chore: [PAGOPA-2626] Decoupler: logic for FdR SOAP requests (#2766)

* added check on fdr org soap request

* added check on fdr psp soap request

* precommit

* fix

* fix

* fix

* fix

* added sha

* added comment

* conflict resolved

* feat: [PAGOPA-2647] defining response caching for `nodoChiediElencoFlussiRendicontazione` primitive (#2781)

* [PAGOPA-2647] feat: defining response caching for FdR-Fase1 'flow list' API

* [PAGOPA-2647] fix: resolving bugs and refactoring code

* [PAGOPA-2647] fix: excluding caching process if response returns a fault code

* [PAGOPA-2647] fix: updating tracing text

* [PAGOPA-2647] fix: resolving bugs and adding correct handling of BLOB headers

* [PAGOPA-2647] fix: adding permission for read/write operations by APIM

* [PAGOPA-2647] chore: commenting trace tag, avoiding unnecessary log

* remove mongodb

* fix

* recovre after push error

* fix dashboard

* fix dashboard

* fix secret prod

* fix fdr common

* fix

---------

Co-authored-by: Andrea D. <[email protected]>
Co-authored-by: pasqualespica <[email protected]>
Co-authored-by: Pasquale Spica <[email protected]>

.gitignore

@@ -50,4 +50,5 @@ __import_apim
 /src/psql/nodo/liquibase/online.properties
 /src/psql/nodo/liquibase/re.properties
 /src/psql/nodo/liquibase/offline.properties
-**/secret.json
+**/secret.json
+*-BCK

src/domains/fdr-app/00_data.tf

@@ -19,6 +19,11 @@ data "azurerm_storage_account" "fdr_flows_sa" {
   resource_group_name = data.azurerm_resource_group.data.name
 }
 
+data "azurerm_storage_account" "fdr_conversion_sa" {
+  name                = replace("${local.project}-sa", "-", "")
+  resource_group_name = data.azurerm_resource_group.fdr_rg.name
+}
+
 data "azurerm_resource_group" "data" {
   name = "${local.product}-data-rg"
 }
@@ -28,6 +33,11 @@ data "azurerm_storage_container" "fdr_rend_flow" {
   storage_account_name = data.azurerm_storage_account.fdr_flows_sa.name
 }
 
+data "azurerm_storage_container" "fdr1_cached_response" {
+  name                 = "fdr1-cached-response"
+  storage_account_name = data.azurerm_storage_account.fdr_conversion_sa.name
+}
+
 data "azurerm_container_registry" "common-acr" {
   name                = replace("${local.product}-common-acr", "-", "")
   resource_group_name = data.azurerm_resource_group.container_registry_rg.name

src/domains/fdr-app/00_monitor.tf

@@ -28,14 +28,15 @@ data "azurerm_monitor_action_group" "opsgenie" {
   name                = local.monitor_action_group_opsgenie_name
 }
 
-resource "azurerm_portal_dashboard" "fdr-soap-dashboard" {
-  name                = "FdR-SOAP"
+resource "azurerm_portal_dashboard" "fdr-dashboard" {
+  count               = var.env_short == "p" ? 1 : 0
+  name                = "FLussiDiRendicontazione-${var.env}-FdR"
   resource_group_name = var.monitor_resource_group_name
   location            = var.location
   tags = {
     source = "terraform"
   }
-  dashboard_properties = templatefile("dashboard/dash-fdr-soap.tpl", {
+  dashboard_properties = templatefile("./dashboard/dashboard-apim-fdr.tpl", {
     subscription_id = data.azurerm_subscription.current.subscription_id,
     env_short       = var.env_short
   })

src/domains/fdr-app/00_network.tf

@@ -13,29 +13,6 @@ data "azurerm_dns_zone" "public" {
   name = join(".", [var.apim_dns_zone_prefix, var.external_domain])
 }
 
