diff --git a/.github/workflows/pr_ms.yml b/.github/workflows/pr_ms.yml index 812c06e0..51421e17 100644 --- a/.github/workflows/pr_ms.yml +++ b/.github/workflows/pr_ms.yml @@ -22,7 +22,7 @@ on: jobs: code_review: - uses: pagopa/selfcare-commons/.github/workflows/call_code_review_spring.yml@EC-149-template-git-hub-workflows + uses: pagopa/selfcare-commons/.github/workflows/call_code_review_spring.yml@main name: 'Code Review' secrets: inherit if: github.base_ref == 'main' && github.event_name == 'pull_request' @@ -33,5 +33,5 @@ jobs: sonar_key: 'pagopa_selfcare-ms-party-registry-proxy' docker_build: - uses: pagopa/selfcare-commons/.github/workflows/call_code_review_docker.yml@EC-149-template-git-hub-workflows + uses: pagopa/selfcare-commons/.github/workflows/call_code_review_docker.yml@main name: 'Docker' \ No newline at end of file diff --git a/.github/workflows/release_ms.yml b/.github/workflows/release_ms.yml index 874cbd9f..81b1fb8f 100644 --- a/.github/workflows/release_ms.yml +++ b/.github/workflows/release_ms.yml @@ -1,7 +1,15 @@ -name: Release ms-party-registry-proxy +name: Release - ms-party-registry-proxy on: workflow_dispatch: + inputs: + env: + type: choice + description: Environment + options: + - dev + - uat + - prod push: branches: @@ -19,28 +27,31 @@ on: jobs: release_dev: - uses: pagopa/selfcare-commons/.github/workflows/call_release_docker.yml@EC-149-template-git-hub-workflows + uses: pagopa/selfcare-commons/.github/workflows/call_release_docker.yml@main name: '[Dev] PartyRegistryProxy ms Release' - if: startsWith(github.ref_name, 'releases/') != true + if: ${{ (startsWith(github.ref_name, 'releases/') != true && inputs.env == null) || inputs.env == 'dev' }} secrets: inherit with: environment: dev - dir: 'infra' + tf_environment: dev + dir: 'infra/container_apps' release_uat: - uses: pagopa/selfcare-commons/.github/workflows/call_release_docker.yml@EC-149-template-git-hub-workflows + uses: pagopa/selfcare-commons/.github/workflows/call_release_docker.yml@main name: '[UAT] PartyRegistryProxy ms Release' - if: startsWith(github.ref_name, 'releases/') + if: ${{ (startsWith(github.ref_name, 'releases/') == true && inputs.env == null) || inputs.env == 'uat' }} secrets: inherit with: environment: uat - dir: 'infra' + tf_environment: uat + dir: 'infra/container_apps' release_prod: - uses: pagopa/selfcare-commons/.github/workflows/call_release_docker.yml@EC-149-template-git-hub-workflows + uses: pagopa/selfcare-commons/.github/workflows/call_release_docker.yml@main name: '[Prod] PartyRegistryProxy ms Release' - if: startsWith(github.ref_name, 'releases/') + if: ${{ inputs.env == 'prod' }} secrets: inherit with: environment: prod - dir: 'infra' \ No newline at end of file + tf_environment: prod + dir: 'infra/container_apps' \ No newline at end of file diff --git a/.github/workflows/release_ms_pnpg.yml b/.github/workflows/release_ms_pnpg.yml index 3e23d540..64c1faf4 100644 --- a/.github/workflows/release_ms_pnpg.yml +++ b/.github/workflows/release_ms_pnpg.yml @@ -1,7 +1,15 @@ -name: Release PNPG ms-party-registry-proxy +name: Release - PNPG ms-party-registry-proxy on: workflow_dispatch: + inputs: + env: + type: choice + description: Environment + options: + - dev + - uat + - prod push: branches: @@ -19,31 +27,31 @@ on: jobs: release_dev: - uses: pagopa/selfcare-commons/.github/workflows/call_release_docker.yml@EC-149-template-git-hub-workflows + uses: pagopa/selfcare-commons/.github/workflows/call_release_docker.yml@main name: '[Dev] PartyRegistryProxy ms Release' - if: startsWith(github.ref_name, 'releases/') != true + if: ${{ (startsWith(github.ref_name, 'releases/') != true && inputs.env == null) || inputs.env == 'dev' }} secrets: inherit with: environment: dev tf_environment: dev-pnpg - dir: 'infra' + dir: 'infra/container_apps' release_uat: - uses: pagopa/selfcare-commons/.github/workflows/call_release_docker.yml@EC-149-template-git-hub-workflows + uses: pagopa/selfcare-commons/.github/workflows/call_release_docker.yml@main name: '[UAT] PartyRegistryProxy ms Release' - if: startsWith(github.ref_name, 'releases/') + if: ${{ (startsWith(github.ref_name, 'releases/') == true && inputs.env == null) || inputs.env == 'uat' }} secrets: inherit with: environment: uat tf_environment: uat-pnpg - dir: 'infra' + dir: 'infra/container_apps' release_prod: - uses: pagopa/selfcare-commons/.github/workflows/call_release_docker.yml@EC-149-template-git-hub-workflows + uses: pagopa/selfcare-commons/.github/workflows/call_release_docker.yml@main name: '[Prod] PartyRegistryProxy ms Release' - if: startsWith(github.ref_name, 'releases/') + if: ${{ inputs.env == 'prod' }} secrets: inherit with: environment: prod tf_environment: prod-pnpg - dir: 'infra' \ No newline at end of file + dir: 'infra/container_apps' \ No newline at end of file diff --git a/Dockerfile.new b/Dockerfile.new index 13dc1062..356feb80 100644 --- a/Dockerfile.new +++ b/Dockerfile.new @@ -12,9 +12,13 @@ WORKDIR /app COPY --from=builder ./target/*.jar ./app.jar -ADD https://github.com/microsoft/ApplicationInsights-Java/releases/download/3.1.1/applicationinsights-agent-3.1.1.jar /applicationinsights-agent.jar +ADD https://github.com/microsoft/ApplicationInsights-Java/releases/download/3.2.11/applicationinsights-agent-3.2.11.jar ./applicationinsights-agent.jar +RUN chmod 755 ./applicationinsights-agent.jar -EXPOSE 8080 +RUN chown -R 1001:1001 /app +RUN chmod 755 /app USER 1001 +EXPOSE 8080 + ENTRYPOINT ["java", "-jar", "app.jar"] \ No newline at end of file diff --git a/connector/azure_storage/src/main/java/it/pagopa/selfcare/party/connector/azure_storage/IvassDataConnectorImpl.java b/connector/azure_storage/src/main/java/it/pagopa/selfcare/party/connector/azure_storage/IvassDataConnectorImpl.java index b13960cd..4c2367df 100644 --- a/connector/azure_storage/src/main/java/it/pagopa/selfcare/party/connector/azure_storage/IvassDataConnectorImpl.java +++ b/connector/azure_storage/src/main/java/it/pagopa/selfcare/party/connector/azure_storage/IvassDataConnectorImpl.java @@ -60,7 +60,7 @@ public List getInsurances() { } catch (Exception e) { log.error("Impossible to acquire data for IVASS. Error: {}", e.getMessage(), e); } - log.debug("getInsurances result = {}", companies); + //log.debug("getInsurances result = {}", companies); log.trace("getInsurances end"); return companies .stream() diff --git a/connector/ftp/src/main/java/it/pagopa/selfcare/party/connector/ftp/client/AnacFTPClient.java b/connector/ftp/src/main/java/it/pagopa/selfcare/party/connector/ftp/client/AnacFTPClient.java index 101ec7e9..c70a0c23 100644 --- a/connector/ftp/src/main/java/it/pagopa/selfcare/party/connector/ftp/client/AnacFTPClient.java +++ b/connector/ftp/src/main/java/it/pagopa/selfcare/party/connector/ftp/client/AnacFTPClient.java @@ -53,7 +53,7 @@ public Optional getFile(String fileName) { } private Optional connectAndRetrieveFile(ChannelSftp channelSftp, String fileName) throws JSchException, SftpException, IOException { - channelSftp.connect(); + channelSftp.connect(30000); InputStream inputStream = channelSftp.get(fileName); InputStream finalInputStream = new ByteArrayInputStream(inputStream.readAllBytes()); return Optional.of(finalInputStream); diff --git a/connector/lucene/src/main/java/it/pagopa/selfcare/party/registry_proxy/connector/lucene/reader/DirectoryReaderFactory.java b/connector/lucene/src/main/java/it/pagopa/selfcare/party/registry_proxy/connector/lucene/reader/DirectoryReaderFactory.java index 985e88da..aaafcc6d 100644 --- a/connector/lucene/src/main/java/it/pagopa/selfcare/party/registry_proxy/connector/lucene/reader/DirectoryReaderFactory.java +++ b/connector/lucene/src/main/java/it/pagopa/selfcare/party/registry_proxy/connector/lucene/reader/DirectoryReaderFactory.java @@ -31,7 +31,7 @@ public DirectoryReader create() { currentReader = Optional.ofNullable(DirectoryReader.openIfChanged(currentReader)) .orElse(currentReader); } - log.debug("create result = {}", currentReader); + //log.debug("create result = {}", currentReader); log.trace("create end"); return currentReader; } diff --git a/connector/lucene/src/main/java/it/pagopa/selfcare/party/registry_proxy/connector/lucene/writer/IndexWriterFactoryTemplate.java b/connector/lucene/src/main/java/it/pagopa/selfcare/party/registry_proxy/connector/lucene/writer/IndexWriterFactoryTemplate.java index eb95b155..75302206 100644 --- a/connector/lucene/src/main/java/it/pagopa/selfcare/party/registry_proxy/connector/lucene/writer/IndexWriterFactoryTemplate.java +++ b/connector/lucene/src/main/java/it/pagopa/selfcare/party/registry_proxy/connector/lucene/writer/IndexWriterFactoryTemplate.java @@ -26,7 +26,7 @@ public IndexWriterFactoryTemplate(Directory directory, Analyzer analyzer) { public IndexWriter create() { log.trace("create start"); final IndexWriter indexWriter = new IndexWriter(directory, new IndexWriterConfig(analyzer)); - log.debug("create result = {}", indexWriter); + //log.debug("create result = {}", indexWriter); log.trace("create end"); return indexWriter; } diff --git a/connector/lucene/src/main/java/it/pagopa/selfcare/party/registry_proxy/connector/lucene/writer/IndexWriterServiceTemplate.java b/connector/lucene/src/main/java/it/pagopa/selfcare/party/registry_proxy/connector/lucene/writer/IndexWriterServiceTemplate.java index 