fix(ssi): remove newly added config variables

This commit removes the newly added config variables that were added.
We've decided that we no longer wish to expose this option to the user
and that it's not strictly necessary.

pkg/clusteragent/admission/common/label_selectors.go

@@ -19,11 +19,7 @@ func DefaultLabelSelectors(useNamespaceSelector bool) (namespaceSelector, object
 
 	if pkgconfigsetup.Datadog().GetBool("admission_controller.mutate_unlabelled") ||
 		pkgconfigsetup.Datadog().GetBool("apm_config.instrumentation.enabled") ||
-		pkgconfigsetup.Datadog().GetBool("admission_controller.inject_config.enabled") ||
-		pkgconfigsetup.Datadog().GetBool("admission_controller.inject_tags.enabled") ||
-		len(pkgconfigsetup.Datadog().GetStringSlice("apm_config.instrumentation.enabled_namespaces")) > 0 ||
-		len(pkgconfigsetup.Datadog().GetStringSlice("admission_controller.inject_config.enabled_namespaces")) > 0 ||
-		len(pkgconfigsetup.Datadog().GetStringSlice("admission_controller.inject_tags.enabled_namespaces")) > 0 {
+		len(pkgconfigsetup.Datadog().GetStringSlice("apm_config.instrumentation.enabled_namespaces")) > 0 {
 		// Accept all, ignore pods if they're explicitly filtered-out
 		labelSelector = metav1.LabelSelector{
 			MatchExpressions: []metav1.LabelSelectorRequirement{

pkg/clusteragent/admission/controllers/webhook/controller_v1_test.go

@@ -282,12 +282,8 @@ func TestGenerateTemplatesV1(t *testing.T) {
 			configFunc: func(mockConfig model.Config) Config { return NewConfig(false, false, false, mockConfig) },
 			want: func() []admiv1.MutatingWebhook {
 				webhook := webhook("datadog.webhook.agent.config", "/injectconfig", &metav1.LabelSelector{
-					MatchExpressions: []metav1.LabelSelectorRequirement{
-						{
-							Key:      "admission.datadoghq.com/enabled",
-							Operator: metav1.LabelSelectorOpNotIn,
-							Values:   []string{"false"},
-						},
+					MatchLabels: map[string]string{
+						"admission.datadoghq.com/enabled": "true",
 					},
 				}, nil, []admiv1.MatchCondition{}, []admiv1.OperationType{admiv1.Create}, []string{"pods"})
 				return []admiv1.MutatingWebhook{webhook}
@@ -328,12 +324,8 @@ func TestGenerateTemplatesV1(t *testing.T) {
 			configFunc: func(mockConfig model.Config) Config { return NewConfig(false, false, false, mockConfig) },
 			want: func() []admiv1.MutatingWebhook {
 				webhook := webhook("datadog.webhook.standard.tags", "/injecttags", &metav1.LabelSelector{
-					MatchExpressions: []metav1.LabelSelectorRequirement{
-						{
-							Key:      "admission.datadoghq.com/enabled",
-							Operator: metav1.LabelSelectorOpNotIn,
-							Values:   []string{"false"},
-						},
+					MatchLabels: map[string]string{
+						"admission.datadoghq.com/enabled": "true",
 					},
 				}, nil, []admiv1.MatchCondition{}, []admiv1.OperationType{admiv1.Create}, []string{"pods"})
 				return []admiv1.MutatingWebhook{webhook}
@@ -392,21 +384,13 @@ func TestGenerateTemplatesV1(t *testing.T) {
 			configFunc: func(mockConfig model.Config) Config { return NewConfig(false, false, false, mockConfig) },
 			want: func() []admiv1.MutatingWebhook {
 				webhookConfig := webhook("datadog.webhook.agent.config", "/injectconfig", &metav1.LabelSelector{
-					MatchExpressions: []metav1.LabelSelectorRequirement{
-						{
-							Key:      "admission.datadoghq.com/enabled",
-							Operator: metav1.LabelSelectorOpNotIn,
-							Values:   []string{"false"},
-						},
+					MatchLabels: map[string]string{
+						"admission.datadoghq.com/enabled": "true",
 					},
 				}, nil, []admiv1.MatchCondition{}, []admiv1.OperationType{admiv1.Create}, []string{"pods"})
 				webhookTags := webhook("datadog.webhook.standard.tags", "/injecttags", &metav1.LabelSelector{
-					MatchExpressions: []metav1.LabelSelectorRequirement{
-						{
-							Key:      "admission.datadoghq.com/enabled",
-							Operator: metav1.LabelSelectorOpNotIn,
-							Values:   []string{"false"},
-						},
+					MatchLabels: map[string]string{
+						"admission.datadoghq.com/enabled": "true",
 					},
 				}, nil, []admiv1.MatchCondition{}, []admiv1.OperationType{admiv1.Create}, []string{"pods"})
 				return []admiv1.MutatingWebhook{webhookConfig, webhookTags}
@@ -457,21 +441,13 @@ func TestGenerateTemplatesV1(t *testing.T) {
 			configFunc: func(mockConfig model.Config) Config { return NewConfig(false, true, false, mockConfig) },
 			want: func() []admiv1.MutatingWebhook {
 				webhookConfig := webhook("datadog.webhook.agent.config", "/injectconfig", nil, &metav1.LabelSelector{
-					MatchExpressions: []metav1.LabelSelectorRequirement{
-						{
-							Key:      "admission.datadoghq.com/enabled",
-							Operator: metav1.LabelSelectorOpNotIn,
-							Values:   []string{"false"},
-						},
+					MatchLabels: map[string]string{
+						"admission.datadoghq.com/enabled": "true",
 					},
 				}, []admiv1.MatchCondition{}, []admiv1.OperationType{admiv1.Create}, []string{"pods"})
 				webhookTags := webhook("datadog.webhook.standard.tags", "/injecttags", nil, &metav1.LabelSelector{
-					MatchExpressions: []metav1.LabelSelectorRequirement{
-						{
-							Key:      "admission.datadoghq.com/enabled",
-							Operator: metav1.LabelSelectorOpNotIn,
-							Values:   []string{"false"},
-						},
+					MatchLabels: map[string]string{
+						"admission.datadoghq.com/enabled": "true",
 					},
 				}, []admiv1.MatchCondition{}, []admiv1.OperationType{admiv1.Create}, []string{"pods"})
 				return []admiv1.MutatingWebhook{webhookConfig, webhookTags}

pkg/clusteragent/admission/controllers/webhook/controller_v1beta1_test.go

@@ -278,12 +278,8 @@ func TestGenerateTemplatesV1beta1(t *testing.T) {
 			configFunc: func(mockConfig model.Config) Config { return NewConfig(false, false, false, mockConfig) },
 			want: func() []admiv1beta1.MutatingWebhook {
 				webhook := webhook("datadog.webhook.agent.config", "/injectconfig", &metav1.LabelSelector{
-					MatchExpressions: []metav1.LabelSelectorRequirement{
-						{
-							Key:      "admission.datadoghq.com/enabled",
-							Operator: metav1.LabelSelectorOpNotIn,
-							Values:   []string{"false"},
-						},
+					MatchLabels: map[string]string{
+						"admission.datadoghq.com/enabled": "true",
 					},
 				}, nil, []admiv1beta1.MatchCondition{}, []admiv1beta1.OperationType{admiv1beta1.Create}, []string{"pods"})
 				return []admiv1beta1.MutatingWebhook{webhook}
@@ -324,12 +320,8 @@ func TestGenerateTemplatesV1beta1(t *testing.T) {
 			configFunc: func(mockConfig model.Config) Config { return NewConfig(false, false, false, mockConfig) },
 			want: func() []admiv1beta1.MutatingWebhook {
 				webhook := webhook("datadog.webhook.standard.tags", "/injecttags", &metav1.LabelSelector{
-					MatchExpressions: []metav1.LabelSelectorRequirement{
-						{
-							Key:      "admission.datadoghq.com/enabled",
-							Operator: metav1.LabelSelectorOpNotIn,
-							Values:   []string{"false"},
-						},
+					MatchLabels: map[string]string{
+						"admission.datadoghq.com/enabled": "true",
 					},
 				}, nil, []admiv1beta1.MatchCondition{}, []admiv1beta1.OperationType{admiv1beta1.Create}, []string{"pods"})
 				return []admiv1beta1.MutatingWebhook{webhook}
@@ -388,21 +380,13 @@ func TestGenerateTemplatesV1beta1(t *testing.T) {
 			configFunc: func(mockConfig model.Config) Config { return NewConfig(false, false, false, mockConfig) },
 			want: func() []admiv1beta1.MutatingWebhook {
 				webhookConfig := webhook("datadog.webhook.agent.config", "/injectconfig", &metav1.LabelSelector{
-					MatchExpressions: []metav1.LabelSelectorRequirement{
-						{
-							Key:      "admission.datadoghq.com/enabled",
-							Operator: metav1.LabelSelectorOpNotIn,
-							Values:   []string{"false"},
-						},
+					MatchLabels: map[string]string{
+						"admission.datadoghq.com/enabled": "true",
 					},
 				}, nil, []admiv1beta1.MatchCondition{}, []admiv1beta1.OperationType{admiv1beta1.Create}, []string{"pods"})
 				webhookTags := webhook("datadog.webhook.standard.tags", "/injecttags", &metav1.LabelSelector{
-					MatchExpressions: []metav1.LabelSelectorRequirement{
-						{
-							Key:      "admission.datadoghq.com/enabled",
-							Operator: metav1.LabelSelectorOpNotIn,
-							Values:   []string{"false"},
-						},
+					MatchLabels: map[string]string{
+						"admission.datadoghq.com/enabled": "true",
 					},
 				}, nil, []admiv1beta1.MatchCondition{}, []admiv1beta1.OperationType{admiv1beta1.Create}, []string{"pods"})
 				return []admiv1beta1.MutatingWebhook{webhookConfig, webhookTags}
@@ -453,21 +437,13 @@ func TestGenerateTemplatesV1beta1(t *testing.T) {
 			configFunc: func(mockConfig model.Config) Config { return NewConfig(false, true, false, mockConfig) },
 			want: func() []admiv1beta1.MutatingWebhook {
 				webhookConfig := webhook("datadog.webhook.agent.config", "/injectconfig", nil, &metav1.LabelSelector{
-					MatchExpressions: []metav1.LabelSelectorRequirement{
-						{
-							Key:      "admission.datadoghq.com/enabled",
-							Operator: metav1.LabelSelectorOpNotIn,
-							Values:   []string{"false"},
-						},
+					MatchLabels: map[string]string{
+						"admission.datadoghq.com/enabled": "true",
 					},
 				}, []admiv1beta1.MatchCondition{}, []admiv1beta1.OperationType{admiv1beta1.Create}, []string{"pods"})
 				webhookTags := webhook("datadog.webhook.standard.tags", "/injecttags", nil, &metav1.LabelSelector{
-					MatchExpressions: []metav1.LabelSelectorRequirement{
-						{
-							Key:      "admission.datadoghq.com/enabled",
-							Operator: metav1.LabelSelectorOpNotIn,
-							Values:   []string{"false"},
-						},
+					MatchLabels: map[string]string{
+						"admission.datadoghq.com/enabled": "true",
 					},
 				}, []admiv1beta1.MatchCondition{}, []admiv1beta1.OperationType{admiv1beta1.Create}, []string{"pods"})
 				return []admiv1beta1.MutatingWebhook{webhookConfig, webhookTags}

