From 00429a172771f2c87ba38b99ed3e3cc897bf3444 Mon Sep 17 00:00:00 2001
From: Guillaume Fournier <36961134+Gui774ume@users.noreply.github.com>
Date: Tue, 26 Nov 2024 11:58:33 +0100
Subject: [PATCH] [cws-instrumentation] Ignore miss-configurations when cws
 instrumentation is disabled (#31472)

---
 .github/CODEOWNERS                                 |  1 +
 .../controllers/webhook/controller_base.go         | 14 +++++++++-----
 2 files changed, 10 insertions(+), 5 deletions(-)

diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
index 13736254babae..aea9022667a2e 100644
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@@ -372,6 +372,7 @@
 /pkg/clusteragent/autoscaling/          @DataDog/container-integrations
 /pkg/clusteragent/admission/mutate/autoscaling          @DataDog/container-integrations
 /pkg/clusteragent/admission/mutate/autoinstrumentation/ @DataDog/container-platform @DataDog/injection-platform
+/pkg/clusteragent/admission/mutate/cwsinstrumentation    @Datadog/agent-security
 /pkg/clusteragent/orchestrator/         @DataDog/container-app
 /pkg/clusteragent/telemetry/            @DataDog/apm-trace-storage
 /pkg/collector/                         @DataDog/agent-metrics-logs
diff --git a/pkg/clusteragent/admission/controllers/webhook/controller_base.go b/pkg/clusteragent/admission/controllers/webhook/controller_base.go
index 74a1489b9824f..5124704395ea3 100644
--- a/pkg/clusteragent/admission/controllers/webhook/controller_base.go
+++ b/pkg/clusteragent/admission/controllers/webhook/controller_base.go
@@ -33,6 +33,7 @@ import (
 	"github.com/DataDog/datadog-agent/pkg/clusteragent/admission/mutate/cwsinstrumentation"
 	"github.com/DataDog/datadog-agent/pkg/clusteragent/admission/mutate/tagsfromlabels"
 	"github.com/DataDog/datadog-agent/pkg/clusteragent/autoscaling/workload"
+	pkgconfigsetup "github.com/DataDog/datadog-agent/pkg/config/setup"
 	"github.com/DataDog/datadog-agent/pkg/util/log"
 )
 
@@ -127,11 +128,14 @@ func (c *controllerBase) generateWebhooks(wmeta workloadmeta.Component, pa workl
 			log.Errorf("failed to register APM Instrumentation webhook: %v", err)
 		}
 
-		cws, err := cwsinstrumentation.NewCWSInstrumentation(wmeta, datadogConfig)
-		if err == nil {
-			webhooks = append(webhooks, cws.WebhookForPods(), cws.WebhookForCommands())
-		} else {
-			log.Errorf("failed to register CWS Instrumentation webhook: %v", err)
+		isCWSInstrumentationEnabled := pkgconfigsetup.Datadog().GetBool("admission_controller.cws_instrumentation.enabled")
+		if isCWSInstrumentationEnabled {
+			cws, err := cwsinstrumentation.NewCWSInstrumentation(wmeta, datadogConfig)
+			if err == nil {
+				webhooks = append(webhooks, cws.WebhookForPods(), cws.WebhookForCommands())
+			} else {
+				log.Errorf("failed to register CWS Instrumentation webhook: %v", err)
+			}
 		}
 	}