feat(modules): combine or and single template

.github/workflows/ci-pull-request-modules-foundational.yaml

@@ -40,16 +40,9 @@ jobs:
         aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
         aws-region: eu-west-1
 
-    - name: Build and Upload CSPM Templates
-      run: make ci
+    - name: Publish Templates
+      run: make publish
       working-directory: modules/foundational
       env:
         S3_BUCKET: cf-templates-cloudvision-ci
-        S3_PREFIX: pr/${{ github.event.pull_request.number }}
-
-    - name: Build and Upload CSPM Org Templates
-      run: make ci-org
-      working-directory: modules/foundational
-      env:
-        S3_BUCKET: cf-templates-cloudvision-ci
-        S3_PREFIX: pr/${{ github.event.pull_request.number }}       
+        S3_PREFIX: pr/${{ github.event.pull_request.number }}

modules/foundational/Makefile

@@ -6,64 +6,32 @@ S3_PREFIX ?= "test"
 S3_REGION ?= "eu-west-1" # ireland
 SECURE_API_TOKEN ?= ""
 STACK_NAME = "ModularFoundationalTest"
-STACK_NAME_ORG = "ModularFoundationalOrgTest"
-
-.PHONY: packaged-template.yaml
-.PHONY: packaged-template-org.yaml
+PARAM_NAME_SUFFIX ?= "deadbeef"
+PARAM_IS_ORGANIZATIONAL ?= "false"
 
+.PHONY: validate lint deploy test clean
 validate:
-	aws cloudformation validate-template --template-body file://./single.yaml
-	aws cloudformation validate-template --template-body file://./org.yaml
+	aws cloudformation validate-template --template-body file://./template.yaml
 
 lint:
 	cfn-lint *.yaml
 
-packaged-template.yaml:
-	aws s3 rm s3://$(S3_BUCKET)/modules/foundational/$(S3_PREFIX) --recursive
-
-	aws cloudformation package \
-		--region $(S3_REGION) \
-		--template-file single.yaml \
-		--s3-bucket $(S3_BUCKET) \
-		--s3-prefix modules/foundational/$(S3_PREFIX) \
-		--force-upload \
-		--output-template-file packaged-template.yaml
+publish:
+	aws s3 cp ./template.yaml s3://$(S3_BUCKET)/modules/foundational/$(S3_PREFIX)/template.yaml
 
-test: packaged-template.yaml
+deploy:
 	aws cloudformation deploy \
 		--stack-name $(STACK_NAME) \
-		--template-file packaged-template.yaml \
+		--template-file template.yaml \
 		--capabilities "CAPABILITY_NAMED_IAM" "CAPABILITY_AUTO_EXPAND" \
 		--parameter-overrides \
-			"SysdigSecureAPIToken=$(SECURE_API_TOKEN)" 
-
-ci: packaged-template.yaml
-	aws s3 cp ./packaged-template.yaml s3://$(S3_BUCKET)/modules/foundational/$(S3_PREFIX)/single.yaml
+			"NameSuffix=$(PARAM_NAME_SUFFIX)" \
+			"ExternalID=$(PARAM_EXTERNAL_ID)" \
+			"TrustedIdentity=$(PARAM_TRUSTED_IDENTITY)" \
+			"IsOrganizational=$(PARAM_IS_ORGANIZATIONAL)" \
+			"OrganizationUnitIDs=$(PARAM_ORGANIZATION_UNIT_IDS)"
 
 clean:
 	aws cloudformation delete-stack --stack-name $(STACK_NAME)
 
-packaged-template-org.yaml:
-	aws s3 rm s3://$(S3_BUCKET)/modules/foundational/$(S3_PREFIX) --recursive
-	aws cloudformation package \
-		--region $(S3_REGION) \
-		--template-file org.yaml \
-		--s3-bucket $(S3_BUCKET) \
-		--s3-prefix modules/foundational/$(S3_PREFIX) \
-		--force-upload \
-		--output-template-file packaged-template-org.yaml
-
-test-org: packaged-template-org.yaml
-	aws cloudformation deploy \
-		--stack-name $(STACK_NAME_ORG) \
-		--template-file packaged-template-org.yaml \
-		--capabilities "CAPABILITY_NAMED_IAM" "CAPABILITY_AUTO_EXPAND" \
-		--parameter-overrides \
-			"SysdigSecureAPIToken=$(SECURE_API_TOKEN)" 
-
-ci-org: packaged-template-org.yaml
-	aws s3 cp ./packaged-template-org.yaml s3://$(S3_BUCKET)/modules/foundational/$(S3_PREFIX)/org.yaml
-
-clean-org:
-	aws cloudformation delete-stack --stack-name $(STACK_NAME_ORG)