84ca91a8..c3668838 100644 --- a/connector/lucene/src/main/java/it/pagopa/selfcare/party/registry_proxy/connector/lucene/writer/IndexWriterServiceTemplate.java +++ b/connector/lucene/src/main/java/it/pagopa/selfcare/party/registry_proxy/connector/lucene/writer/IndexWriterServiceTemplate.java @@ -31,7 +31,7 @@ public IndexWriterServiceTemplate(IndexWriterFactory indexWriterFactory, Functio @Override public void adds(List items) { log.trace("adds start"); - log.debug("adds items = {}", items); + log.debug("adds items = {}", items.size()); final IndexWriter indexWriter = indexWriterFactory.create(); try (indexWriter) { for (T item : items) { diff --git a/connector/rest/src/main/java/it/pagopa/selfcare/party/registry_proxy/connector/rest/OpenDataConnectorTemplate.java b/connector/rest/src/main/java/it/pagopa/selfcare/party/registry_proxy/connector/rest/OpenDataConnectorTemplate.java index 7c3b37dc..6f631ab4 100644 --- a/connector/rest/src/main/java/it/pagopa/selfcare/party/registry_proxy/connector/rest/OpenDataConnectorTemplate.java +++ b/connector/rest/src/main/java/it/pagopa/selfcare/party/registry_proxy/connector/rest/OpenDataConnectorTemplate.java @@ -39,7 +39,7 @@ public List getInstitutions() { } //TODO: scartare i record che non soddisfano determinati requisiti? - log.debug("getInstitutions result = {}", institutions); + //log.debug("getInstitutions result = {}", institutions); log.trace("getInstitutions end"); return institutions; } @@ -61,7 +61,7 @@ public List getCategories() { } //TODO: scartare i record che non soddisfano determinati requisiti? - log.debug("getCategories result = {}", categories); + //log.debug("getCategories result = {}", categories); log.trace("getCategories end"); return categories; } @@ -83,7 +83,7 @@ public List getAOOs() { } //TODO: scartare i record che non soddisfano determinati requisiti? - log.debug("getAOOs result = {}", aoos); + //log.debug("getAOOs result = {}", aoos); log.trace("getAOOs end"); return aoos; } @@ -105,7 +105,7 @@ public List getUOs() { } //TODO: scartare i record che non soddisfano determinati requisiti? - log.debug("getUOs result = {}", uos); + //log.debug("getUOs result = {}", uos); log.trace("getUOs end"); return uos; } diff --git a/infra/container_apps/.terraform.lock.hcl b/infra/container_apps/.terraform.lock.hcl new file mode 100644 index 00000000..bdcbd8fe --- /dev/null +++ b/infra/container_apps/.terraform.lock.hcl @@ -0,0 +1,48 @@ +# This file is maintained automatically by "terraform init". +# Manual edits may be lost in future updates. + +provider "registry.terraform.io/azure/azapi" { + version = "1.9.0" + constraints = "~> 1.9.0" + hashes = [ + "h1:Ow1rr5fYBGSkplH/kcXeWz9y2wA81BnhZ7vTBzJfAAg=", + "h1:shpEoqcAbf+p6AvspiYO1YrX//8l1LV/owEcQpujWHw=", + "h1:yIJQVdnmGZdvS3yrw0M8ke9KiB/c0tjZ7KUXC46Hjx0=", + "h1:zaLH2Owmj61RX2G1Cy6VDy8Ttfzx+lDsSCyiu5cXkm4=", + "zh:349569471fbf387feaaf8b88da1690669e201147c342f905e5eb03df42b3cf87", + "zh:54346d5fb78cbad3eb7cfd96e1dd7ce4f78666cabaaccfec6ee9437476330018", + "zh:64b799da915ea3a9a58ac7a926c6a31c59fd0d911687804d8e815eda88c5580b", + "zh:9336ed9e112555e0fda8af6be9ba21478e30117d79ba662233311d9560d2b7c6", + "zh:a8aace9897b28ea0b2dbd7a3be3df033e158af40412c9c7670be0956f216ed7e", + "zh:ab23df7de700d9e785009a4ca9ceb38ae1ab894a13f5788847f15d018556f415", + "zh:b4f13f0b13560a67d427c71c85246f8920f98987120341830071df4535842053", + "zh:e58377bf36d8a14d28178a002657865ee17446182dac03525fd43435e41a1b5c", + "zh:ea5db4acc6413fd0fe6b35981e58cdc9850f5f3118031cc3d2581de511aee6aa", + "zh:f0b32c06c6bd4e4af2c02a62be07b947766aeeb09289a03f21aba16c2fd3c60f", + "zh:f1518e766a90c257d7eb36d360dafaf311593a4a9352ff8db0bcfe0ed8cf45ae", + "zh:fa89e84cff0776b5b61ff27049b1d8ed52040bd58c81c4628890d644a6fb2989", + ] +} + +provider "registry.terraform.io/hashicorp/azurerm" { + version = "3.91.0" + constraints = "<= 3.91.0" + hashes = [ + "h1:8hMFuaTQsZIV69D0J/W+6hSlhRRDzYSpC0Eg9yWYF0o=", + "h1:FEDNnFv/uKI2+FQ+nDoyswEI3trJ3d7Fx2Cy7Ff4Rq8=", + "h1:Iv9CR+7491iozaK2AkCSAK2u4a2rPyJDQpyHijClj6Y=", + "h1:t0I5G4canK6UdlgHGfMV4rUNBPGdrMiIB01VGizlXB8=", + "zh:13928b71b1235783f3f877a799e28fb91e50512b051eb8ccb370500fc140cf3f", + "zh:3264341657e9ff3963d69b0fa088f64665349e2a29b2f3aeb4deee6d9d7584b7", + "zh:467a2ddd2eee26353db65e949bfbe533481ca0fb53c152724380b63a308f11b9", + "zh:6133e57087167b163180df3a77fab0c63b3e11609d139d39db8d3be3d6ec7ccd", + "zh:6df24730bc9247647ffb44832c3c64e45ab731dd83a3592d33d28235a453235a", + "zh:775aae148223a4a86e2dd25533a95a5fea4817085b6c5e643a7192453270cd68", + "zh:89d51148c7c123685d3e2f7e291888a3af009656e5c0ad66235a7c686ecb19d2", + "zh:9c89552051226eeb7c0fc66ad5aa57d1d0f5acc1d56afad06b6596707ae6c85e", + "zh:c4f3bc269837fa3b6ad803de2c7d1125dd791d78a521dcad2e7a63b905a13a53", + "zh:e48f05de1ffdcc998c5ff915570fb0557c7ac1d3af971dd76aff82e66d45bf06", + "zh:f1945716c7b9c23c25ca9fb4a68f27b6cfa25f5d235112c31f9412eba47f93c6", + "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c", + ] +} diff --git a/infra/container_apps/README.md b/infra/container_apps/README.md new file mode 100644 index 00000000..6cf55732 --- /dev/null +++ b/infra/container_apps/README.md @@ -0,0 +1,42 @@ +# Container App + +Deploy container on a Container App instance. + + + +## Requirements + +| Name | Version | +|------|---------| +| [terraform](#requirement\_terraform) | >= 1.6.0 | + +## Providers + +No providers. + +## Modules + +| Name | Source | Version | +|------|--------|---------| +| [container\_app\_dashboard\_backend](#module\_container\_app\_dashboard\_backend) | github.com/pagopa/selfcare-commons//infra/terraform-modules/container_app_microservice | main | + +## Resources + +No resources. + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [app\_settings](#input\_app\_settings) | n/a | 
list(object({
    name  = string
    value = string
  }))
| n/a | yes | +| [container\_app](#input\_container\_app) | Container App configuration | 
object({
    min_replicas = number
    max_replicas = number

    scale_rules = list(object({
      name = string
      custom = object({
        metadata = map(string)
        type     = string
      })
    }))

    cpu    = number
    memory = string
  })
| n/a | yes | +| [env\_short](#input\_env\_short) | Environment short name | `string` | n/a | yes | +| [image\_tag](#input\_image\_tag) | Image tag to use for the container | `string` | `"latest"` | no | +| [is\_pnpg](#input\_is\_pnpg) | (Optional) True if you want to apply changes to PNPG environment | `bool` | `false` | no | +| [secrets\_names](#input\_secrets\_names) | KeyVault secrets to get values from | `map(string)` | n/a | yes | +| [tags](#input\_tags) | n/a | `map(any)` | n/a | yes | + +## Outputs + +No outputs. + \ No newline at end of file diff --git a/infra/container_apps/env/dev-pnpg/backend.ini b/infra/container_apps/env/dev-pnpg/backend.ini new file mode 100644 index 00000000..73ee9c6b --- /dev/null +++ b/infra/container_apps/env/dev-pnpg/backend.ini @@ -0,0 +1 @@ +subscription=DEV-SelfCare \ No newline at end of file diff --git a/infra/container_apps/env/dev-pnpg/backend.tfvars b/infra/container_apps/env/dev-pnpg/backend.tfvars new file mode 100644 index 00000000..24f06900 --- /dev/null +++ b/infra/container_apps/env/dev-pnpg/backend.tfvars @@ -0,0 +1,4 @@ +resource_group_name = "terraform-state-rg" +storage_account_name = "tfappdevselfcare" +container_name = "terraform-state" +key = "selfcare-pnpg-party-registry-proxy.container_app.tfstate" \ No newline at end of file diff --git a/infra/container_apps/env/dev-pnpg/terraform.tfvars b/infra/container_apps/env/dev-pnpg/terraform.tfvars new file mode 100644 index 00000000..515ef47d --- /dev/null +++ b/infra/container_apps/env/dev-pnpg/terraform.tfvars @@ -0,0 +1,79 @@ +is_pnpg = true +env_short = "d" + +tags = { + CreatedBy = "Terraform" + Environment = "Dev" + Owner = "SelfCare" + Source = "https://github.com/pagopa/selfcare-ms-party-registry-proxy" + CostCenter = "TS310 - PAGAMENTI & SERVIZI" +} + +container_app = { + min_replicas = 1 + max_replicas = 1 + scale_rules = [] + cpu = 1 + memory = "2Gi" +} + +app_settings = [ + { + name = "JAVA_TOOL_OPTIONS" + value = "-javaagent:applicationinsights-agent.jar" + }, + { + name = "APPLICATIONINSIGHTS_INSTRUMENTATION_LOGGING_LEVEL" + value = "OFF" + }, + { + name = "MS_PARTY_REGISTRY_PROXY_LOG_LEVEL" + value = "DEBUG" + }, + { + name = "MOCK_OPEN_DATA_ENABLED" + value = "false" + }, + { + name = "MOCK_OPEN_DATA_URL" + value = "https://selcdweupnpgcheckoutsa.z6.web.core.windows.net/resources" + }, + { + name = "MOCK_OPEN_DATA_INSTITUTION_ENDPOINT" + value = "/institutions-open-data-mock.csv" + }, + { + name = "MOCK_OPEN_DATA_CATEGORY_ENDPOINT" + value = "/categories-open-data-mock.csv" + }, + { + name = "MOCK_OPEN_DATA_AOO_ENDPOINT" + value = "/aoo-open-data-mock.csv" + }, + { + name = "MOCK_OPEN_DATA_UO_ENDPOINT" + value = "/uo-open-data-mock.csv" + }, + { + name = "INFO_CAMERE_URL" + value = "https://icapiscl.infocamere.it" + }, + { + name = "INFO_CAMERE_INSTITUTIONS_BY_LEGAL_ENDPOINT" + value = "/ic/ce/wspa/wspa/rest/listaLegaleRappresentante/{taxId}" + }, + { + name = "INFO_CAMERE_AUTHENTICATION_ENDPOINT" + value = "/ic/ce/wspa/wspa/rest/authentication" + }, + { + name = "NATIONAL_REGISTRIES_URL" + value = "https://api-selcpg.dev.notifichedigitali.it/national-registries-private" + } +] + +secrets_names = { + "BLOB_STORAGE_CONN_STRING" = "web-storage-connection-string" + "NATIONAL_REGISTRY_API_KEY" = "national-registry-api-key" + "APPLICATIONINSIGHTS_CONNECTION_STRING" = "appinsights-connection-string" +} diff --git a/infra/container_apps/env/dev/backend.ini b/infra/container_apps/env/dev/backend.ini new file mode 100644 index 00000000..73ee9c6b --- /dev/null +++ b/infra/container_apps/env/dev/backend.ini @@ -0,0 +1 @@ +subscription=DEV-SelfCare \ No newline at end of file diff --git a/infra/container_apps/env/dev/backend.tfvars b/infra/container_apps/env/dev/backend.tfvars new file mode 100644 index 00000000..462e91be --- /dev/null +++ b/infra/container_apps/env/dev/backend.tfvars @@ -0,0 +1,4 @@ +resource_group_name = "terraform-state-rg" +storage_account_name = "tfappdevselfcare" +container_name = "terraform-state" +key = "selfcare-party-registry-proxy.container_app.tfstate" \ No newline at end of file diff --git a/infra/container_apps/env/dev/terraform.tfvars b/infra/container_apps/env/dev/terraform.tfvars new file mode 100644 index 00000000..4d3d4fe3 --- /dev/null +++ b/infra/container_apps/env/dev/terraform.tfvars @@ -0,0 +1,87 @@ +env_short = "d" + +tags = { + CreatedBy = "Terraform" + Environment = "Dev" + Owner = "SelfCare" + Source = "https://github.com/pagopa/selfcare-ms-party-registry-proxy" + CostCenter = "TS310 - PAGAMENTI & SERVIZI" +} + +container_app = { + min_replicas = 1 + max_replicas = 1 + scale_rules = [] + cpu = 1 + memory = "2Gi" +} + +app_settings = [ + { + name = "JAVA_TOOL_OPTIONS" + value = "-javaagent:applicationinsights-agent.jar" + }, + { + name = "APPLICATIONINSIGHTS_INSTRUMENTATION_LOGGING_LEVEL" + value = "OFF" + }, + { + name = "MS_PARTY_REGISTRY_PROXY_LOG_LEVEL" + value = "DEBUG" + }, + { + name = "MOCK_OPEN_DATA_ENABLED" + value = "false" + }, + { + name = "MOCK_OPEN_DATA_URL" + value = "https://selcdcheckoutsa.z6.web.core.windows.net/resources" + }, + { + name = "MOCK_OPEN_DATA_INSTITUTION_ENDPOINT" + value = "/institutions-open-data-mock.csv" + }, + { + name = "MOCK_OPEN_DATA_CATEGORY_ENDPOINT" + value = "/categories-open-data-mock.csv" + }, + { + name = "MOCK_OPEN_DATA_AOO_ENDPOINT" + value = "/aoo-open-data-mock.csv" + }, + { + name = "MOCK_OPEN_DATA_UO_ENDPOINT" + value = "/uo-open-data-mock.csv" + }, + { + name = "INFO_CAMERE_URL" + value = "https://icapiscl.infocamere.it" + }, + { + name = "INFO_CAMERE_INSTITUTIONS_BY_LEGAL_ENDPOINT" + value = "/ic/ce/wspa/wspa/rest/listaLegaleRappresentante/{taxId}" + }, + { + name = "INFO_CAMERE_AUTHENTICATION_ENDPOINT" + value = "/ic/ce/wspa/wspa/rest/authentication" + }, + { + name = "ANAC_FTP_IP" + value = "93.43.119.85" + }, + { + name = "ANAC_FTP_USER" + value = "PagoPA_user" + }, + { + name = "ANAC_FTP_DIRECTORY" + value = "/mnt/RegistroGestoriPiattaforme/Collaudo/" + } +] + +secrets_names = { + "BLOB_STORAGE_CONN_STRING" = "web-storage-connection-string" + "NATIONAL_REGISTRY_API_KEY" = "national-registry-api-key" + "APPLICATIONINSIGHTS_CONNECTION_STRING" = "appinsights-connection-string" +} + diff --git a/infra/container_apps/env/prod-pnpg/backend.ini b/infra/container_apps/env/prod-pnpg/backend.ini new file mode 100644 index 00000000..0343b4a0 --- /dev/null +++ b/infra/container_apps/env/prod-pnpg/backend.ini @@ -0,0 +1 @@ +subscription=PROD-SelfCare \ No newline at end of file diff --git a/infra/container_apps/env/prod-pnpg/backend.tfvars b/infra/container_apps/env/prod-pnpg/backend.tfvars new file mode 100644 index 00000000..3ea9fdf1 --- /dev/null +++ b/infra/container_apps/env/prod-pnpg/backend.tfvars @@ -0,0 +1,4 @@ +resource_group_name = "terraform-state-rg" +storage_account_name = "tfappprodselfcare" +container_name = "terraform-state" +key = "selfcare-pnpg-party-registry-proxy.container_app.tfstate" \ No newline at end of file diff --git a/infra/container_apps/env/prod-pnpg/terraform.tfvars b/infra/container_apps/env/prod-pnpg/terraform.tfvars new file mode 100644 index 00000000..72ed589f --- /dev/null +++ b/infra/container_apps/env/prod-pnpg/terraform.tfvars @@ -0,0 +1,92 @@ +is_pnpg = true +env_short = "p" + +tags = { + CreatedBy = "Terraform" + Environment = "Prod" + Owner = "SelfCare" + Source = "https://github.com/pagopa/selfcare-ms-party-registry-proxy" + CostCenter = "TS310 - PAGAMENTI & SERVIZI" +} + +container_app = { + min_replicas = 1 + max_replicas = 5 + scale_rules = [ + { + custom = { + metadata = { + "desiredReplicas" = "3" + "start" = "0 8 * * MON-FRI" + "end" = "0 19 * * MON-FRI" + "timezone" = "Europe/Rome" + } + type = "cron" + } + name = "cron-scale-rule" + } + ] + cpu = 1.25 + memory = "2.5Gi" +} + +app_settings = [ + { + name = "JAVA_TOOL_OPTIONS" + value = "-javaagent:applicationinsights-agent.jar" + }, + { + name = "APPLICATIONINSIGHTS_INSTRUMENTATION_LOGGING_LEVEL" + value = "OFF" + }, + { + name = "MS_PARTY_REGISTRY_PROXY_LOG_LEVEL" + value = "DEBUG" + }, + { + name = "MOCK_OPEN_DATA_ENABLED" + value = "false" + }, + { + name = "MOCK_OPEN_DATA_URL" + value = "https://selcpweupnpgcheckoutsa.z6.web.core.windows.net/resources" + }, + { + name = "MOCK_OPEN_DATA_INSTITUTION_ENDPOINT" + value = "/institutions-open-data-mock.csv" + }, + { + name = "MOCK_OPEN_DATA_CATEGORY_ENDPOINT" + value = "/categories-open-data-mock.csv" + }, + { + name = "MOCK_OPEN_DATA_AOO_ENDPOINT" + value = "/aoo-open-data-mock.csv" + }, + { + name = "MOCK_OPEN_DATA_UO_ENDPOINT" + value = "/uo-open-data-mock.csv" + }, + { + name = "INFO_CAMERE_URL" + value = "https://icapiscl.infocamere.it" + }, + { + name = "INFO_CAMERE_INSTITUTIONS_BY_LEGAL_ENDPOINT" + value = "/ic/ce/wspa/wspa/rest/listaLegaleRappresentante/{taxId}" + }, + { + name = "INFO_CAMERE_AUTHENTICATION_ENDPOINT" + value = "/ic/ce/wspa/wspa/rest/authentication" + }, + { + name = "NATIONAL_REGISTRIES_URL" + value = "https://api-selcpg.notifichedigitali.it/national-registries-private" + } +] + +secrets_names = { + "BLOB_STORAGE_CONN_STRING" = "web-storage-connection-string" + "NATIONAL_REGISTRY_API_KEY" = "national-registry-api-key" + "APPLICATIONINSIGHTS_CONNECTION_STRING" = "appinsights-connection-string" +} \ No newline at end of file diff --git a/infra/container_apps/env/prod/backend.ini b/infra/container_apps/env/prod/backend.ini new file mode 100644 index 00000000..0343b4a0 --- /dev/null +++ b/infra/container_apps/env/prod/backend.ini @@ -0,0 +1 @@ +subscription=PROD-SelfCare \ No newline at end of file diff --git a/infra/container_apps/env/prod/backend.tfvars b/infra/container_apps/env/prod/backend.tfvars new file mode 100644 index 00000000..c370c4ea --- /dev/null +++ b/infra/container_apps/env/prod/backend.tfvars @@ -0,0 +1,4 @@ +resource_group_name = "terraform-state-rg" +storage_account_name = "tfappprodselfcare" +container_name = "terraform-state" +key = "selfcare-party-registry-proxy.container_app.tfstate" \ No newline at end of file diff --git a/infra/container_apps/env/prod/terraform.tfvars b/infra/container_apps/env/prod/terraform.tfvars new file mode 100644 index 00000000..36163644 --- /dev/null +++ b/infra/container_apps/env/prod/terraform.tfvars @@ -0,0 +1,87 @@ +env_short = "p" + +tags = { + CreatedBy = "Terraform" + Environment = "Prod" + Owner = "SelfCare" + Source = "https://github.com/pagopa/selfcare-ms-party-registry-proxy" + CostCenter = "TS310 - PAGAMENTI & SERVIZI" +} + +container_app = { + min_replicas = 1 + max_replicas = 5 + scale_rules = [ + { + custom = { + metadata = { + "desiredReplicas" = "3" + "start" = "0 8 * * MON-FRI" + "end" = "0 19 * * MON-FRI" + "timezone" = "Europe/Rome" + } + type = "cron" + } + name = "cron-scale-rule" + } + ] + cpu = 1.25 + memory = "2.5Gi" +} + +app_settings = [ + { + name = "JAVA_TOOL_OPTIONS" + value = "-javaagent:applicationinsights-agent.jar" + }, + { + name = "APPLICATIONINSIGHTS_INSTRUMENTATION_LOGGING_LEVEL" + value = "OFF" + }, + { + name = "MS_PARTY_REGISTRY_PROXY_LOG_LEVEL" + value = "DEBUG" + }, + { + name = "MOCK_OPEN_DATA_ENABLED" + value = "false" + }, + { + name = "MOCK_OPEN_DATA_URL" + value = "https://selcdcheckoutsa.z6.web.core.windows.net/resources" + }, + { + name = "MOCK_OPEN_DATA_INSTITUTION_ENDPOINT" + value = "/institutions-open-data-mock.csv" + }, + { + name = "MOCK_OPEN_DATA_CATEGORY_ENDPOINT" + value = "/categories-open-data-mock.csv" + }, + { + name = "MOCK_OPEN_DATA_AOO_ENDPOINT" + value = "/aoo-open-data-mock.csv" + }, + { + name = "MOCK_OPEN_DATA_UO_ENDPOINT" + value = "/uo-open-data-mock.csv" + }, + { + name = "ANAC_FTP_IP" + value = "93.43.119.85" + }, + { + name = "ANAC_FTP_USER" + value = "PagoPA_user" + }, + { + name = "ANAC_FTP_DIRECTORY" + value = "/mnt/RegistroGestoriPiattaforme/Collaudo/" + } +] + +secrets_names = { + "BLOB_STORAGE_CONN_STRING" = "web-storage-connection-string" + "NATIONAL_REGISTRY_API_KEY" = "national-registry-api-key" + "APPLICATIONINSIGHTS_CONNECTION_STRING" = "appinsights-connection-string" +} \ No newline at end of file diff --git a/infra/container_apps/env/uat-pnpg/backend.ini b/infra/container_apps/env/uat-pnpg/backend.ini new file mode 100644 index 00000000..8cadfd65 --- /dev/null +++ b/infra/container_apps/env/uat-pnpg/backend.ini @@ -0,0 +1 @@ +subscription=UAT-SelfCare \ No newline at end of file diff --git a/infra/container_apps/env/uat-pnpg/backend.tfvars b/infra/container_apps/env/uat-pnpg/backend.tfvars new file mode 100644 index 