Merge pull request #61 from schubergphilis/inheritance

fix: resolving an error in the inheritance behaviour of `notification_configuration` and `team_access`
schubergphilis · Aug 8, 2024 · 0b35c0d · 0b35c0d
2 parents 0a3c70b + 6071b29
commit 0b35c0d
Show file tree

Hide file tree

Showing 3 changed files with 9 additions and 9 deletions.
diff --git a/README.md b/README.md
@@ -218,8 +218,8 @@ module "aws_account" {
 | Name | Source | Version |
 |------|--------|---------|
 | <a name="module_account"></a> [account](#module\_account) | schubergphilis/mcaf-account/aws | ~> 0.5.1 |
-| <a name="module_additional_tfe_workspaces"></a> [additional\_tfe\_workspaces](#module\_additional\_tfe\_workspaces) | schubergphilis/mcaf-workspace/aws | ~> 2.0.0 |
-| <a name="module_tfe_workspace"></a> [tfe\_workspace](#module\_tfe\_workspace) | schubergphilis/mcaf-workspace/aws | ~> 2.0.0 |
+| <a name="module_additional_tfe_workspaces"></a> [additional\_tfe\_workspaces](#module\_additional\_tfe\_workspaces) | schubergphilis/mcaf-workspace/aws | ~> 2.0.1 |
+| <a name="module_tfe_workspace"></a> [tfe\_workspace](#module\_tfe\_workspace) | schubergphilis/mcaf-workspace/aws | ~> 2.0.1 |
 
