From 6a366fbd1d442b6ed538cef8b502eb95309f8df0 Mon Sep 17 00:00:00 2001
From: Kornilios Kourtis <kornilios@isovalent.com>
Date: Tue, 24 Oct 2023 14:17:44 +0200
Subject: [PATCH] helm: enable policyfilter by default

Policyfilter is the underlying mechanism for namespaced policies and pod
label filters. Enable it by default on helm, so that it is on by default
on k8s environments.

Because this feature targets only k8s environments (at leat for now),
the default value on the agent, we do not change the default value of
the agent flag.

Signed-off-by: Kornilios Kourtis <kornilios@isovalent.com>
---
 docs/content/en/docs/reference/helm-chart.md | 2 +-
 install/kubernetes/README.md                 | 2 +-
 install/kubernetes/values.yaml               | 5 ++---
 3 files changed, 4 insertions(+), 5 deletions(-)

diff --git a/docs/content/en/docs/reference/helm-chart.md b/docs/content/en/docs/reference/helm-chart.md
index 9137647b508..29257e4e5b3 100644
--- a/docs/content/en/docs/reference/helm-chart.md
+++ b/docs/content/en/docs/reference/helm-chart.md
@@ -65,7 +65,7 @@ To use [the values available](#values), with `helm install` or `helm upgrade`, u
 | tetragon.commandOverride | list | `[]` |  |
 | tetragon.enableK8sAPI | bool | `true` |  |
 | tetragon.enableMsgHandlingLatency | bool | `false` |  |
-| tetragon.enablePolicyFilter | bool | `false` |  |
+| tetragon.enablePolicyFilter | bool | `true` |  |
 | tetragon.enablePolicyFilterDebug | bool | `false` |  |
 | tetragon.enableProcessCred | bool | `false` |  |
 | tetragon.enableProcessNs | bool | `false` |  |
diff --git a/install/kubernetes/README.md b/install/kubernetes/README.md
index d4d4ea9e487..d46849122a0 100644
--- a/install/kubernetes/README.md
+++ b/install/kubernetes/README.md
@@ -48,7 +48,7 @@ Helm chart for Tetragon
 | tetragon.commandOverride | list | `[]` |  |
 | tetragon.enableK8sAPI | bool | `true` |  |
 | tetragon.enableMsgHandlingLatency | bool | `false` |  |
-| tetragon.enablePolicyFilter | bool | `false` |  |
+| tetragon.enablePolicyFilter | bool | `true` |  |
 | tetragon.enablePolicyFilterDebug | bool | `false` |  |
 | tetragon.enableProcessCred | bool | `false` |  |
 | tetragon.enableProcessNs | bool | `false` |  |
diff --git a/install/kubernetes/values.yaml b/install/kubernetes/values.yaml
index d0e41eac174..46ed3d5b8d6 100644
--- a/install/kubernetes/values.yaml
+++ b/install/kubernetes/values.yaml
@@ -144,9 +144,8 @@ tetragon:
     address: "localhost"
     # -- The port at which to expose gops.
     port: 8118
-  # Enable policy filter. This is required for K8s namespace filtering.
-  # NB: this is currently a beta feature
-  enablePolicyFilter: false
+  # Enable policy filter. This is required for K8s namespace filtering and pod label filters.
+  enablePolicyFilter: True
   # Enable policy filter debug messages.
   enablePolicyFilterDebug: false
   # Enable latency monitoring in message handling