[datadog-operator] NetworkPolicy missing for admission controller

[sjanel]

Hello!

Describe what happened:
APM traces admission controllers webhooks do not work even with network policies options set.

I had to add an ingress rule from konnectivity-agent to datadog-cluster-agent NetworkPolicy to authorize cluster agent to receive hooks, like this:

apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
  name: allow-from-konnectivity-agent-to-datadog-cluster-agent-ingress
  namespace: <datadog-agent-namespace>
spec:
  ingress:
  - from:
    - namespaceSelector: {}
      podSelector:
        matchLabels:
          k8s-app: konnectivity-agent
    ports:
    - port: 8000
      protocol: TCP
  podSelector:
    matchLabels:
      agent.datadoghq.com/component: cluster-agent
  policyTypes:
  - Ingress

I then get the traces working (init container is successfully injected to my application pod) thanks to this NetworkPolicy.

Describe what you expected:
I would have expected to see above ingress rule added when APM is enabled with NetworkPolicies:

    apm:
      instrumentation:
        enabled: true
    ....
    networkPolicy:
      create: true
      flavor: kubernetes

Steps to reproduce the issue:
Cluster with NetworkPolicy enabled, and APM traces.

Additional environment details (Operating System, Cloud provider, etc):
GKE v1.30.1, datadog-operator v1.7.0

I may have missed something in the configuration, please tell me in this case.

Thanks in advance!