From 662e4700f1e1f29849bf39420e688e2266c658f3 Mon Sep 17 00:00:00 2001 From: Andrea Grillo Date: Wed, 3 Jan 2024 12:35:14 +0100 Subject: [PATCH 01/20] [SELC-3492] Set resource request and limits - PROD (#168) --- helm/values-prod.yaml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/helm/values-prod.yaml b/helm/values-prod.yaml index 75a2dd89..d5f3ac47 100644 --- a/helm/values-prod.yaml +++ b/helm/values-prod.yaml @@ -18,6 +18,14 @@ ingress: - path: /party-registry-proxy/v1/(.*) pathType: ImplementationSpecific +resources: + requests: + cpu: 500m + memory: 1Gi + limits: + cpu: 1500m + memory: 3Gi + autoscaling: enabled: false minReplicas: 1 From 83924e96cbfb7b8605ef0d152001e76202f088d0 Mon Sep 17 00:00:00 2001 From: Andrea Grillo Date: Fri, 9 Feb 2024 17:42:21 +0100 Subject: [PATCH 02/20] [EC-135] Add Terraform configuration to manage repository settings (#172) --- .dockerignore | 12 +++ .github/workflows/pr_ms.yml | 37 +++++++++ .github/workflows/release_ms.yml | 46 +++++++++++ .gitignore | 9 +++ .pre-commit-config.yaml | 10 +++ .terraform-version | 1 + Dockerfile.new | 20 +++++ Dockerfile.new.dockerignore | 117 +++++++++++++++++++++++++++ infra/repository/.terraform.lock.hcl | 50 ++++++++++++ infra/repository/README.md | 43 ++++++++++ infra/repository/backend.tfvars | 4 + infra/repository/main.tf | 17 ++++ 12 files changed, 366 insertions(+) create mode 100644 .dockerignore create mode 100644 .github/workflows/pr_ms.yml create mode 100644 .github/workflows/release_ms.yml create mode 100644 .pre-commit-config.yaml create mode 100644 .terraform-version create mode 100644 Dockerfile.new create mode 100644 Dockerfile.new.dockerignore create mode 100644 infra/repository/.terraform.lock.hcl create mode 100644 infra/repository/README.md create mode 100644 infra/repository/backend.tfvars create mode 100644 infra/repository/main.tf diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 00000000..68df2c5d --- /dev/null +++ b/.dockerignore @@ -0,0 +1,12 @@ +**/.dockerignore +**/.git +**/bin +**/docker-compose* +**/Dockerfile* +**/node_modules +**/npm-debug.log +**/obj +**/secrets.dev.yaml +**/values.dev.yaml +LICENSE +README.md \ No newline at end of file diff --git a/.github/workflows/pr_ms.yml b/.github/workflows/pr_ms.yml new file mode 100644 index 00000000..812c06e0 --- /dev/null +++ b/.github/workflows/pr_ms.yml @@ -0,0 +1,37 @@ +name: Code Review ms-party-registry-proxy +on: + workflow_dispatch: + + pull_request: + types: + - synchronize + - reopened + - ready_for_review + paths: + - '.github/workflows/pr_ms.yml' + - '.github/workflows/release_ms.yml' + - '.github/workflows/release_ms_pnpg.yml' + - '!.devops/**' + - '!helm/**' + - '!**.md' + - '!**ignore' + - '!infra/**' + - '!.terraform-version' + - '!CODEOWNERS' + +jobs: + + code_review: + uses: pagopa/selfcare-commons/.github/workflows/call_code_review_spring.yml@EC-149-template-git-hub-workflows + name: 'Code Review' + secrets: inherit + if: github.base_ref == 'main' && github.event_name == 'pull_request' + with: + pr_number: ${{ github.event.pull_request.number }} + source_branch: ${{ github.head_ref }} + target_branch: ${{ github.base_ref }} + sonar_key: 'pagopa_selfcare-ms-party-registry-proxy' + + docker_build: + uses: pagopa/selfcare-commons/.github/workflows/call_code_review_docker.yml@EC-149-template-git-hub-workflows + name: 'Docker' \ No newline at end of file diff --git a/.github/workflows/release_ms.yml b/.github/workflows/release_ms.yml new file mode 100644 index 00000000..874cbd9f --- /dev/null +++ b/.github/workflows/release_ms.yml @@ -0,0 +1,46 @@ +name: Release ms-party-registry-proxy + +on: + workflow_dispatch: + + push: + branches: + - main + - releases/* + paths: + - '!.devops/**' + - '!helm/**' + - '!**.md' + - '!**ignore' + - '!infra/**' + - '!.terraform-version' + - '!CODEOWNERS' + +jobs: + + release_dev: + uses: pagopa/selfcare-commons/.github/workflows/call_release_docker.yml@EC-149-template-git-hub-workflows + name: '[Dev] PartyRegistryProxy ms Release' + if: startsWith(github.ref_name, 'releases/') != true + secrets: inherit + with: + environment: dev + dir: 'infra' + + release_uat: + uses: pagopa/selfcare-commons/.github/workflows/call_release_docker.yml@EC-149-template-git-hub-workflows + name: '[UAT] PartyRegistryProxy ms Release' + if: startsWith(github.ref_name, 'releases/') + secrets: inherit + with: + environment: uat + dir: 'infra' + + release_prod: + uses: pagopa/selfcare-commons/.github/workflows/call_release_docker.yml@EC-149-template-git-hub-workflows + name: '[Prod] PartyRegistryProxy ms Release' + if: startsWith(github.ref_name, 'releases/') + secrets: inherit + with: + environment: prod + dir: 'infra' \ No newline at end of file diff --git a/.gitignore b/.gitignore index 038d65a9..9ee9b29e 100644 --- a/.gitignore +++ b/.gitignore @@ -32,3 +32,12 @@ build/ ### VS Code ### .vscode/ .DS_Store + +**/.terraform/* +*.tfstate +*.tfstate.