 ## Resources
 
@@ -246,7 +246,7 @@ module "aws_account" {
 | <a name="input_name"></a> [name](#input\_name) | Name of the account and default TFE workspace | `string` | n/a | yes |
 | <a name="input_tfe_workspace"></a> [tfe\_workspace](#input\_tfe\_workspace) | TFE workspace settings | <pre>object({<br>    add_permissions_boundary       = optional(bool, false)<br>    agent_pool_id                  = optional(string)<br>    agent_role_arns                = optional(list(string))<br>    allow_destroy_plan             = optional(bool, true)<br>    assessments_enabled            = optional(bool, true)<br>    auth_method                    = optional(string, "iam_role_oidc")<br>    auto_apply                     = optional(bool, false)<br>    auto_apply_run_trigger         = optional(bool, false)<br>    branch                         = optional(string, "main")<br>    clear_text_env_variables       = optional(map(string), {})<br>    clear_text_hcl_variables       = optional(map(string), {})<br>    clear_text_terraform_variables = optional(map(string), {})<br>    connect_vcs_repo               = optional(bool, true)<br>    default_region                 = string<br>    description                    = optional(string)<br>    execution_mode                 = optional(string, "remote")<br>    file_triggers_enabled          = optional(bool, true)<br>    global_remote_state            = optional(bool, false)<br>    name                           = optional(string)<br>    organization                   = string<br>    policy                         = optional(string)<br>    policy_arns                    = optional(list(string), ["arn:aws:iam::aws:policy/AdministratorAccess"])<br>    project_id                     = optional(string)<br>    queue_all_runs                 = optional(bool)<br>    remote_state_consumer_ids      = optional(set(string))<br>    repository_identifier          = optional(string)<br>    role_name                      = optional(string, "TFEPipeline")<br>    sensitive_env_variables        = optional(map(string), {})<br>    sensitive_hcl_variables        = optional(map(object({ sensitive = string })), {})<br>    sensitive_terraform_variables  = optional(map(string), {})<br>    ssh_key_id                     = optional(string)<br>    terraform_version              = optional(string)<br>    trigger_patterns               = optional(list(string))<br>    trigger_prefixes               = optional(list(string), ["modules"])<br>    username                       = optional(string, "TFEPipeline")<br>    vcs_oauth_token_id             = string<br>    variable_set_ids               = optional(map(string), {})<br>    working_directory              = optional(string)<br>    workspace_tags                 = optional(list(string))<br><br>    notification_configuration = optional(map(object({<br>      destination_type = string<br>      enabled          = optional(bool, true)<br>      url              = string<br>      triggers = optional(list(string), [<br>        "run:created",<br>        "run:planning",<br>        "run:needs_attention",<br>        "run:applying",<br>        "run:completed",<br>        "run:errored",<br>      ])<br>    })), {})<br><br>    team_access = optional(map(object({<br>      access = optional(string, null),<br>      permissions = optional(object({<br>        run_tasks         = bool<br>        runs              = string<br>        sentinel_mocks    = string<br>        state_versions    = string<br>        variables         = string<br>        workspace_locking = bool<br>      }), null)<br>    })), {})<br>  })</pre> | n/a | yes |
 | <a name="input_account_variable_set"></a> [account\_variable\_set](#input\_account\_variable\_set) | Settings of variable set that is attached to each workspace | <pre>object({<br>    name                           = optional(string)<br>    clear_text_env_variables       = optional(map(string), {})<br>    clear_text_hcl_variables       = optional(map(string), {})<br>    clear_text_terraform_variables = optional(map(string), {})<br>  })</pre> | `{}` | no |
-| <a name="input_additional_tfe_workspaces"></a> [additional\_tfe\_workspaces](#input\_additional\_tfe\_workspaces) | Additional TFE workspaces | <pre>map(object({<br>    add_permissions_boundary       = optional(bool, false)<br>    agent_pool_id                  = optional(string)<br>    agent_role_arns                = optional(list(string))<br>    allow_destroy_plan             = optional(bool)<br>    assessments_enabled            = optional(bool)<br>    auth_method                    = optional(string)<br>    auto_apply                     = optional(bool, false)<br>    auto_apply_run_trigger         = optional(bool, false)<br>    branch                         = optional(string)<br>    clear_text_env_variables       = optional(map(string), {})<br>    clear_text_hcl_variables       = optional(map(string), {})<br>    clear_text_terraform_variables = optional(map(string), {})<br>    connect_vcs_repo               = optional(bool, true)<br>    default_region                 = optional(string)<br>    description                    = optional(string)<br>    execution_mode                 = optional(string)<br>    file_triggers_enabled          = optional(bool, true)<br>    global_remote_state            = optional(bool, false)<br>    name                           = optional(string)<br>    policy                         = optional(string)<br>    policy_arns                    = optional(list(string), ["arn:aws:iam::aws:policy/AdministratorAccess"])<br>    project_id                     = optional(string)<br>    queue_all_runs                 = optional(bool)<br>    remote_state_consumer_ids      = optional(set(string))<br>    repository_identifier          = optional(string)<br>    role_name                      = optional(string)<br>    sensitive_env_variables        = optional(map(string), {})<br>    sensitive_hcl_variables        = optional(map(object({ sensitive = string })), {})<br>    sensitive_terraform_variables  = optional(map(string), {})<br>    ssh_key_id                     = optional(string)<br>    terraform_version              = optional(string)<br>    trigger_patterns               = optional(list(string))<br>    trigger_prefixes               = optional(list(string))<br>    username                       = optional(string)<br>    vcs_oauth_token_id             = optional(string)<br>    variable_set_ids               = optional(map(string), {})<br>    working_directory              = optional(string)<br>    workspace_tags                 = optional(list(string))<br><br>    notification_configuration = optional(map(object({<br>      destination_type = string<br>      enabled          = optional(bool, true)<br>      url              = string<br>      triggers = optional(list(string), [<br>        "run:created",<br>        "run:planning",<br>        "run:needs_attention",<br>        "run:applying",<br>        "run:completed",<br>        "run:errored",<br>      ])<br>    })), {})<br><br>    team_access = optional(map(object({<br>      access = optional(string, null),<br>      permissions = optional(object({<br>        run_tasks         = bool<br>        runs              = string<br>        sentinel_mocks    = string<br>        state_versions    = string<br>        variables         = string<br>        workspace_locking = bool<br>      }), null)<br>    })), {})<br>  }))</pre> | `{}` | no |
+| <a name="input_additional_tfe_workspaces"></a> [additional\_tfe\_workspaces](#input\_additional\_tfe\_workspaces) | Additional TFE workspaces | <pre>map(object({<br>    add_permissions_boundary       = optional(bool, false)<br>    agent_pool_id                  = optional(string)<br>    agent_role_arns                = optional(list(string))<br>    allow_destroy_plan             = optional(bool)<br>    assessments_enabled            = optional(bool)<br>    auth_method                    = optional(string)<br>    auto_apply                     = optional(bool, false)<br>    auto_apply_run_trigger         = optional(bool, false)<br>    branch                         = optional(string)<br>    clear_text_env_variables       = optional(map(string), {})<br>    clear_text_hcl_variables       = optional(map(string), {})<br>    clear_text_terraform_variables = optional(map(string), {})<br>    connect_vcs_repo               = optional(bool, true)<br>    default_region                 = optional(string)<br>    description                    = optional(string)<br>    execution_mode                 = optional(string)<br>    file_triggers_enabled          = optional(bool, true)<br>    global_remote_state            = optional(bool, false)<br>    name                           = optional(string)<br>    policy                         = optional(string)<br>    policy_arns                    = optional(list(string), ["arn:aws:iam::aws:policy/AdministratorAccess"])<br>    project_id                     = optional(string)<br>    queue_all_runs                 = optional(bool)<br>    remote_state_consumer_ids      = optional(set(string))<br>    repository_identifier          = optional(string)<br>    role_name                      = optional(string)<br>    sensitive_env_variables        = optional(map(string), {})<br>    sensitive_hcl_variables        = optional(map(object({ sensitive = string })), {})<br>    sensitive_terraform_variables  = optional(map(string), {})<br>    ssh_key_id                     = optional(string)<br>    terraform_version              = optional(string)<br>    trigger_patterns               = optional(list(string))<br>    trigger_prefixes               = optional(list(string))<br>    username                       = optional(string)<br>    vcs_oauth_token_id             = optional(string)<br>    variable_set_ids               = optional(map(string), {})<br>    working_directory              = optional(string)<br>    workspace_tags                 = optional(list(string))<br><br>    notification_configuration = optional(map(object({<br>      destination_type = string<br>      enabled          = optional(bool, true)<br>      url              = string<br>      triggers = optional(list(string), [<br>        "run:created",<br>        "run:planning",<br>        "run:needs_attention",<br>        "run:applying",<br>        "run:completed",<br>        "run:errored",<br>      ])<br>    })), null)<br><br>    team_access = optional(map(object({<br>      access = optional(string, null),<br>      permissions = optional(object({<br>        run_tasks         = bool<br>        runs              = string<br>        sentinel_mocks    = string<br>        state_versions    = string<br>        variables         = string<br>        workspace_locking = bool<br>      }), null)<br>    })), null)<br>  }))</pre> | `{}` | no |
 | <a name="input_create_default_workspace"></a> [create\_default\_workspace](#input\_create\_default\_workspace) | Set to false to skip creating default workspace | `bool` | `true` | no |
 | <a name="input_path"></a> [path](#input\_path) | Optional path for all IAM users, user groups, roles, and customer managed policies created by this module | `string` | `"/"` | no |
 | <a name="input_permissions_boundaries"></a> [permissions\_boundaries](#input\_permissions\_boundaries) | n/a | <pre>object({<br>    workspace_boundary      = optional(string)<br>    workspace_boundary_name = optional(string)<br>    workload_boundary       = optional(string)<br>    workload_boundary_name  = optional(string)<br>  })</pre> | `{}` | no |

