From 8f7b0496cb8aead36031ade8f80ad041c4b84879 Mon Sep 17 00:00:00 2001
From: Yuvraj Singh <Yuvraj.Singh3@ibm.com>
Date: Thu, 6 Nov 2025 12:36:50 +0530
Subject: [PATCH 1/4] add support for nodeSelector

---
 README.md    | 1 +
 main.tf      | 6 ++++++
 variables.tf | 6 ++++++
 3 files changed, 13 insertions(+)

diff --git a/README.md b/README.md
index 0a535d1..7016750 100644
--- a/README.md
+++ b/README.md
@@ -148,6 +148,7 @@ No modules.
 | <a name="input_metrics_filter"></a> [metrics\_filter](#input\_metrics\_filter) | To filter custom metrics you can specify which metrics to include and exclude. For more info, see https://cloud.ibm.com/docs/monitoring?topic=monitoring-change_kube_agent#change_kube_agent_inc_exc_metrics | <pre>list(object({<br/>    include = optional(string)<br/>    exclude = optional(string)<br/>  }))</pre> | `[]` | no |
 | <a name="input_name"></a> [name](#input\_name) | The name to give the agent helm release. | `string` | `"sysdig-agent"` | no |
 | <a name="input_namespace"></a> [namespace](#input\_namespace) | Namespace to deploy the agent to. | `string` | `"ibm-observe"` | no |
+| <a name="input_node_selector"></a> [node\_selector](#input\_node\_selector) | Map of node selector labels for the DaemonSet pods. Defaults to empty map. | `map(string)` | `{}` | no |
 | <a name="input_priority_class_name"></a> [priority\_class\_name](#input\_priority\_class\_name) | The priority class name for the PriorityClasses assigned to the monitoring agent daemonset. If no value is passed, priority class is not used. | `string` | `null` | no |
 | <a name="input_priority_class_value"></a> [priority\_class\_value](#input\_priority\_class\_value) | The numerical priority assigned to PriorityClass, which determines the importance of monitoring agent daemonset pod within the cluster for both scheduling and eviction decisions. The value only applies if a value was passed for `priority_class_name` | `number` | `10` | no |
 | <a name="input_prometheus_config"></a> [prometheus\_config](#input\_prometheus\_config) | Prometheus configuration for the agent. If you want to enable Prometheus configuration provide the prometheus.yaml file content in `hcl` format. [Learn more](https://github.com/terraform-ibm-modules/terraform-ibm-monitoring-agent/blob/main/solutions/fully-configurable/DA-types.md#prometheus_config). | `map(any)` | `{}` | no |
diff --git a/main.tf b/main.tf
index cd74211..3c5ab4b 100644
--- a/main.tf
+++ b/main.tf
@@ -265,6 +265,12 @@ resource "helm_release" "cloud_monitoring_agent" {
 %{if var.max_surge != null}
         "maxSurge": ${var.max_surge}
 %{endif}
+%{if length(var.node_selector) > 0}
+    "nodeSelector":
+%{for label_key, label_value in var.node_selector~}
+      "${label_key}": "${label_value}"
+%{endfor~}
+%{endif}
 EOT
   ]
 
diff --git a/variables.tf b/variables.tf
index 4545832..7c84c26 100644
--- a/variables.tf
+++ b/variables.tf
@@ -283,6 +283,12 @@ variable "priority_class_value" {
   default     = 10
 }
 
+variable "node_selector" {
+  description = "Map of node selector labels for the DaemonSet pods. Defaults to empty map."
+  type        = map(string)
+  default     = {}
+}
+
 ##############################################################################
 # Metrics related variables
 ##############################################################################

From b97184752b63e3b68be4df8641d72bd3e8f7ad15 Mon Sep 17 00:00:00 2001
From: Yuvraj Singh <Yuvraj.Singh3@ibm.com>
Date: Thu, 6 Nov 2025 15:10:45 +0530
Subject: [PATCH 2/4] expose nodeSelector var in DA

