From 0386e579062a25c5825b1ffc80cfb77664dcc6ab Mon Sep 17 00:00:00 2001
From: Volodymyr Stoiko <me@volodymyrstoiko.com>
Date: Mon, 24 Mar 2025 20:02:57 +0200
Subject: [PATCH] Add watchdog option (#1723)

* add watchdog

* Enable watchdog on sniffer
---
 cmd/tap.go                                     | 1 +
 config/configStructs/tapConfig.go              | 6 ++++++
 helm-chart/templates/09-worker-daemon-set.yaml | 3 +++
 helm-chart/values.yaml                         | 2 ++
 4 files changed, 12 insertions(+)

diff --git a/cmd/tap.go b/cmd/tap.go
index e4a9101b5..86ee058a2 100644
--- a/cmd/tap.go
+++ b/cmd/tap.go
@@ -61,4 +61,5 @@ func init() {
 	tapCmd.Flags().Bool(configStructs.IngressEnabledLabel, defaultTapConfig.Ingress.Enabled, "Enable Ingress")
 	tapCmd.Flags().Bool(configStructs.TelemetryEnabledLabel, defaultTapConfig.Telemetry.Enabled, "Enable/disable Telemetry")
 	tapCmd.Flags().Bool(configStructs.ResourceGuardEnabledLabel, defaultTapConfig.ResourceGuard.Enabled, "Enable/disable resource guard")
+	tapCmd.Flags().Bool(configStructs.WatchdogEnabled, defaultTapConfig.Watchdog.Enabled, "Enable/disable watchdog")
 }
diff --git a/config/configStructs/tapConfig.go b/config/configStructs/tapConfig.go
index 456f165a5..174a242d4 100644
--- a/config/configStructs/tapConfig.go
+++ b/config/configStructs/tapConfig.go
@@ -44,6 +44,7 @@ const (
 	PcapKubeconfig               = "kubeconfig"
 	PcapDumpEnabled              = "enabled"
 	PcapTime                     = "time"
+	WatchdogEnabled              = "watchdogEnabled"
 )
 
 type ResourceLimitsHub struct {
@@ -209,6 +210,10 @@ type SentryConfig struct {
 	Environment string `yaml:"environment" json:"environment" default:"production"`
 }
 
+type WatchdogConfig struct {
+	Enabled bool `yaml:"enabled" json:"enabled" default:"true"`
+}
+
 type CapabilitiesConfig struct {
 	NetworkCapture     []string `yaml:"networkCapture" json:"networkCapture"  default:"[]"`
 	ServiceMeshCapture []string `yaml:"serviceMeshCapture" json:"serviceMeshCapture"  default:"[]"`
@@ -308,6 +313,7 @@ type TapConfig struct {
 	Debug                        bool                    `yaml:"debug" json:"debug" default:"false"`
 	Telemetry                    TelemetryConfig         `yaml:"telemetry" json:"telemetry"`
 	ResourceGuard                ResourceGuardConfig     `yaml:"resourceGuard" json:"resourceGuard"`
+	Watchdog                     WatchdogConfig          `yaml:"watchdog" json:"watchdog"`
 	Sentry                       SentryConfig            `yaml:"sentry" json:"sentry"`
 	DefaultFilter                string                  `yaml:"defaultFilter" json:"defaultFilter" default:"!dns and !error"`
 	LiveConfigMapChangesDisabled bool                    `yaml:"liveConfigMapChangesDisabled" json:"liveConfigMapChangesDisabled" default:"false"`
diff --git a/helm-chart/templates/09-worker-daemon-set.yaml b/helm-chart/templates/09-worker-daemon-set.yaml
index b7cc221c2..c71b84e30 100644
--- a/helm-chart/templates/09-worker-daemon-set.yaml
+++ b/helm-chart/templates/09-worker-daemon-set.yaml
@@ -68,6 +68,9 @@ spec:
             - /hostproc
           {{- if .Values.tap.resourceGuard.enabled }}
             - -enable-resource-guard
+          {{- end }}
+          {{- if .Values.tap.watchdog.enabled }}
+            - -enable-watchdog
           {{- end }}
             - -resolution-strategy
             - '{{ .Values.tap.misc.resolutionStrategy }}'
diff --git a/helm-chart/values.yaml b/helm-chart/values.yaml
index 834b13c8d..1c68a9cde 100644
--- a/helm-chart/values.yaml
+++ b/helm-chart/values.yaml
@@ -137,6 +137,8 @@ tap:
     enabled: true
   resourceGuard:
     enabled: false
+  watchdog:
+    enabled: true
   sentry:
     enabled: false
     environment: production