-
-module "fdr_re_function_snet" {
-  source                                    = "./.terraform/modules/__v3__/subnet"
-  name                                      = "${local.project}-re-fn-snet"
-  address_prefixes                          = var.fdr_re_function_subnet
-  resource_group_name                       = local.vnet_resource_group_name
-  virtual_network_name                      = data.azurerm_virtual_network.vnet.name
-  private_endpoint_network_policies_enabled = var.fdr_re_function_network_policies_enabled
-
-  service_endpoints = [
-    "Microsoft.Web",
-    "Microsoft.AzureCosmosDB",
-  ]
-
-  delegation = {
-    name = "default"
-    service_delegation = {
-      name    = "Microsoft.Web/serverFarms"
-      actions = ["Microsoft.Network/virtualNetworks/subnets/action"]
-    }
-  }
-}
-
 module "fdr_xml_to_json_function_snet" {
   source                                    = "./.terraform/modules/__v3__/subnet"
   name                                      = "${local.project}-xml-to-json-fn-snet"
@@ -58,25 +35,3 @@ module "fdr_xml_to_json_function_snet" {
   }
 }
 
-module "fdr_json_to_xml_function_snet" {
-  source                                    = "./.terraform/modules/__v3__/subnet"
-  name                                      = "${local.project}-json-to-xml-fn-snet"
-  address_prefixes                          = var.fdr_json_to_xml_function_subnet
-  resource_group_name                       = local.vnet_resource_group_name
-  virtual_network_name                      = data.azurerm_virtual_network.vnet.name
-  private_endpoint_network_policies_enabled = var.fdr_json_to_xml_function_network_policies_enabled
-
-  service_endpoints = [
-    "Microsoft.Web",
-    "Microsoft.AzureCosmosDB",
-  ]
-
-  delegation = {
-    name = "default"
-    service_delegation = {
-      name    = "Microsoft.Web/serverFarms"
-      actions = ["Microsoft.Network/virtualNetworks/subnets/action"]
-    }
-  }
-}
-

src/domains/fdr-app/04_apim_aux.tf

@@ -0,0 +1,81 @@
+// Switch to pagoPA FdR SOAP request for Orgs (creditor institutions)
+// https://pagopa.atlassian.net/wiki/spaces/IQCGJ/pages/1071153182/FdR-1+Flussi+di+Rendicontazione
+resource "azurerm_api_management_named_value" "enable_fdr_ci_soap_request" {
+  name                = "enable-fdr-ci-soap-request-switch"
+  api_management_name = data.azurerm_api_management.apim.name
+  resource_group_name = data.azurerm_api_management.apim.resource_group_name
+  display_name        = "enable-fdr-ci-soap-request-switch"
+  value               = var.enable_fdr_ci_soap_request
+}
+
+// Switch to pagoPA FdR SOAP request for PSP
+// https://pagopa.atlassian.net/wiki/spaces/IQCGJ/pages/1071153182/FdR-1+Flussi+di+Rendicontazione
+resource "azurerm_api_management_named_value" "enable_fdr_psp_soap_request" {
+  name                = "enable-fdr-psp-soap-request-switch"
+  api_management_name = data.azurerm_api_management.apim.name
+  resource_group_name = data.azurerm_api_management.apim.resource_group_name
+  display_name        = "enable-fdr-psp-soap-request-switch"
+  value               = var.enable_fdr_psp_soap_request
+}
+
+// PSP list to switch traffic towards pagoPA FdR
+resource "azurerm_api_management_named_value" "fdr_psp_soap_request_psp_list" {
+  name                = "fdr-soap-request-psp-whitelist"
+  api_management_name = data.azurerm_api_management.apim.name
+  resource_group_name = data.azurerm_api_management.apim.resource_group_name
+  display_name        = "fdr-soap-request-psp-whitelist"
+  value               = var.fdr_soap_request_psp_whitelist
+}
+
+// CI list to switch traffic towards pagoPA FdR
+resource "azurerm_api_management_named_value" "fdr_ci_soap_request_ci_list" {
+  name                = "fdr-soap-request-ci-whitelist"
+  api_management_name = data.azurerm_api_management.apim.name
+  resource_group_name = data.azurerm_api_management.apim.resource_group_name
+  display_name        = "fdr-soap-request-ci-whitelist"
+  value               = var.fdr_soap_request_ci_whitelist
+}
+
+########################
+##  Info for FdR Rend ##
+########################
+resource "azurerm_api_management_named_value" "fdrcontainername" {
+  name                = "fdrcontainername"
+  api_management_name = data.azurerm_api_management.apim.name
+  resource_group_name = data.azurerm_resource_group.rg_api.name
+  display_name        = "fdrcontainername"
+  value               = data.azurerm_storage_container.fdr_rend_flow.name
+}
+
+resource "azurerm_api_management_named_value" "fdrsaname" {
+  name                = "fdrsaname"
+  api_management_name = data.azurerm_api_management.apim.name
+  resource_group_name = data.azurerm_resource_group.rg_api.name
+  display_name        = "fdrsaname"
+  value               = data.azurerm_storage_account.fdr_flows_sa.name
+}
+
+
+resource "azurerm_api_management_named_value" "fdr_cachedresponse_saname" {
+  name                = "fdr_cachedresponse_saname"
+  api_management_name = data.azurerm_api_management.apim.name
+  resource_group_name = data.azurerm_resource_group.rg_api.name
+  display_name        = "fdr_cachedresponse_saname"
+  value               = data.azurerm_storage_account.fdr_conversion_sa.name
+}
+
+resource "azurerm_api_management_named_value" "fdr_cachedresponse_containername" {
+  name                = "fdr_cachedresponse_containername"
+  api_management_name = data.azurerm_api_management.apim.name
+  resource_group_name = data.azurerm_resource_group.rg_api.name
+  display_name        = "fdr_cachedresponse_containername"
+  value               = data.azurerm_storage_container.fdr1_cached_response.name
+}
+
+resource "azurerm_api_management_named_value" "fdr1_cache_duration" {
+  name                = "fdr1_cache_duration"
+  api_management_name = data.azurerm_api_management.apim.name
+  resource_group_name = data.azurerm_resource_group.rg_api.name
+  display_name        = "fdr1_cache_duration"
+  value               = var.fdr1_cache_duration
+}