---
 solutions/fully-configurable/main.tf      | 1 +
 solutions/fully-configurable/variables.tf | 7 +++++++
 variables.tf                              | 3 ++-
 3 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/solutions/fully-configurable/main.tf b/solutions/fully-configurable/main.tf
index 350766d..f4c7d47 100644
--- a/solutions/fully-configurable/main.tf
+++ b/solutions/fully-configurable/main.tf
@@ -77,4 +77,5 @@ module "monitoring_agent" {
   max_surge                       = var.max_surge
   priority_class_name             = var.priority_class_name
   priority_class_value            = var.priority_class_value
+  node_selector                   = var.node_selector
 }
diff --git a/solutions/fully-configurable/variables.tf b/solutions/fully-configurable/variables.tf
index 1d6ebb6..1afee7a 100644
--- a/solutions/fully-configurable/variables.tf
+++ b/solutions/fully-configurable/variables.tf
@@ -296,6 +296,13 @@ variable "priority_class_value" {
   default     = 10
 }
 
+variable "node_selector" {
+  type        = map(string)
+  nullable    = false
+  description = "Map of node selector labels for the DaemonSet pods. Defaults to empty map."
+  default     = {}
+}
+
 ##############################################################################
 # Metrics related variables
 ##############################################################################
diff --git a/variables.tf b/variables.tf
index 7c84c26..af74cb6 100644
--- a/variables.tf
+++ b/variables.tf
@@ -284,8 +284,9 @@ variable "priority_class_value" {
 }
 
 variable "node_selector" {
-  description = "Map of node selector labels for the DaemonSet pods. Defaults to empty map."
   type        = map(string)
+  nullable    = false
+  description = "Map of node selector labels for the DaemonSet pods. Defaults to empty map."
   default     = {}
 }
 

From e36cbc5a5ddd88cd5d7fb05cbccf505f37d96459 Mon Sep 17 00:00:00 2001
From: Yuvraj Singh <Yuvraj.Singh3@ibm.com>
Date: Fri, 7 Nov 2025 12:28:49 +0530
Subject: [PATCH 3/4] use jsonencode

---
 main.tf | 11 ++++-------
 1 file changed, 4 insertions(+), 7 deletions(-)

diff --git a/main.tf b/main.tf
index 3c5ab4b..5b58a72 100644
--- a/main.tf
+++ b/main.tf
@@ -29,7 +29,7 @@ data "ibm_container_cluster_config" "cluster_config" {
 
 locals {
   cluster_name         = var.is_vpc_cluster ? data.ibm_container_vpc_cluster.cluster[0].resource_name : data.ibm_container_cluster.cluster[0].resource_name # Not publicly documented in provider. See https://github.com/IBM-Cloud/terraform-provider-ibm/issues/4485
-  use_container_filter = length(var.container_filter) < 0 || var.container_filter == null ? false : true
+  use_container_filter = var.container_filter != null && length(var.container_filter) > 0 ? true : false
   # construct ingestion and api endpoints based on inputs
   monitoring_api_endpoint = "${var.instance_region}.monitoring.cloud.ibm.com"
   scc_wp_api_endpoint     = "${var.instance_region}.security-compliance-secure.cloud.ibm.com"
@@ -265,12 +265,9 @@ resource "helm_release" "cloud_monitoring_agent" {
 %{if var.max_surge != null}
         "maxSurge": ${var.max_surge}
 %{endif}
-%{if length(var.node_selector) > 0}
-    "nodeSelector":
-%{for label_key, label_value in var.node_selector~}
-      "${label_key}": "${label_value}"
-%{endfor~}
-%{endif}
+%{~if length(var.node_selector) > 0}
+    "nodeSelector": ${jsonencode(var.node_selector)}
+%{~endif}
 EOT
   ]
 

From 4c32b69fe762b3cd3320ad35b833209e2a7d28c9 Mon Sep 17 00:00:00 2001
From: Yuvraj Singh <Yuvraj.Singh3@ibm.com>
Date: Fri, 7 Nov 2025 12:29:14 +0530
Subject: [PATCH 4/4] add node_selector to ibm_catalog

---
 ibm_catalog.json | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/ibm_catalog.json b/ibm_catalog.json
index dcc6bce..3068fd1 100644
--- a/ibm_catalog.json
+++ b/ibm_catalog.json
@@ -460,6 +460,11 @@
             {
               "key": "priority_class_value"
             },
+            {
+              "key": "node_selector",
+              "type": "object",
+              "default_value": {}
+            },
             {
               "key": "tolerations",
               "type": "array",