* +**/.tfsec/* +override.tf +override.tf.json +*_override.tf +*_override.tf.json diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml new file mode 100644 index 00000000..e991df9b --- /dev/null +++ b/.pre-commit-config.yaml @@ -0,0 +1,10 @@ +repos: + - repo: https://github.com/antonbabenko/pre-commit-terraform + rev: v1.86.0 + hooks: + - id: terraform_fmt + - id: terraform_docs + - id: terraform_validate + args: + - --args=-json + - --args=-no-color \ No newline at end of file diff --git a/.terraform-version b/.terraform-version new file mode 100644 index 00000000..83d1a5eb --- /dev/null +++ b/.terraform-version @@ -0,0 +1 @@ +1.6.6 \ No newline at end of file diff --git a/Dockerfile.new b/Dockerfile.new new file mode 100644 index 00000000..13dc1062 --- /dev/null +++ b/Dockerfile.new @@ -0,0 +1,20 @@ +FROM maven:3-eclipse-temurin-17 AS builder + +COPY . . + +RUN mvn clean package -DskipTests=true + +FROM openjdk:17-jdk AS runtime + +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' + +WORKDIR /app + +COPY --from=builder ./target/*.jar ./app.jar + +ADD https://github.com/microsoft/ApplicationInsights-Java/releases/download/3.1.1/applicationinsights-agent-3.1.1.jar /applicationinsights-agent.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT ["java", "-jar", "app.jar"] \ No newline at end of file diff --git a/Dockerfile.new.dockerignore b/Dockerfile.new.dockerignore new file mode 100644 index 00000000..427b8ce4 --- /dev/null +++ b/Dockerfile.new.dockerignore @@ -0,0 +1,117 @@ +**/.dockerignore +**/.git +**/bin +**/docker-compose* +**/Dockerfile* +**/node_modules +**/npm-debug.log +**/obj +**/secrets.dev.yaml +**/values.dev.yaml +LICENSE +README.md + +**/.idea +.idea +**/.mvn +.mvn + +**/target + +# Created by .ignore support plugin (hsz.mobi) +### Maven template +target/ +pom.xml.tag +pom.xml.releaseBackup +pom.xml.versionsBackup +pom.xml.next +release.properties +dependency-reduced-pom.xml +buildNumber.properties +.mvn/timing.properties +.mvn/wrapper/maven-wrapper.jar +### Java template +# Compiled class file +*.class + +# Log file +*.log + +# BlueJ files +*.ctxt + +# Mobile Tools for Java (J2ME) +.mtj.tmp/ + +# Package Files # +*.jar +*.war +*.nar +*.ear +*.zip +*.tar.gz +*.rar + +# virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml +hs_err_pid* +### JetBrains template +# Covers JetBrains IDEs: IntelliJ, RubyMine, PhpStorm, AppCode, PyCharm, CLion, Android Studio and WebStorm +# Reference: https://intellij-support.jetbrains.com/hc/en-us/articles/206544839 + +# User-specific stuff +.idea/**/workspace.xml +.idea/**/tasks.xml +.idea/**/usage.statistics.xml +.idea/**/dictionaries +.idea/**/shelf + +# Sensitive or high-churn files +.idea/**/dataSources/ +.idea/**/dataSources.ids +.idea/**/dataSources.local.xml +.idea/**/sqlDataSources.xml +.idea/**/dynamic.xml +.idea/**/uiDesigner.xml +.idea/**/dbnavigator.xml + +# Gradle +.idea/**/gradle.xml +.idea/**/libraries + +# Gradle and Maven with auto-import +# When using Gradle or Maven with auto-import, you should exclude module files, +# since they will be recreated, and may cause churn. Uncomment if using +# auto-import. +# .idea/modules.xml +# .idea/*.iml +# .idea/modules + +# CMake +cmake-build-*/ + +# Mongo Explorer plugin +.idea/**/mongoSettings.xml + +# File-based project format +*.iws + +# IntelliJ +out/ + +# mpeltonen/sbt-idea plugin +.idea_modules/ + +# JIRA plugin +atlassian-ide-plugin.xml + +# Cursive Clojure plugin +.idea/replstate.xml + +# Crashlytics plugin (for Android Studio and IntelliJ) +com_crashlytics_export_strings.xml +crashlytics.properties +crashlytics-build.properties +fabric.properties + +# Editor-based Rest Client +.idea/httpRequests \ No newline at end of file diff --git a/infra/repository/.terraform.lock.hcl b/infra/repository/.terraform.lock.hcl new file mode 100644 index 00000000..30e3c99f --- /dev/null +++ b/infra/repository/.terraform.lock.hcl @@ -0,0 +1,50 @@ +# This file is maintained automatically by "terraform init". +# Manual edits may be lost in future updates. + +provider "registry.terraform.io/hashicorp/azurerm" { + version = "3.91.0" + constraints = ">= 3.90.0" + hashes = [ + "h1:8hMFuaTQsZIV69D0J/W+6hSlhRRDzYSpC0Eg9yWYF0o=", + "h1:FEDNnFv/uKI2+FQ+nDoyswEI3trJ3d7Fx2Cy7Ff4Rq8=", + "h1:Iv9CR+7491iozaK2AkCSAK2u4a2rPyJDQpyHijClj6Y=", + "h1:t0I5G4canK6UdlgHGfMV4rUNBPGdrMiIB01VGizlXB8=", + "zh:13928b71b1235783f3f877a799e28fb91e50512b051eb8ccb370500fc140cf3f", + "zh:3264341657e9ff3963d69b0fa088f64665349e2a29b2f3aeb4deee6d9d7584b7", + "zh:467a2ddd2eee26353db65e949bfbe533481ca0fb53c152724380b63a308f11b9", + "zh:6133e57087167b163180df3a77fab0c63b3e11609d139d39db8d3be3d6ec7ccd", + "zh:6df24730bc9247647ffb44832c3c64e45ab731dd83a3592d33d28235a453235a", + "zh:775aae148223a4a86e2dd25533a95a5fea4817085b6c5e643a7192453270cd68", + "zh:89d51148c7c123685d3e2f7e291888a3af009656e5c0ad66235a7c686ecb19d2", + "zh:9c89552051226eeb7c0fc66ad5aa57d1d0f5acc1d56afad06b6596707ae6c85e", + "zh:c4f3bc269837fa3b6ad803de2c7d1125dd791d78a521dcad2e7a63b905a13a53", + "zh:e48f05de1ffdcc998c5ff915570fb0557c7ac1d3af971dd76aff82e66d45bf06", + "zh:f1945716c7b9c23c25ca9fb4a68f27b6cfa25f5d235112c31f9412eba47f93c6", + "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c", + ] +} + +provider "registry.terraform.io/integrations/github" { + version = "5.45.0" + constraints = "5.45.0" + hashes = [ + "h1:6nxolUZ963kZ3squxzUbO1F+WPXKUxtpuiVsVtbaY7U=", + "h1:cP5uEN9jpePr+/Kc7OyAZMhysbDhQoLGpLqgQpLFewg=", + "h1:mX5tPDK7RNmtEjSoaI47oimBJBnujcAI7REnhpGqZhg=", + "h1:sP/Er9osOsz4vhKZAul+GeV0c5XdvMblJBMiP+T5tWc=", + "zh:2afb8ee5b847071e51d5a39bcad5cf466c4d22452450d37c44a5f9d2eb9879e5", + "zh:38d087b88c86ddd63b60d14d613f86a5885d154048098c0484266a9a69018b16", + "zh:3e6a787e3e40f1535d85f8dc5f2e8c90242ab8237feebd027f696fa154261394", + "zh:55dac5a813b3774b48ca45b8a797c32e6d787d4f282b43b622155cad3daac46a", + "zh:563f2782f3c4c584b249c5fa0628951a57b4593f3c5805a4efb6d494f8686716", + "zh:677180ec9376d5f926286592998e2864c85f06d6b416c1d89031d817a285c72e", + "zh:80eec141fa47131e8f60a6478e51b3a5920efe803444e684f9605fca09a24e34", + "zh:8b9f1e1f4b42b51e53767f4f927eabdcefe55fb0369e996ac2a0063148b5e48d", + "zh:95627f75848561830f8c20949f024f902a2100a022c68aa8d84320f43e75cc46", + "zh:95ac41b99dfca3ce556092e036bb04dc03367d0779071112e59d4bf11259a89d", + "zh:9e966482729ba8214b480bdd786aff9a15234e9c093c5406b56ce89ccb07dcab", + "zh:b7a9d563613f1b9a233f8f285848cc9d8c08c556aad7ea57cd63e0abb19b10cf", + "zh:ce56bb7ca876f47f5beee01de3ab84d27964b972c9adceb8e2f7824891e05c27", + "zh:f73e063ad5b84f1943eafb8a52a26dd805d06ac11d6c951175ac76c07187f553", + ] +} diff --git a/infra/repository/README.md b/infra/repository/README.md new file mode 100644 index 00000000..b9c2ba0d --- /dev/null +++ b/infra/repository/README.md @@ -0,0 +1,43 @@ +# Repository Settings + +Define settings of this GitHub repository. + +## How to use + +Make sure your PAT has access to this repository. Then, follow these steps: + +- set the subscription: `az account set --subscription "PROD-SelfCare"` +- run `terraform init -backend-config="backend.tfvars"` +- run `terraform plan` +- run `terraform apply` + + + +## Requirements + +| Name | Version | +|------|---------| +| [terraform](#requirement\_terraform) | >= 1.6.0 | + +## Providers + +No providers. + +## Modules + +| Name | Source | Version | +|------|--------|---------| +| [repository](#module\_repository) | github.com/pagopa/selfcare-commons//infra/terraform-modules/github_repository_settings | main | + +## Resources + +No resources. + +## Inputs + +No inputs. + +## Outputs + +No outputs. + \ No newline at end of file diff --git a/infra/repository/backend.tfvars b/infra/repository/backend.tfvars new file mode 100644 index 00000000..16d42c8c --- /dev/null +++ b/infra/repository/backend.tfvars @@ -0,0 +1,4 @@ +resource_group_name = "terraform-state-rg" +storage_account_name = "tfinfprodselfcare" +container_name = "terraform-state" +key = "selfcare-party-registry-proxy.repository.tfstate" \ No newline at end of file diff --git a/infra/repository/main.tf b/infra/repository/main.tf new file mode 100644 index 00000000..29aee2fe --- /dev/null +++ b/infra/repository/main.tf @@ -0,0 +1,17 @@ +terraform { + required_version = ">= 1.6.0" + + backend "azurerm" {} +} + +provider "azurerm" { + features {} +} + +module "repository" { + source = "github.com/pagopa/selfcare-commons//infra/terraform-modules/github_repository_settings?ref=main" + + github = { + repository = "selfcare-ms-party-registry-proxy" + } +} \ No newline at end of file From fe7d532fd1c88eeb2ae8f54003c5ac7a7e70fde7 Mon Sep 17 00:00:00 2001 From: Andrea Grillo Date: Mon, 12 Feb 2024 15:38:09 +0100 Subject: [PATCH 03/20] [EC-156] Add pnpg release workflow (#173) --- .github/workflows/pr_release_ms_pnpg.yml | 49 ++++++++++++++++++++++++ pom.xml | 1 + 2 files changed, 50 insertions(+) create mode 100644 .github/workflows/pr_release_ms_pnpg.yml diff --git a/.github/workflows/pr_release_ms_pnpg.yml b/.github/workflows/pr_release_ms_pnpg.yml new file mode 100644 index 00000000..3e23d540 --- /dev/null +++ b/.github/workflows/pr_release_ms_pnpg.yml @@ -0,0 +1,49 @@ +name: Release PNPG ms-party-registry-proxy + +on: + workflow_dispatch: + + push: + branches: + - main + - releases/* + paths: + - '!.devops/**' + - '!helm/**' + - '!**.md' + - '!**ignore' + - '!infra/**' + - '!.terraform-version' + - '!CODEOWNERS' + +jobs: + + release_dev: + uses: pagopa/selfcare-commons/.github/workflows/call_release_docker.yml@EC-149-template-git-hub-workflows + name: '[Dev] PartyRegistryProxy ms Release' + if: startsWith(github.ref_name, 'releases/') != true + secrets: inherit + with: + environment: dev + tf_environment: dev-pnpg + dir: 'infra' + + release_uat: + uses: pagopa/selfcare-commons/.github/workflows/call_release_docker.yml@EC-149-template-git-hub-workflows + name: '[UAT] PartyRegistryProxy ms Release' + if: startsWith(github.ref_name, 'releases/') + secrets: inherit + with: + environment: uat + tf_environment: uat-pnpg + dir: 'infra' + + release_prod: + uses: pagopa/selfcare-commons/.github/workflows/call_release_docker.yml@EC-149-template-git-hub-workflows + name: '[Prod] PartyRegistryProxy ms Release' + if: startsWith(github.ref_name, 'releases/') + secrets: inherit + with: + environment: prod + tf_environment: prod-pnpg + dir: 'infra' \ No newline at end of file diff --git a/pom.xml b/pom.xml index 597610c3..fb39bbdf 100644 --- a/pom.xml +++ b/pom.xml @@ -19,6 +19,7 @@ 2.5.0 8.11.2 + https://sonarcloud.io/ From 83612c67257d34f5af14918a6cd22897fcb0faed Mon Sep 17 00:00:00 2001 From: Andrea Grillo Date: Mon, 12 Feb 2024 15:39:29 +0100 Subject: [PATCH 04/20] [EC-156] Fix typo in workflow file name (#174) --- .github/workflows/{pr_release_ms_pnpg.yml => release_ms_pnpg.yml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename .github/workflows/{pr_release_ms_pnpg.yml => release_ms_pnpg.yml} (100%) diff --git a/.github/workflows/pr_release_ms_pnpg.yml b/.github/workflows/release_ms_pnpg.yml similarity index 100% rename from .github/workflows/pr_release_ms_pnpg.yml rename to .github/workflows/release_ms_pnpg.yml From 6ba82b5011745c5008351783f7d0091da0707b4d Mon Sep 17 00:00:00 2001 From: Giulia Tremolada <124147597+giulia-tremolada@users.noreply.github.com> Date: Wed, 28 Feb 2024 12:28:46 +0100 Subject: [PATCH 05/20] [SELC-4256] feat: modify nationalRegistriesConnector response management to avoid BadGatewayExceptions(502) (#176) --- .../core/NationalRegistriesServiceImpl.java | 7 ++-- .../NationalRegistriesServiceImplTest.java | 37 ++++++++----------- 2 files changed, 20 insertions(+), 24 deletions(-) diff --git a/core/src/main/java/it/pagopa/selfcare/party/registry_proxy/core/NationalRegistriesServiceImpl.java b/core/src/main/java/it/pagopa/selfcare/party/registry_proxy/core/NationalRegistriesServiceImpl.java index 5f011f18..1d9c2003 100644 --- a/core/src/main/java/it/pagopa/selfcare/party/registry_proxy/core/NationalRegistriesServiceImpl.java +++ b/core/src/main/java/it/pagopa/selfcare/party/registry_proxy/core/NationalRegistriesServiceImpl.java @@ -4,12 +4,12 @@ import it.pagopa.selfcare.party.registry_proxy.connector.constant.AdEResultDetailEnum; import it.pagopa.selfcare.party.registry_proxy.connector.exception.BadGatewayException; import it.pagopa.selfcare.party.registry_proxy.connector.exception.InvalidRequestException; +import it.pagopa.selfcare.party.registry_proxy.connector.exception.ResourceNotFoundException; import it.pagopa.selfcare.party.registry_proxy.connector.model.nationalregistries.Businesses; -import it.pagopa.selfcare.party.registry_proxy.connector.model.nationalregistries.LegalAddressResponse; import it.pagopa.selfcare.party.registry_proxy.connector.model.nationalregistries.LegalAddressProfessionalResponse; +import it.pagopa.selfcare.party.registry_proxy.connector.model.nationalregistries.LegalAddressResponse; import it.pagopa.selfcare.party.registry_proxy.connector.model.nationalregistries.VerifyLegalResponse; import it.pagopa.selfcare.party.registry_proxy.connector.rest.utils.MaskDataUtils; -import it.pagopa.selfcare.party.registry_proxy.connector.exception.ResourceNotFoundException; import lombok.extern.slf4j.Slf4j; import org.springframework.stereotype.Service; import org.springframework.util.Assert; @@ -53,7 +53,8 @@ private VerifyLegalResponse checkResponseErrorCode(VerifyLegalResponse verifyLeg AdEResultDetailEnum adEResultDetailEnum = AdEResultDetailEnum.fromValue(verifyLegalResponse.getVerifyLegalResultDetail().getValue()); if(AdEResultDetailEnum.XX00 == adEResultDetailEnum){ return verifyLegalResponse; - }else if(AdEResultDetailEnum.XX01 == adEResultDetailEnum || AdEResultDetailEnum.XX02 == adEResultDetailEnum){ + }else if(AdEResultDetailEnum.XX01 == adEResultDetailEnum || AdEResultDetailEnum.XX02 == adEResultDetailEnum + || AdEResultDetailEnum.XXXX == adEResultDetailEnum){ throw new InvalidRequestException("Formato dati non corretto"); } throw new BadGatewayException(verifyLegalResponse.getVerifyLegalResultDetailMessage()); diff --git a/core/src/test/java/it/pagopa/selfcare/party/registry_proxy/core/NationalRegistriesServiceImplTest.java b/core/src/test/java/it/pagopa/selfcare/party/registry_proxy/core/NationalRegistriesServiceImplTest.java index 848feaf3..99039de8 100644 --- a/core/src/test/java/it/pagopa/selfcare/party/registry_proxy/core/NationalRegistriesServiceImplTest.java +++ b/core/src/test/java/it/pagopa/selfcare/party/registry_proxy/core/NationalRegistriesServiceImplTest.java @@ -1,40 +1,34 @@ package it.pagopa.selfcare.party.registry_proxy.core; -import static org.junit.jupiter.api.Assertions.assertEquals; -import static org.junit.jupiter.api.Assertions.assertSame; -import static org.junit.jupiter.api.Assertions.assertThrows; -import static org.mockito.Mockito.any; -import static org.mockito.Mockito.atLeast; -import static org.mockito.Mockito.doNothing; -import static org.mockito.Mockito.mock; -import static org.mockito.Mockito.verify; -import static org.mockito.Mockito.when; - import it.pagopa.selfcare.party.registry_proxy.connector.api.NationalRegistriesConnector; import it.pagopa.selfcare.party.registry_proxy.connector.constant.AdEResultCodeEnum; import it.pagopa.selfcare.party.registry_proxy.connector.constant.AdEResultDetailEnum; import it.pagopa.selfcare.party.registry_proxy.connector.exception.BadGatewayException; import it.pagopa.selfcare.party.registry_proxy.connector.exception.InvalidRequestException; +import it.pagopa.selfcare.party.registry_proxy.connector.exception.ResourceNotFoundException; import it.pagopa.selfcare.party.registry_proxy.connector.model.nationalregistries.Businesses; import it.pagopa.selfcare.party.registry_proxy.connector.model.nationalregistries.LegalAddressProfessionalResponse; import it.pagopa.selfcare.party.registry_proxy.connector.model.nationalregistries.LegalAddressResponse; import it.pagopa.selfcare.party.registry_proxy.connector.model.nationalregistries.VerifyLegalResponse; -import it.pagopa.selfcare.party.registry_proxy.connector.exception.ResourceNotFoundException; - -import java.time.LocalDate; -import java.time.LocalDateTime; -import java.time.ZoneId; -import java.util.ArrayList; -import java.util.Date; - import org.junit.jupiter.api.Assertions; import org.junit.jupiter.api.Test; import org.junit.jupiter.api.extension.ExtendWith; +import org.junit.jupiter.params.ParameterizedTest; +import org.junit.jupiter.params.provider.EnumSource; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.boot.test.mock.mockito.MockBean; import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit.jupiter.SpringExtension; +import java.time.LocalDate; +import java.time.LocalDateTime; +import java.time.ZoneId; +import java.util.ArrayList; +import java.util.Date; + +import static org.junit.jupiter.api.Assertions.*; +import static org.mockito.Mockito.