pkg/clusteragent/admission/mutate/config/filter.go

@@ -15,7 +15,5 @@ import (
 // NewFilter creates a new MutationFilter from the provided FilterConfig.
 func NewFilter(datadogConfig config.Component) (mutatecommon.MutationFilter, error) {
 	enabled := datadogConfig.GetBool("admission_controller.inject_config.enabled")
-	enabledNamespaces := datadogConfig.GetStringSlice("admission_controller.inject_config.enabled_namespaces")
-	disabledNamespaces := datadogConfig.GetStringSlice("admission_controller.inject_config.disabled_namespaces")
-	return mutatecommon.NewDefaultFilter(enabled, enabledNamespaces, disabledNamespaces)
+	return mutatecommon.NewDefaultFilter(enabled, nil, nil)
 }

pkg/clusteragent/admission/mutate/tagsfromlabels/filter.go

@@ -15,7 +15,5 @@ import (
 // NewFilter creates a new MutationFilter from the provided FilterConfig.
 func NewFilter(datadogConfig config.Component) (mutatecommon.MutationFilter, error) {
 	enabled := datadogConfig.GetBool("admission_controller.inject_tags.enabled")
-	enabledNamespaces := datadogConfig.GetStringSlice("admission_controller.inject_tags.enabled_namespaces")
-	disabledNamespaces := datadogConfig.GetStringSlice("admission_controller.inject_tags.disabled_namespaces")
-	return mutatecommon.NewDefaultFilter(enabled, enabledNamespaces, disabledNamespaces)
+	return mutatecommon.NewDefaultFilter(enabled, nil, nil)
 }

pkg/config/setup/config.go

@@ -748,8 +748,6 @@ func InitConfig(config pkgconfigmodel.Setup) {
 	config.BindEnvAndSetDefault("admission_controller.certificate.secret_name", "webhook-certificate") // name of the Secret object containing the webhook certificate
 	config.BindEnvAndSetDefault("admission_controller.webhook_name", "datadog-webhook")
 	config.BindEnvAndSetDefault("admission_controller.inject_config.enabled", true)
-	config.BindEnvAndSetDefault("admission_controller.inject_config.enabled_namespaces", []string{})
-	config.BindEnvAndSetDefault("admission_controller.inject_config.disabled_namespaces", []string{})
 	config.BindEnvAndSetDefault("admission_controller.inject_config.endpoint", "/injectconfig")
 	config.BindEnvAndSetDefault("admission_controller.inject_config.mode", "hostip") // possible values: hostip / service / socket
 	config.BindEnvAndSetDefault("admission_controller.inject_config.local_service_name", "datadog")
@@ -758,8 +756,6 @@ func InitConfig(config pkgconfigmodel.Setup) {
 	config.BindEnvAndSetDefault("admission_controller.inject_config.dogstatsd_socket", "unix:///var/run/datadog/dsd.socket")
 	config.BindEnvAndSetDefault("admission_controller.inject_config.type_socket_volumes", false)
 	config.BindEnvAndSetDefault("admission_controller.inject_tags.enabled", true)
-	config.BindEnvAndSetDefault("admission_controller.inject_tags.enabled_namespaces", []string{})
-	config.BindEnvAndSetDefault("admission_controller.inject_tags.disabled_namespaces", []string{})
 	config.BindEnvAndSetDefault("admission_controller.inject_tags.endpoint", "/injecttags")
 	config.BindEnvAndSetDefault("admission_controller.inject_tags.pod_owners_cache_validity", 10) // in minutes
 	config.BindEnv("admission_controller.pod_owners_cache_validity")                              // Alias for admission_controller.inject_tags.pod_owners_cache_validity. Was added without the "inject_tags" prefix by mistake but needs to be kept for backwards compatibility