src/domains/fdr-app/04_apim_fdr_fase1.tf

@@ -29,6 +29,16 @@ resource "azurerm_api_management_api_operation_policy" "fdr_pagopa_policy_nodoIn
   })
 }
 
+# fragment sha
+# https://github.com/hashicorp/terraform-provider-azurerm/issues/17016#issuecomment-1314991599
+# https://learn.microsoft.com/en-us/azure/templates/microsoft.apimanagement/2022-04-01-preview/service/policyfragments?pivots=deployment-language-terraform
+resource "terraform_data" "sha256_fdr_pagopa_policy_nodoInviaFlussoRendicontazione" {
+  input = sha256(templatefile("./api/fdr-fase1/nodoPerPsp/v1/fdr_nodoinvia_flussorendicontazione_flow.xml", {
+    is-fdr-nodo-pagopa-enable = var.apim_fdr_nodo_pagopa_enable
+    base-url                  = "https://${local.fdr_hostname}/pagopa-fdr-nodo-service"
+  }))
+}
+
 #########
 ## PA ##
 #########
@@ -51,6 +61,16 @@ resource "azurerm_api_management_api_operation_policy" "fdr_pagopa_policy_nodoCh
   })
 }
 
+# fragment sha
+# https://github.com/hashicorp/terraform-provider-azurerm/issues/17016#issuecomment-1314991599
+# https://learn.microsoft.com/en-us/azure/templates/microsoft.apimanagement/2022-04-01-preview/service/policyfragments?pivots=deployment-language-terraform
+resource "terraform_data" "sha256_fdr_pagopa_policy_nodoChiediFlussoRendicontazione" {
+  input = sha256(templatefile("./api/fdr-fase1/nodoPerPa/v1/fdr_pagopa.xml.tpl", {
+    is-fdr-nodo-pagopa-enable = var.apim_fdr_nodo_pagopa_enable
+    base-url                  = "https://${local.fdr_hostname}/pagopa-fdr-nodo-service"
+  }))
+}
+
 # nodoChiediElencoFlussiRendicontazione DEV 6218976195aa0303ccfcf901
 # nodoChiediElencoFlussiRendicontazione UAT 61e96321e0f4ba04a49d1285
 # nodoChiediElencoFlussiRendicontazione PRD 61e9633dea7c4a07cc7d480d
@@ -62,8 +82,18 @@ resource "azurerm_api_management_api_operation_policy" "fdr_pagopa_policy_nodoCh
   operation_id        = var.env_short == "d" ? "6218976195aa0303ccfcf901" : var.env_short == "u" ? "61e96321e0f4ba04a49d1285" : "61e9633dea7c4a07cc7d480d"
 
