernetes.io/hostname
      priorityClassName: "system-cluster-critical"
---

Checklist

• Added tests that cover your change (if possible)
• Added/modified documentation as required (such as the README.md, or the docs directory)
• Manually tested
• Made sure the title of the PR is a good description that can go into the release notes

BONUS POINTS checklist: complete for good vibes and maybe prizes?! 🤯

• Backfilled missing tests for code in same general area 🎉
• Refactored something and made the world a better place 🌟

[k8s-ci-robot]

Hi @omerap12. Thanks for your PR.

I'm waiting for a kubernetes-sigs member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: omerap12
Once this PR has been reviewed and has the lgtm label, please assign johngmyers for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment