[kube-prometheus-stack] support kubelet endpoint slices

[DrFaust92]

What this PR does / why we need it

Which issue this PR fixes

(optional, in fixes #<issue number>(, fixes #<issue_number>, ...) format, will close that issue when PR gets merged)

• fixes [kube-prometheus-stack] support --kubelet-endpointslice=true #4897

Special notes for your reviewer

Based one upstream prometheus-operator/prometheus-operator#6882

Checklist

• DCO signed
• Chart Version bumped
• Title of the PR starts with chart name (e.g. [prometheus-couchdb-exporter])

[DrFaust92]

Ideally we can use the kubeletEndpointsEnabled and kubeletEndpointSliceEnabled to toggle granting these permissions. will let reviewer decide. i can add this logic if needed

[jkroepke]

The toggle would cover only write permissions, right?

[DrFaust92]

No, I think all of the endpointslice permissions. unelss there is a reason not to (I dont see one)

[jkroepke]

LGTM.

Reading discussion upstream and it seems kinda useful for larger clusters. I as understand, OpenShift toggle the default to endpointslices. WDYT about? We can also leave the upstream defaults.

[jkroepke]

if in combination with an boolean might be mis-leading.

Since --kubelet-endpoints= is set to true by default, I set the value to false keep the flag still to true, because --kubelet-endpoints=false would be omit.

not sure, if

{{- if (print .Values.prometheusOperator.kubeletEndpointsEnabled) }}

would help here, since it converts the value to a string and "false" is still true-ish, I guess?

[DrFaust92]

Good point, maybe just omit the ifs entirely and go by the values.yaml values?

[jkroepke]

The toggle would cover only write permissions, right?

[DrFaust92]

jkroepke I think (assume) to leave it same as upstream for the "common" case.