diff --git a/main.tf b/main.tf
@@ -169,7 +169,7 @@ module "tfe_workspace" {
   providers = { aws = aws.account }
 
   source  = "schubergphilis/mcaf-workspace/aws"
-  version = "~> 2.0.0"
+  version = "~> 2.0.1"
 
   agent_pool_id                  = var.tfe_workspace.agent_pool_id
   agent_role_arns                = var.tfe_workspace.agent_role_arns
@@ -221,7 +221,7 @@ module "additional_tfe_workspaces" {
   providers = { aws = aws.account }
 
   source  = "schubergphilis/mcaf-workspace/aws"
-  version = "~> 2.0.0"
+  version = "~> 2.0.1"
 
   agent_pool_id                  = each.value.agent_pool_id != null ? each.value.agent_pool_id : var.tfe_workspace.agent_pool_id
   agent_role_arns                = each.value.agent_role_arns != null ? each.value.agent_role_arns : var.tfe_workspace.agent_role_arns
@@ -239,7 +239,7 @@ module "additional_tfe_workspaces" {
   file_triggers_enabled          = each.value.connect_vcs_repo != false ? each.value.file_triggers_enabled : null
   global_remote_state            = each.value.global_remote_state
   name                           = coalesce(each.value.name, each.key)
-  notification_configuration     = each.value.notification_configuration != {} ? each.value.notification_configuration : var.tfe_workspace.notification_configuration
+  notification_configuration     = each.value.notification_configuration != null ? each.value.notification_configuration : var.tfe_workspace.notification_configuration
   oauth_token_id                 = each.value.connect_vcs_repo != false ? coalesce(each.value.vcs_oauth_token_id, var.tfe_workspace.vcs_oauth_token_id) : null
   oidc_settings                  = coalesce(each.value.auth_method, var.tfe_workspace.auth_method) == "iam_role_oidc" ? { provider_arn = aws_iam_openid_connect_provider.tfc_provider[0].arn } : null
   path                           = var.path
@@ -256,7 +256,7 @@ module "additional_tfe_workspaces" {
   sensitive_hcl_variables        = each.value.sensitive_hcl_variables
   sensitive_terraform_variables  = each.value.sensitive_terraform_variables
   ssh_key_id                     = each.value.ssh_key_id != null ? each.value.ssh_key_id : var.tfe_workspace.ssh_key_id
-  team_access                    = each.value.team_access != {} ? each.value.team_access : var.tfe_workspace.team_access
+  team_access                    = each.value.team_access != null ? each.value.team_access : var.tfe_workspace.team_access
   terraform_organization         = var.tfe_workspace.organization
   terraform_version              = each.value.terraform_version != null ? each.value.terraform_version : var.tfe_workspace.terraform_version
   trigger_patterns               = each.value.trigger_patterns != null ? each.value.trigger_patterns : var.tfe_workspace.trigger_patterns

diff --git a/variables.tf b/variables.tf
@@ -94,7 +94,7 @@ variable "additional_tfe_workspaces" {
         "run:completed",
         "run:errored",
       ])
-    })), {})
+    })), null)
 
     team_access = optional(map(object({
       access = optional(string, null),
@@ -106,7 +106,7 @@ variable "additional_tfe_workspaces" {
         variables         = string
         workspace_locking = bool
       }), null)
-    })), {})
+    })), null)
   }))
   default     = {}
   description = "Additional TFE workspaces"