*; + @ContextConfiguration(classes = {NationalRegistriesServiceImpl.class}) @ExtendWith(SpringExtension.class) class NationalRegistriesServiceImplTest { @@ -128,11 +122,12 @@ void testVerifyLegalError() { /** * Method under test: {@link NationalRegistriesServiceImpl#verifyLegal(String, String)} */ - @Test - void testVerifyLegalInvalidRequest() { + @ParameterizedTest + @EnumSource(value = AdEResultDetailEnum.class, names = {"XX01", "XX02", "XXXX"}) + void testVerifyLegalInvalidRequest(AdEResultDetailEnum code) { VerifyLegalResponse verifyLegalResponse = new VerifyLegalResponse(); verifyLegalResponse.setVerifyLegalResultCode(AdEResultCodeEnum.CODE_01); - verifyLegalResponse.setVerifyLegalResultDetail(AdEResultDetailEnum.XX01); + verifyLegalResponse.setVerifyLegalResultDetail(code); when(nationalRegistriesConnector.verifyLegal(any(), any())) .thenReturn(verifyLegalResponse); assertThrows(InvalidRequestException.class, () -> nationalRegistriesServiceImpl.verifyLegal("42", "42")); From 69e8564e82091badb961ff41f37cd741a77470a5 Mon Sep 17 00:00:00 2001 From: Manuel Rafeli Date: Wed, 28 Feb 2024 14:14:50 +0100 Subject: [PATCH 06/20] ops: disable log health check (#177) --- .../party/registry_proxy/web/filter/LogFilter.java | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/web/src/main/java/it/pagopa/selfcare/party/registry_proxy/web/filter/LogFilter.java b/web/src/main/java/it/pagopa/selfcare/party/registry_proxy/web/filter/LogFilter.java index 4c6ad209..941abd63 100644 --- a/web/src/main/java/it/pagopa/selfcare/party/registry_proxy/web/filter/LogFilter.java +++ b/web/src/main/java/it/pagopa/selfcare/party/registry_proxy/web/filter/LogFilter.java @@ -24,6 +24,13 @@ public void doFilter(ServletRequest request, ServletResponse response, FilterCha HttpServletResponse httpServletResponse = (HttpServletResponse) response; final String httpUri = httpServletRequest.getRequestURI(); + + if (httpUri.startsWith("/actuator/health")) { + log.trace("request to health-check actuator"); + chain.doFilter(httpServletRequest, httpServletResponse); + return; + } + final String httpMethod = httpServletRequest.getMethod(); long startTime = System.currentTimeMillis(); From 9fdaf89290def49f903c640dc64a7bbe99289a14 Mon Sep 17 00:00:00 2001 From: manuraf Date: Wed, 28 Feb 2024 14:16:29 +0100 Subject: [PATCH 07/20] ops: disable log health check --- .../party/registry_proxy/web/filter/LogFilter.java | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/web/src/main/java/it/pagopa/selfcare/party/registry_proxy/web/filter/LogFilter.java b/web/src/main/java/it/pagopa/selfcare/party/registry_proxy/web/filter/LogFilter.java index 4c6ad209..941abd63 100644 --- a/web/src/main/java/it/pagopa/selfcare/party/registry_proxy/web/filter/LogFilter.java +++ b/web/src/main/java/it/pagopa/selfcare/party/registry_proxy/web/filter/LogFilter.java @@ -24,6 +24,13 @@ public void doFilter(ServletRequest request, ServletResponse response, FilterCha HttpServletResponse httpServletResponse = (HttpServletResponse) response; final String httpUri = httpServletRequest.getRequestURI(); + + if (httpUri.startsWith("/actuator/health")) { + log.trace("request to health-check actuator"); + chain.doFilter(httpServletRequest, httpServletResponse); + return; + } + final String httpMethod = httpServletRequest.getMethod(); long startTime = System.currentTimeMillis(); From ee14b36dda8f8aed7e336efa5aad3d94ba959811 Mon Sep 17 00:00:00 2001 From: andrea-putzu Date: Thu, 29 Feb 2024 11:05:36 +0100 Subject: [PATCH 08/20] fix: Update pipeline --- .devops/code-review-pipelines.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.devops/code-review-pipelines.yml b/.devops/code-review-pipelines.yml index 6f106d35..8736ea20 100644 --- a/.devops/code-review-pipelines.yml +++ b/.devops/code-review-pipelines.yml @@ -38,7 +38,7 @@ steps: displayName: 'download settings.xml for Maven' name: settingsxml inputs: - secureFile: '$(SETTINGS_XML_RW_SECURE_FILE_NAME)' + secureFile: '$(SETTINGS_XML_RO_SECURE_FILE_NAME)' retryCount: '2' - task: Maven@4 inputs: From 5176153f463eddb119d458ee786938c50644753c Mon Sep 17 00:00:00 2001 From: Manuel Rafeli Date: Mon, 4 Mar 2024 11:43:49 +0100 Subject: [PATCH 09/20] [SELC-3954] ops: using a common GitHub Action Swagger update (#180) --- .github/workflows/release_open_api.yml | 47 ++++++-------------------- 1 file changed, 11 insertions(+), 36 deletions(-) diff --git a/.github/workflows/release_open_api.yml b/.github/workflows/release_open_api.yml index 65a2b628..ea2f1cf1 100644 --- a/.github/workflows/release_open_api.yml +++ b/.github/workflows/release_open_api.yml @@ -1,46 +1,21 @@ -name: Swagger Update +name: Swagger Detect Conflict and Update on: pull_request: branches: - release-dev types: [ opened, synchronize, reopened ] - workflow_dispatch: #allow to run github action manually + permissions: contents: write + jobs: - build: - runs-on: ubuntu-latest + swagger_conflict_update: + runs-on: ubuntu-20.04 permissions: write-all - #if: github.event.pull_request.merged == true + name: Swagger Detect Conflict and Update steps: - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 - - name: Set up JDK 17 - uses: actions/setup-java@v3 - with: - java-version: '17' - distribution: 'temurin' - cache: maven - - name: Check out HEAD revision - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 - with: - ref: ${{ github.head_ref }} - path: head - - name: Check out BASE revision - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 - with: - ref: release-dev - path: base - - name: Build with Maven - run: mvn test -Dtest=SwaggerConfigTest#swaggerSpringPlugin -DfailIfNoTests=false - - name: Run OpenAPI Diff (from HEAD revision) - uses: mvegter/openapi-diff-action@72cde50f8d3a75f770f08e23b815d5ebe69ff757 - with: - head-spec: head/app/src/main/resources/swagger/api-docs.json - base-spec: base/app/src/main/resources/swagger/api-docs.json - - name: Commit api-docs - run: | - git ls-files ./app** | grep 'api-docs*' | xargs git add - git config --global user.email "selfcare-github@pagopa.it" - git config --global user.name "selfcare-github-bot" - git commit -m "Update Swagger documentation" || exit 0 - git push origin ${{ github.ref_name}} \ No newline at end of file + - id: swagger-conflict-update + uses: pagopa/selfcare-commons/github-actions-template/swagger-detect-conflict-spring@main + with: + path_openapi_docs: app/src/main/resources/swagger/api-docs.json + branch_ref: release-dev \ No newline at end of file From b867c63380eefd70391953bfaceba461c7eff96a Mon Sep 17 00:00:00 2001 From: andrea-putzu Date: Wed, 6 Mar 2024 18:42:05 +0100 Subject: [PATCH 10/20] fix: Update pipeline --- .../party/connector/azure_storage/AnacDataConnectorImpl.java | 2 +- .../party/connector/ftp/AnacDataFromFTPConnectorImpl.java | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/connector/azure_storage/src/main/java/it/pagopa/selfcare/party/connector/azure_storage/AnacDataConnectorImpl.java b/connector/azure_storage/src/main/java/it/pagopa/selfcare/party/connector/azure_storage/AnacDataConnectorImpl.java index b15a54bc..6887623a 100644 --- a/connector/azure_storage/src/main/java/it/pagopa/selfcare/party/connector/azure_storage/AnacDataConnectorImpl.java +++ b/connector/azure_storage/src/main/java/it/pagopa/selfcare/party/connector/azure_storage/AnacDataConnectorImpl.java @@ -35,7 +35,7 @@ public Optional getANACData() { resourceResponse = fileStorageConnector.getFile(fileName); return Optional.of(new ByteArrayInputStream(resourceResponse.getData())); } catch (Exception e) { - log.error("Impossible to retrieve file ANAC. Error: {}", e.getMessage(), e); + log.error("Impossible to retrieve file ANAC from Storage. Error: {}", e.getMessage(), e); return Optional.empty(); } } diff --git a/connector/ftp/src/main/java/it/pagopa/selfcare/party/connector/ftp/AnacDataFromFTPConnectorImpl.java b/connector/ftp/src/main/java/it/pagopa/selfcare/party/connector/ftp/AnacDataFromFTPConnectorImpl.java index 76d1b76a..68e751fd 100644 --- a/connector/ftp/src/main/java/it/pagopa/selfcare/party/connector/ftp/AnacDataFromFTPConnectorImpl.java +++ b/connector/ftp/src/main/java/it/pagopa/selfcare/party/connector/ftp/AnacDataFromFTPConnectorImpl.java @@ -52,7 +52,7 @@ public Optional getANACData() { Optional optionalFile = ftpConnector.getFile(directory + fileName); return optionalFile.flatMap(inputStream -> { Optional opt = updateFileOnAzureStorageAndRetrieveInputStream(inputStream); - log.trace("getANACData on filename: {} end", fileName); + log.debug("getANACData on filename from ftp: {} end", fileName); return opt; }); From fcf7cf97e83877929b6e606a30deb852aa8fa8e5 Mon Sep 17 00:00:00 2001 From: andrea-putzu Date: Wed, 6 Mar 2024 18:42:41 +0100 Subject: [PATCH 11/20] fix: Update pipeline --- helm/pnpg/values.yaml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/helm/pnpg/values.yaml b/helm/pnpg/values.yaml index 950a9d2c..e81fe2f2 100644 --- a/helm/pnpg/values.yaml +++ b/helm/pnpg/values.yaml @@ -105,7 +105,7 @@ config: IPA_OPEN_DATA_INSTITUTION_ENDPOINT: "/d09adf99-dc10-4349-8c53-27b1e5aa97b6" IPA_OPEN_DATA_CATEGORY_ENDPOINT: "/84ebb2e7-0e61-427b-a1dd-ab8bb2a84f07" IPA_OPEN_DATA_AOOS_ENDPOINT: "/cdaded04-f84e-4193-a720-47d6d5f422aa" - IPA_OPEN_DATA_UOS_ENDPOINT: "/b0aa1f6c-f135-4c8a-b416-396fed4e1a5d" + IPA_OPEN_DATA_UOS_ENDPOINT: "/b0aa1f6c-f135-4c8a-b416-396fed4e1a5d" LUCENE_INDEX_INSTITUTIONS_FOLDER: "index/institutions" LUCENE_INDEX_CATEGORIES_FOLDER: "index/categories" LUCENE_INDEX_AOOS_FOLDER: "index/aoos" @@ -113,4 +113,6 @@ config: LUCENE_INDEX_ANAC_FOLDER: "index/anac" LUCENE_INDEX_IVASS_FOLDER: "index/ivass" BLOB_ANAC_FILENAME: "anac-data.csv" - BLOB_IVASS_FILENAME: "ivass-data.csv" \ No newline at end of file + BLOB_IVASS_FILENAME: "ivass-data.csv" + IVASS_REGISTRY_TYPES: "ElencoI,ElencoII,SezioneI,SezioneII" + IVASS_WORK_TYPES: "VITA,PICCOLO CUMULO,MISTA" From a3c0af2c09349264fb89c6c434f71bf4cdfbfad7 Mon Sep 17 00:00:00 2001 From: andrea-putzu Date: Wed, 6 Mar 2024 18:42:41 +0100 Subject: [PATCH 12/20] fix: Update pipeline --- helm/pnpg/values.yaml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/helm/pnpg/values.yaml b/helm/pnpg/values.yaml index 950a9d2c..e81fe2f2 100644 --- a/helm/pnpg/values.yaml +++ b/helm/pnpg/values.yaml @@ -105,7 +105,7 @@ config: IPA_OPEN_DATA_INSTITUTION_ENDPOINT: "/d09adf99-dc10-4349-8c53-27b1e5aa97b6" IPA_OPEN_DATA_CATEGORY_ENDPOINT: "/84ebb2e7-0e61-427b-a1dd-ab8bb2a84f07" IPA_OPEN_DATA_AOOS_ENDPOINT: "/cdaded04-f84e-4193-a720-47d6d5f422aa" - IPA_OPEN_DATA_UOS_ENDPOINT: "/b0aa1f6c-f135-4c8a-b416-396fed4e1a5d" + IPA_OPEN_DATA_UOS_ENDPOINT: "/b0aa1f6c-f135-4c8a-b416-396fed4e1a5d" LUCENE_INDEX_INSTITUTIONS_FOLDER: "index/institutions" LUCENE_INDEX_CATEGORIES_FOLDER: "index/categories" LUCENE_INDEX_AOOS_FOLDER: "index/aoos" @@ -113,4 +113,6 @@ config: LUCENE_INDEX_ANAC_FOLDER: "index/anac" LUCENE_INDEX_IVASS_FOLDER: "index/ivass" BLOB_ANAC_FILENAME: "anac-data.csv" - BLOB_IVASS_FILENAME: "ivass-data.csv" \ No newline at end of file + BLOB_IVASS_FILENAME: "ivass-data.csv" + IVASS_REGISTRY_TYPES: "ElencoI,ElencoII,SezioneI,SezioneII" + IVASS_WORK_TYPES: "VITA,PICCOLO CUMULO,MISTA" From 110ebcc4872edf982db4821261a7ab3e39c516db Mon Sep 17 00:00:00 2001 From: andrea-putzu Date: Wed, 6 Mar 2024 18:42:05 +0100 Subject: [PATCH 13/20] fix: Update pipeline --- .../party/connector/azure_storage/AnacDataConnectorImpl.java | 2 +- .../party/connector/ftp/AnacDataFromFTPConnectorImpl.java | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/connector/azure_storage/src/main/java/it/pagopa/selfcare/party/connector/azure_storage/AnacDataConnectorImpl.java b/connector/azure_storage/src/main/java/it/pagopa/selfcare/party/connector/azure_storage/AnacDataConnectorImpl.java index b15a54bc..6887623a 100644 --- a/connector/azure_storage/src/main/java/it/pagopa/selfcare/party/connector/azure_storage/AnacDataConnectorImpl.java +++ b/connector/azure_storage/src/main/java/it/pagopa/selfcare/party/connector/azure_storage/AnacDataConnectorImpl.java @@ -35,7 +35,7 @@ public Optional getANACData() { resourceResponse = fileStorageConnector.getFile(fileName); return Optional.of(new ByteArrayInputStream(resourceResponse.getData())); } catch (Exception e) { - log.error("Impossible to retrieve file ANAC. Error: {}", e.getMessage(), e); + log.error("Impossible to retrieve file ANAC from Storage. Error: {}", e.getMessage(), e); return Optional.empty(); } } diff --git a/connector/ftp/src/main/java/it/pagopa/selfcare/party/connector/ftp/AnacDataFromFTPConnectorImpl.java b/connector/ftp/src/main/java/it/pagopa/selfcare/party/connector/ftp/AnacDataFromFTPConnectorImpl.java index 76d1b76a..68e751fd 100644 --- a/connector/ftp/src/main/java/it/pagopa/selfcare/party/connector/ftp/AnacDataFromFTPConnectorImpl.java +++ b/connector/ftp/src/main/java/it/pagopa/selfcare/party/connector/ftp/AnacDataFromFTPConnectorImpl.java @@ -52,7 +52,7 @@ public Optional getANACData() { Optional optionalFile = ftpConnector.getFile(directory + fileName); return optionalFile.flatMap(inputStream -> { Optional opt = updateFileOnAzureStorageAndRetrieveInputStream(inputStream); - log.trace("getANACData on filename: {} end", fileName); + log.debug("getANACData on filename from ftp: {} end", fileName); return opt; }); From 68b2328b3aa7c97e9949d9ddb76bc2e1edb25b98 Mon Sep 17 00:00:00 2001 From: Andrea Grillo Date: Tue, 12 Mar 2024 13:03:59 +0100 Subject: [PATCH 14/20] [EC-125] Add Container App infrastructure (#175) Co-authored-by: manuraf --- .github/workflows/pr_ms.yml | 4 +- .github/workflows/release_ms.yml | 31 +++++-- .github/workflows/release_ms_pnpg.yml | 28 ++++-- Dockerfile.new | 8 +- .../azure_storage/IvassDataConnectorImpl.java | 2 +- .../connector/ftp/client/AnacFTPClient.java | 2 +- .../lucene/reader/DirectoryReaderFactory.java | 2 +- .../writer/IndexWriterFactoryTemplate.java | 2 +- .../writer/IndexWriterServiceTemplate.java | 2 +- .../rest/OpenDataConnectorTemplate.java | 8 +- infra/container_apps/.terraform.lock.hcl | 48 ++++++++++ infra/container_apps/README.md | 42 +++++++++ infra/container_apps/env/dev-pnpg/backend.ini | 1 + .../env/dev-pnpg/backend.tfvars | 4 + .../env/dev-pnpg/terraform.tfvars | 79 ++++++++++++++++ infra/container_apps/env/dev/backend.ini | 1 + infra/container_apps/env/dev/backend.tfvars | 4 + infra/container_apps/env/dev/terraform.tfvars | 87 ++++++++++++++++++ .../container_apps/env/prod-pnpg/backend.ini | 1 + .../env/prod-pnpg/backend.tfvars | 4 + .../env/prod-pnpg/terraform.tfvars | 92 +++++++++++++++++++ infra/container_apps/env/prod/backend.ini | 1 + infra/container_apps/env/prod/backend.tfvars | 4 + .../container_apps/env/prod/terraform.tfvars | 87 ++++++++++++++++++ infra/container_apps/env/uat-pnpg/backend.ini | 1 + .../env/uat-pnpg/backend.tfvars | 4 + .../env/uat-pnpg/terraform.tfvars | 79 ++++++++++++++++ infra/container_apps/env/uat/backend.ini | 1 + infra/container_apps/env/uat/backend.tfvars | 4 + infra/container_apps/env/uat/terraform.tfvars | 74 +++++++++++++++ infra/container_apps/main.tf | 25 +++++ infra/container_apps/terraform.sh | 69 ++++++++++++++ infra/container_apps/variables.tf | 57 ++++++++++++ 33 files changed, 825 insertions(+), 33 deletions(-) create mode 100644 infra/container_apps/.terraform.lock.hcl create mode 100644 infra/container_apps/README.md create mode 100644 infra/container_apps/env/dev-pnpg/backend.ini create mode 100644 infra/container_apps/env/dev-pnpg/backend.tfvars create mode 100644 infra/container_apps/env/dev-pnpg/terraform.tfvars create mode 100644 infra/container_apps/env/dev/backend.ini create mode 100644 infra/container_apps/env/dev/backend.tfvars create mode 100644 infra/container_apps/env/dev/terraform.tfvars create mode 100644 infra/container_apps/env/prod-pnpg/backend.ini create mode 100644 infra/container_apps/env/prod-pnpg/backend.tfvars create mode 100644 infra/container_apps/env/prod-pnpg/terraform.tfvars create mode 100644 infra/container_apps/env/prod/backend.ini create mode 100644 infra/container_apps/env/prod/backend.tfvars create mode 100644 infra/container_apps/env/prod/terraform.tfvars create mode 100644 infra/container_apps/env/uat-pnpg/backend.ini create mode 100644 infra/container_apps/env/uat-pnpg/backend.tfvars create mode 100644 infra/container_apps/env/uat-pnpg/terraform.tfvars create mode 100644 infra/container_apps/env/uat/backend.ini create mode 100644 infra/container_apps/env/uat/backend.tfvars create mode 100644 infra/container_apps/env/uat/terraform.tfvars create