From f98ee4b7bc9ab391a9aee1263c35aa27ed8b85a2 Mon Sep 17 00:00:00 2001
From: Marwin Baumann <mbaumann@schubergphilis.com>
Date: Mon, 28 Oct 2024 13:50:21 +0100
Subject: [PATCH 1/3] feature: add the region environmental variable to the
 variable set instead of to each workspace

---
 main.tf | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/main.tf b/main.tf
index d203a44..edfbc21 100644
--- a/main.tf
+++ b/main.tf
@@ -11,6 +11,12 @@ locals {
       // if workload_boundary_arn, add workload_permissions_boundary_arn = aws_iam_policy.workload_boundary[0].arn
       var.permissions_boundaries.workload_boundary != null && var.permissions_boundaries.workload_boundary != null ? { workload_permissions_boundary_arn = aws_iam_policy.workload_boundary[0].arn } : {}
     )
+
+    clear_text_env_variables = merge(
+      var.account_variable_set.clear_text_env_variables,
+      // always add the default region
+      { AWS_DEFAULT_REGION = var.tfe_workspace.default_region },
+    )
   }
 
   tfe_workspace = {
@@ -132,7 +138,7 @@ resource "tfe_variable_set" "account" {
 }
 
 resource "tfe_variable" "account_variable_set_clear_text_env_variables" {
-  for_each = var.account_variable_set.clear_text_env_variables
+  for_each = local.account_variable_set.clear_text_env_variables
 
   key             = each.key
   value           = each.value
@@ -196,7 +202,6 @@ module "tfe_workspace" {
   policy_arns                    = var.tfe_workspace.policy_arns
   project_id                     = var.tfe_workspace.project_id
   queue_all_runs                 = var.tfe_workspace.queue_all_runs
-  region                         = var.tfe_workspace.default_region
   remote_state_consumer_ids      = var.tfe_workspace.remote_state_consumer_ids
   repository_identifier          = var.tfe_workspace.connect_vcs_repo ? var.tfe_workspace.repository_identifier : null
   role_name                      = var.tfe_workspace.role_name
@@ -248,7 +253,7 @@ module "additional_tfe_workspaces" {
   policy_arns                    = each.value.policy_arns
   project_id                     = each.value.project_id != null ? each.value.project_id : var.tfe_workspace.project_id
   queue_all_runs                 = each.value.queue_all_runs
-  region                         = coalesce(each.value.default_region, var.tfe_workspace.default_region)
+  region                         = each.value.default_region
   remote_state_consumer_ids      = each.value.remote_state_consumer_ids
   repository_identifier          = each.value.connect_vcs_repo != false ? coalesce(each.value.repository_identifier, var.tfe_workspace.repository_identifier) : null
   role_name                      = coalesce(each.value.role_name, "TFEPipeline${replace(title(each.key), "/[_-]/", "")}")

From d3fdca07e8d3c9a3a7d3d0546516d0432a3f8700 Mon Sep 17 00:00:00 2001
From: Marwin Baumann <mbaumann@schubergphilis.com>
Date: Tue, 29 Oct 2024 08:35:22 +0100
Subject: [PATCH 2/3] update comments and versioning

---
 main.tf | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/main.tf b/main.tf
index edfbc21..a36dba5 100644
--- a/main.tf
+++ b/main.tf
@@ -14,7 +14,8 @@ locals {
 
     clear_text_env_variables = merge(
       var.account_variable_set.clear_text_env_variables,
-      // always add the default region
+      // Set the `DEFAULT_REGION` variable using the variable set. This way it is also applied to additional
+      // workspaces unless that workspace sets the `region` field.
       { AWS_DEFAULT_REGION = var.tfe_workspace.default_region },
     )
   }
@@ -175,7 +176,7 @@ module "tfe_workspace" {
   providers = { aws = aws.account }
 
   source  = "schubergphilis/mcaf-workspace/aws"
-  version = "~> 2.1.0"
+  version = "~> 2.1.1"
 
   agent_pool_id                  = var.tfe_workspace.agent_pool_id
   agent_role_arns                = var.tfe_workspace.agent_role_arns
@@ -226,7 +227,7 @@ module "additional_tfe_workspaces" {
   providers = { aws = aws.account }
 
   source  = "schubergphilis/mcaf-workspace/aws"
-  version = "~> 2.1.0"
+  version = "~> 2.1.1"
 
   agent_pool_id                  = each.value.agent_pool_id != null ? each.value.agent_pool_id : var.tfe_workspace.agent_pool_id
   agent_role_arns                = each.value.agent_role_arns != null ? each.value.agent_role_arns : var.tfe_workspace.agent_role_arns

From ad7c1fe8de4147b8cd1fcd64d0b1f6a4835141a3 Mon Sep 17 00:00:00 2001
From: "github-actions[bot]" <github-actions[bot]@users.noreply.github.com>
Date: Tue, 29 Oct 2024 07:35:41 +0000
Subject: [PATCH 3/3] docs(readme): update module usage

---
 README.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 15b9bf3..ad025f0 100644
--- a/README.md
+++ b/README.md
@@ -218,8 +218,8 @@ module "aws_account" {
 | Name | Source | Version |
 |------|--------|---------|
 | <a name="module_account"></a> [account](#module\_account) | schubergphilis/mcaf-account/aws | ~> 0.5.1 |
-| <a name="module_additional_tfe_workspaces"></a> [additional\_tfe\_workspaces](#module\_additional\_tfe\_workspaces) | schubergphilis/mcaf-workspace/aws | ~> 2.1.0 |
-| <a name="module_tfe_workspace"></a> [tfe\_workspace](#module\_tfe\_workspace) | schubergphilis/mcaf-workspace/aws | ~> 2.1.0 |
+| <a name="module_additional_tfe_workspaces"></a> [additional\_tfe\_workspaces](#module\_additional\_tfe\_workspaces) | schubergphilis/mcaf-workspace/aws | ~> 2.1.1 |
+| <a name="module_tfe_workspace"></a> [tfe\_workspace](#module\_tfe\_workspace) | schubergphilis/mcaf-workspace/aws | ~> 2.1.1 |
 
 ## Resources