feat: Add support for custom pod labels, annotations, and security contexts (#777)

This commit implements support for configuring custom labels, annotations,
and security contexts for K8sGPT pods, addressing issue #776.

Changes:
- Add PodLabels field to allow custom labels for organizational tracking,
  service mesh integration, and monitoring purposes
- Add PodAnnotations field for integration with monitoring systems,
  service meshes, and other infrastructure components
- Add SecurityContext field for pod-level security configuration to
  comply with organizational security policies and Pod Security Standards
- Add ContainerSecurityContext field for container-level security
  constraints (runAsNonRoot, readOnlyRootFilesystem, capabilities, etc.)

The implementation:
- Extends the K8sGPT CRD with four new optional fields
- Updates the GetDeployment function to merge custom labels with defaults
  and apply custom annotations and security contexts to pod templates
- Regenerates CRD manifests with all new field definitions
- Provides a comprehensive example configuration demonstrating secure
  deployment with strict security policies

Benefits:
- Enables K8sGPT deployment in security-hardened environments with
  admission policies (Kyverno, OPA Gatekeeper, Pod Security Standards)
- Allows proper integration with monitoring, logging, and service mesh
  systems through custom metadata
- Supports multi-tenancy with cost allocation and resource tracking
- Maintains backward compatibility as all new fields are optional

Fixes #776

Signed-off-by: Pierluigi Lenoci <pierluigi.lenoci@gmail.com>
Co-authored-by: Alex Jones <1235925+AlexsJones@users.noreply.github.com>

Author: pierluigilenoci

api/v1alpha1/k8sgpt_types.go

@@ -174,6 +174,18 @@ type K8sGPTSpec struct {
 	// Define the kubeconfig the Deployment must use.
 	// If empty, the Deployment will use the ServiceAccount provided by Kubernetes itself.
 	Kubeconfig *SecretRef `json:"kubeconfig,omitempty"`
+	// PodLabels allows adding custom labels to the K8sGPT pods for organizational tracking,
+	// service mesh integration, and monitoring purposes.
+	PodLabels map[string]string `json:"podLabels,omitempty"`
+	// PodAnnotations allows adding custom annotations to the K8sGPT pods for integration
+	// with service meshes, monitoring systems, and other infrastructure components.
+	PodAnnotations map[string]string `json:"podAnnotations,omitempty"`
+	// SecurityContext defines the security options the pod should run with.
+	// This allows compliance with organizational security policies and pod security standards.
+	SecurityContext *corev1.PodSecurityContext `json:"securityContext,omitempty"`
+	// ContainerSecurityContext defines the security options the container should run with.
+	// This allows setting security constraints like runAsNonRoot, readOnlyRootFilesystem, etc.
+	ContainerSecurityContext *corev1.SecurityContext `json:"containerSecurityContext,omitempty"`
 }
 
 const (