## BEGIN CONFIGURATION
##
## SECURITY ACCOUNT
SEC_ACCOUNT_ID := 
AWS_CLI_SEC_PROFILE := flw-sec

FLOWABLE_REPO_AUTH_USERNAME := 
FLOWABLE_REPO_AUTH_PASSWORD := 
FLOWABLE_DEV_LICENSE_FILE := "~/.flowable/flowable.license"
FLOWABLE_PROD_LICENSE_FILE := "~/.flowable/flowable.license"

## DEVELOPMENT ACCOUNT
DEV_ACCOUNT_ID := 
AWS_CLI_DEV_PROFILE := flw-dev

## PRODUCTION ACCOUNT 
PROD_ACCOUNT_ID :=
AWS_CLI_PROD_PROFILE := flw-prod

## END CONFIGURATION

.ONESHELL:

.PHONY: init-development
init-development: guard-AWS_CLI_DEV_PROFILE guard-SEC_ACCOUNT_ID
	@export AWS_CLI_DEV_PROFILE=${AWS_CLI_DEV_PROFILE}
	@export SEC_ACCOUNT_ID=${SEC_ACCOUNT_ID}

	@cd dev-account && $(MAKE) init-dev-iam

.PHONY: init-production
init-production: guard-AWS_CLI_PROD_PROFILE guard-SEC_ACCOUNT_ID
	@export AWS_CLI_PROD_PROFILE=${AWS_CLI_PROD_PROFILE}
	@export SEC_ACCOUNT_ID=${SEC_ACCOUNT_ID}

	@cd prod-account && $(MAKE) init-prod-iam

.PHONY: init-security
init-security: guard-AWS_CLI_SEC_PROFILE guard-DEV_ACCOUNT_ID guard-PROD_ACCOUNT_ID guard-FLOWABLE_REPO_AUTH_USERNAME guard-FLOWABLE_REPO_AUTH_PASSWORD guard-FLOWABLE_DEV_LICENSE_FILE guard-FLOWABLE_PROD_LICENSE_FILE
	@export AWS_CLI_SEC_PROFILE=${AWS_CLI_SEC_PROFILE}
	@export DEV_ACCOUNT_ID=${DEV_ACCOUNT_ID}
	@export PROD_ACCOUNT_ID=${PROD_ACCOUNT_ID}
	@export FLOWABLE_REPO_AUTH_USERNAME=${FLOWABLE_REPO_AUTH_USERNAME}
	@export FLOWABLE_REPO_AUTH_PASSWORD=${FLOWABLE_REPO_AUTH_PASSWORD}
	@export FLOWABLE_DEV_LICENSE_FILE=${FLOWABLE_DEV_LICENSE_FILE}
	@export FLOWABLE_PROD_LICENSE_FILE=${FLOWABLE_PROD_LICENSE_FILE}

	@cd sec-account && $(MAKE) init-security-iam
	$(MAKE) init-security-secrets
	$(MAKE) init-tf-backend
	$(MAKE) upload-flowable-non-prod-license
	$(MAKE) upload-flowable-prod-license
	$(MAKE) set-flowable-non-prod-repo-auth
	$(MAKE) set-flowable-prod-repo-auth

guard-%:
	@ if [ "${${*}}" = "" ]; then \
		echo "$* is not set"; \
		exit 1; \
	fi