   #tfsec:ignore:GEN005
-  xml_content = templatefile("./api/fdr-fase1/nodoPerPa/v1/fdr_pagopa.xml.tpl", {
+  xml_content = templatefile("./api/fdr-fase1/nodoPerPa/v1/fdr_pagopa_nodoChiediElencoFlussiRendicontazione.xml.tpl", {
     is-fdr-nodo-pagopa-enable = var.apim_fdr_nodo_pagopa_enable
     base-url                  = "https://${local.fdr_hostname}/pagopa-fdr-nodo-service"
   })
 }
+
+# fragment sha
+# https://github.com/hashicorp/terraform-provider-azurerm/issues/17016#issuecomment-1314991599
+# https://learn.microsoft.com/en-us/azure/templates/microsoft.apimanagement/2022-04-01-preview/service/policyfragments?pivots=deployment-language-terraform
+resource "terraform_data" "sha256_fdr_pagopa_policy_nodoChiediElencoFlussiRendicontazione" {
+  input = sha256(templatefile("./api/fdr-fase1/nodoPerPa/v1/fdr_pagopa.xml.tpl", {
+    is-fdr-nodo-pagopa-enable = var.apim_fdr_nodo_pagopa_enable
+    base-url                  = "https://${local.fdr_hostname}/pagopa-fdr-nodo-service"
+  }))
+}

src/domains/fdr-app/04_apim_fdr_fase1_auth.tf

@@ -86,7 +86,7 @@ resource "azurerm_api_management_api_operation_policy" "fdr_pagopa_policy_nodoCh
   operation_id        = var.env_short == "d" ? "6352c3bcc257810f183b398b" : var.env_short == "u" ? "636cb7e9451c1c01c4186998" : "63b6e2da2a92e811a8f338f8"
 
   #tfsec:ignore:GEN005
-  xml_content = templatefile("./api/fdr-fase1/nodoPerPa/v1/fdr_pagopa.xml.tpl", {
+  xml_content = templatefile("./api/fdr-fase1/nodoPerPa/v1/fdr_pagopa_nodoChiediElencoFlussiRendicontazione.xml.tpl", {
     is-fdr-nodo-pagopa-enable = var.apim_fdr_nodo_pagopa_enable
     base-url                  = "https://${local.fdr_hostname}/pagopa-fdr-nodo-service"
   })

src/domains/fdr-app/04_apim_fdr_fase3.tf

@@ -76,22 +76,3 @@ module "apim_fdr_product_internal" {
 
   policy_xml = file("./api_product/fdr-service-internal/_base_policy.xml")
 }
-
-########################
-##  Info for FdR Rend ##
-########################
-resource "azurerm_api_management_named_value" "fdrcontainername" {
-  name                = "fdrcontainername"
-  api_management_name = data.azurerm_api_management.apim.name
-  resource_group_name = data.azurerm_resource_group.rg_api.name
-  display_name        = "fdrcontainername"
-  value               = data.azurerm_storage_container.fdr_rend_flow.name
-}
-
-resource "azurerm_api_management_named_value" "fdrsaname" {
-  name                = "fdrsaname"
-  api_management_name = data.azurerm_api_management.apim.name
-  resource_group_name = data.azurerm_resource_group.rg_api.name
-  display_name        = "fdrsaname"
-  value               = data.azurerm_storage_account.fdr_flows_sa.name
-}