00000000..bfcfb4bd --- /dev/null +++ b/infra/container_apps/env/uat-pnpg/backend.tfvars @@ -0,0 +1,4 @@ +resource_group_name = "terraform-state-rg" +storage_account_name = "tfappuatselfcare" +container_name = "terraform-state" +key = "selfcare-pnpg-party-registry-proxy.container_app.tfstate" \ No newline at end of file diff --git a/infra/container_apps/env/uat-pnpg/terraform.tfvars b/infra/container_apps/env/uat-pnpg/terraform.tfvars new file mode 100644 index 00000000..1dcadc94 --- /dev/null +++ b/infra/container_apps/env/uat-pnpg/terraform.tfvars @@ -0,0 +1,79 @@ +is_pnpg = true +env_short = "u" + +tags = { + CreatedBy = "Terraform" + Environment = "Uat" + Owner = "SelfCare" + Source = "https://github.com/pagopa/selfcare-ms-party-registry-proxy" + CostCenter = "TS310 - PAGAMENTI & SERVIZI" +} + +container_app = { + min_replicas = 1 + max_replicas = 2 + scale_rules = [] + cpu = 1 + memory = "2Gi" +} + +app_settings = [ + { + name = "JAVA_TOOL_OPTIONS" + value = "-javaagent:applicationinsights-agent.jar" + }, + { + name = "APPLICATIONINSIGHTS_INSTRUMENTATION_LOGGING_LEVEL" + value = "OFF" + }, + { + name = "MS_PARTY_REGISTRY_PROXY_LOG_LEVEL" + value = "DEBUG" + }, + { + name = "MOCK_OPEN_DATA_ENABLED" + value = "false" + }, + { + name = "MOCK_OPEN_DATA_URL" + value = "https://selcuweupnpgcheckoutsa.z6.web.core.windows.net/resources" + }, + { + name = "MOCK_OPEN_DATA_INSTITUTION_ENDPOINT" + value = "/institutions-open-data-mock.csv" + }, + { + name = "MOCK_OPEN_DATA_CATEGORY_ENDPOINT" + value = "/categories-open-data-mock.csv" + }, + { + name = "MOCK_OPEN_DATA_AOO_ENDPOINT" + value = "/aoo-open-data-mock.csv" + }, + { + name = "MOCK_OPEN_DATA_UO_ENDPOINT" + value = "/uo-open-data-mock.csv" + }, + { + name = "INFO_CAMERE_URL" + value = "https://icapiscl.infocamere.it" + }, + { + name = "INFO_CAMERE_INSTITUTIONS_BY_LEGAL_ENDPOINT" + value = "/ic/ce/wspa/wspa/rest/listaLegaleRappresentante/{taxId}" + }, + { + name = "INFO_CAMERE_AUTHENTICATION_ENDPOINT" + value = "/ic/ce/wspa/wspa/rest/authentication" + }, + { + name = "NATIONAL_REGISTRIES_URL" + value = "https://api-selcpg.uat.notifichedigitali.it/national-registries-private" + } +] + +secrets_names = { + "BLOB_STORAGE_CONN_STRING" = "web-storage-connection-string" + "NATIONAL_REGISTRY_API_KEY" = "national-registry-api-key" + "APPLICATIONINSIGHTS_CONNECTION_STRING" = "appinsights-connection-string" +} diff --git a/infra/container_apps/env/uat/backend.ini b/infra/container_apps/env/uat/backend.ini new file mode 100644 index 00000000..8cadfd65 --- /dev/null +++ b/infra/container_apps/env/uat/backend.ini @@ -0,0 +1 @@ +subscription=UAT-SelfCare \ No newline at end of file diff --git a/infra/container_apps/env/uat/backend.tfvars b/infra/container_apps/env/uat/backend.tfvars new file mode 100644 index 00000000..49548af2 --- /dev/null +++ b/infra/container_apps/env/uat/backend.tfvars @@ -0,0 +1,4 @@ +resource_group_name = "terraform-state-rg" +storage_account_name = "tfappuatselfcare" +container_name = "terraform-state" +key = "selfcare-party-registry-proxy.container_app.tfstate" \ No newline at end of file diff --git a/infra/container_apps/env/uat/terraform.tfvars b/infra/container_apps/env/uat/terraform.tfvars new file mode 100644 index 00000000..ed0d3b48 --- /dev/null +++ b/infra/container_apps/env/uat/terraform.tfvars @@ -0,0 +1,74 @@ +env_short = "u" + +tags = { + CreatedBy = "Terraform" + Environment = "Uat" + Owner = "SelfCare" + Source = "https://github.com/pagopa/selfcare-ms-party-registry-proxy" + CostCenter = "TS310 - PAGAMENTI & SERVIZI" +} + +container_app = { + min_replicas = 1 + max_replicas = 2 + scale_rules = [] + cpu = 1 + memory = "2Gi" +} + +app_settings = [ + { + name = "JAVA_TOOL_OPTIONS" + value = "-javaagent:applicationinsights-agent.jar" + }, + { + name = "APPLICATIONINSIGHTS_INSTRUMENTATION_LOGGING_LEVEL" + value = "OFF" + }, + { + name = "MS_PARTY_REGISTRY_PROXY_LOG_LEVEL" + value = "DEBUG" + }, + { + name = "MOCK_OPEN_DATA_ENABLED" + value = "false" + }, + { + name = "MOCK_OPEN_DATA_URL" + value = "https://selcucheckoutsa.z6.web.core.windows.net/resources" + }, + { + name = "MOCK_OPEN_DATA_INSTITUTION_ENDPOINT" + value = "/institutions-open-data-mock.csv" + }, + { + name = "MOCK_OPEN_DATA_CATEGORY_ENDPOINT" + value = "/categories-open-data-mock.csv" + }, + { + name = "MOCK_OPEN_DATA_AOO_ENDPOINT" + value = "/aoo-open-data-mock.csv" + }, + { + name = "MOCK_OPEN_DATA_UO_ENDPOINT" + value = "/uo-open-data-mock.csv" + }, + { + name = "ANAC_FTP_IP" + value = "93.43.119.85" + }, + { + name = "ANAC_FTP_USER" + value = "PagoPA_user" + }, + { + name = "ANAC_FTP_DIRECTORY" + value = "/mnt/RegistroGestoriPiattaforme/Collaudo/" + } +] + +secrets_names = { + "BLOB_STORAGE_CONN_STRING" = "web-storage-connection-string" + "NATIONAL_REGISTRY_API_KEY" = "national-registry-api-key" + "APPLICATIONINSIGHTS_CONNECTION_STRING" = "appinsights-connection-string" +} diff --git a/infra/container_apps/main.tf b/infra/container_apps/main.tf new file mode 100644 index 00000000..ba34c19c --- /dev/null +++ b/infra/container_apps/main.tf @@ -0,0 +1,25 @@ +terraform { + required_version = ">= 1.6.0" + + backend "azurerm" {} +} + +provider "azurerm" { + features {} +} + +module "container_app_dashboard_backend" { + source = "github.com/pagopa/selfcare-commons//infra/terraform-modules/container_app_microservice?ref=main" + + is_pnpg = var.is_pnpg + + env_short = var.env_short + container_app = var.container_app + container_app_name = "party-reg-proxy" + image_name = "selfcare-ms-party-registry-proxy" + image_tag = var.image_tag + app_settings = var.app_settings + secrets_names = var.secrets_names + + tags = var.tags +} diff --git a/infra/container_apps/terraform.sh b/infra/container_apps/terraform.sh new file mode 100644 index 00000000..e8fe0425 --- /dev/null +++ b/infra/container_apps/terraform.sh @@ -0,0 +1,69 @@ +#!/bin/bash + +set -e + +action=$1 +env=$2 +shift 2 +other=$@ +# must be subscription in lower case +subscription="" +BACKEND_CONFIG_PATH="./env/${ENV}/backend.tfvars" + +if [ -z "$action" ]; then + echo "Missed action: init, apply, plan" + exit 0 +fi + +if [ -z "$env" ]; then + echo "env should be: dev, uat or prod." + exit 0 +fi + +source "./env/$env/backend.ini" + +az account set -s "${subscription}" + +# if using cygwin, we have to transcode the WORKDIR +if [[ $WORKDIR == /cygdrive/* ]]; then + WORKDIR=$(cygpath -w $WORKDIR) +fi + +if [ "$action" = "force-unlock" ]; then + echo "🧭 terraform INIT in env: ${env}" + terraform init -reconfigure -backend-config="./env/$env/backend.tfvars" $other + warn_message="You are about to unlock Terraform's remote state. + This is a dangerous task you want to be aware of before going on. + This operation won't affect your infrastructure directly. + However, please note that you may lose pieces of information about partially-applied configurations. + + Please refer to the official Terraform documentation about the command: + https://developer.hashicorp.com/terraform/cli/commands/force-unlock" + printf "\n\e[33m%s\e[0m\n\n" "$warn_message" + + read -r -p "Please enter the LOCK ID: " lock_id + terraform force-unlock "$lock_id" + + exit 0 # this line prevents the script to go on +fi + +if echo "init plan apply refresh import output state taint destroy" | grep -w "$action" > /dev/null; then + if [ "$action" = "init" ]; then + echo "🧭 terraform INIT in env: ${env}" + terraform "$action" -reconfigure -backend-config="./env/$env/backend.tfvars" $other + elif [ "$action" = "output" ] || [ "$action" = "state" ] || [ "$action" = "taint" ]; then + # init terraform backend + echo "🧭 terraform (output|state|taint) launched with action: ${action} in env: ${env}" + terraform init -reconfigure -backend-config="./env/$env/backend.tfvars" + terraform "$action" $other + else + # init terraform backend + echo "🧭 terraform launched with action: ${action} in env: ${env}" + + terraform init -reconfigure -backend-config="./env/$env/backend.tfvars" + terraform "$action" -var-file="./env/$env/terraform.tfvars" $other + fi +else + echo "Action not allowed." + exit 1 +fi \ No newline at end of file diff --git a/infra/container_apps/variables.tf b/infra/container_apps/variables.tf new file mode 100644 index 00000000..b9baf169 --- /dev/null +++ b/infra/container_apps/variables.tf @@ -0,0 +1,57 @@ +variable "is_pnpg" { + type = bool + default = false + description = "(Optional) True if you want to apply changes to PNPG environment" +} + +variable "env_short" { + description = "Environment short name" + type = string + validation { + condition = ( + length(var.env_short) <= 1 + ) + error_message = "Max length is 1 chars." + } +} + +variable "tags" { + type = map(any) +} + +variable "container_app" { + description = "Container App configuration" + type = object({ + min_replicas = number + max_replicas = number + + scale_rules = list(object({ + name = string + custom = object({ + metadata = map(string) + type = string + }) + })) + + cpu = number + memory = string + }) +} + +variable "image_tag" { + type = string + default = "latest" + description = "Image tag to use for the container" +} + +variable "app_settings" { + type = list(object({ + name = string + value = string + })) +} + +variable "secrets_names" { + type = map(string) + description = "KeyVault secrets to get values from" +}