mode 100644 infra/container_apps/main.tf create mode 100644 infra/container_apps/terraform.sh create mode 100644 infra/container_apps/variables.tf diff --git a/.github/workflows/pr_ms.yml b/.github/workflows/pr_ms.yml index 812c06e0..51421e17 100644 --- a/.github/workflows/pr_ms.yml +++ b/.github/workflows/pr_ms.yml @@ -22,7 +22,7 @@ on: jobs: code_review: - uses: pagopa/selfcare-commons/.github/workflows/call_code_review_spring.yml@EC-149-template-git-hub-workflows + uses: pagopa/selfcare-commons/.github/workflows/call_code_review_spring.yml@main name: 'Code Review' secrets: inherit if: github.base_ref == 'main' && github.event_name == 'pull_request' @@ -33,5 +33,5 @@ jobs: sonar_key: 'pagopa_selfcare-ms-party-registry-proxy' docker_build: - uses: pagopa/selfcare-commons/.github/workflows/call_code_review_docker.yml@EC-149-template-git-hub-workflows + uses: pagopa/selfcare-commons/.github/workflows/call_code_review_docker.yml@main name: 'Docker' \ No newline at end of file diff --git a/.github/workflows/release_ms.yml b/.github/workflows/release_ms.yml index 874cbd9f..81b1fb8f 100644 --- a/.github/workflows/release_ms.yml +++ b/.github/workflows/release_ms.yml @@ -1,7 +1,15 @@ -name: Release ms-party-registry-proxy +name: Release - ms-party-registry-proxy on: workflow_dispatch: + inputs: + env: + type: choice + description: Environment + options: + - dev + - uat + - prod push: branches: @@ -19,28 +27,31 @@ on: jobs: release_dev: - uses: pagopa/selfcare-commons/.github/workflows/call_release_docker.yml@EC-149-template-git-hub-workflows + uses: pagopa/selfcare-commons/.github/workflows/call_release_docker.yml@main name: '[Dev] PartyRegistryProxy ms Release' - if: startsWith(github.ref_name, 'releases/') != true + if: ${{ (startsWith(github.ref_name, 'releases/') != true && inputs.env == null) || inputs.env == 'dev' }} secrets: inherit with: environment: dev - dir: 'infra' + tf_environment: dev + dir: 'infra/container_apps' release_uat: - uses: pagopa/selfcare-commons/.github/workflows/call_release_docker.yml@EC-149-template-git-hub-workflows + uses: pagopa/selfcare-commons/.github/workflows/call_release_docker.yml@main name: '[UAT] PartyRegistryProxy ms Release' - if: startsWith(github.ref_name, 'releases/') + if: ${{ (startsWith(github.ref_name, 'releases/') == true && inputs.env == null) || inputs.env == 'uat' }} secrets: inherit with: environment: uat - dir: 'infra' + tf_environment: uat + dir: 'infra/container_apps' release_prod: - uses: pagopa/selfcare-commons/.github/workflows/call_release_docker.yml@EC-149-template-git-hub-workflows + uses: pagopa/selfcare-commons/.github/workflows/call_release_docker.yml@main name: '[Prod] PartyRegistryProxy ms Release' - if: startsWith(github.ref_name, 'releases/') + if: ${{ inputs.env == 'prod' }} secrets: inherit with: environment: prod - dir: 'infra' \ No newline at end of file + tf_environment: prod + dir: 'infra/container_apps' \ No newline at end of file diff --git a/.github/workflows/release_ms_pnpg.yml b/.github/workflows/release_ms_pnpg.yml index 3e23d540..64c1faf4 100644 --- a/.github/workflows/release_ms_pnpg.yml +++ b/.github/workflows/release_ms_pnpg.yml @@ -1,7 +1,15 @@ -name: Release PNPG ms-party-registry-proxy +name: Release - PNPG ms-party-registry-proxy on: workflow_dispatch: + inputs: + env: + type: choice + description: Environment + options: + - dev + - uat + - prod push: branches: @@ -19,31 +27,31 @@ on: jobs: release_dev: - uses: pagopa/selfcare-commons/.github/workflows/call_release_docker.yml@EC-149-template-git-hub-workflows + uses: pagopa/selfcare-commons/.github/workflows/call_release_docker.yml@main name: '[Dev] PartyRegistryProxy ms Release' - if: startsWith(github.ref_name, 'releases/') != true + if: ${{ (startsWith(github.ref_name, 'releases/') != true && inputs.env == null) || inputs.env == 'dev' }} secrets: inherit with: environment: dev tf_environment: dev-pnpg - dir: 'infra' + dir: 'infra/container_apps' release_uat: - uses: pagopa/selfcare-commons/.github/workflows/call_release_docker.yml@EC-149-template-git-hub-workflows + uses: pagopa/selfcare-commons/.github/workflows/call_release_docker.yml@main name: '[UAT] PartyRegistryProxy ms Release' - if: startsWith(github.ref_name, 'releases/') + if: ${{ (startsWith(github.ref_name, 'releases/') == true && inputs.env == null) || inputs.env == 'uat' }} secrets: inherit with: environment: uat tf_environment: uat-pnpg - dir: 'infra' + dir: 'infra/container_apps' release_prod: - uses: pagopa/selfcare-commons/.github/workflows/call_release_docker.yml@EC-149-template-git-hub-workflows + uses: pagopa/selfcare-commons/.github/workflows/call_release_docker.yml@main name: '[Prod] PartyRegistryProxy ms Release' - if: startsWith(github.ref_name, 'releases/') + if: ${{ inputs.env == 'prod' }} secrets: inherit with: environment: prod tf_environment: prod-pnpg - dir: 'infra' \ No newline at end of file + dir: 'infra/container_apps' \ No newline at end of file diff --git a/Dockerfile.new b/Dockerfile.new index 13dc1062..356feb80 100644 --- a/Dockerfile.new +++ b/Dockerfile.new @@ -12,9 +12,13 @@ WORKDIR /app COPY --from=builder ./target/*.jar ./app.jar -ADD https://github.com/microsoft/ApplicationInsights-Java/releases/download/3.1.1/applicationinsights-agent-3.1.1.jar /applicationinsights-agent.jar +ADD https://github.com/microsoft/ApplicationInsights-Java/releases/download/3.2.11/applicationinsights-agent-3.2.11.jar ./applicationinsights-agent.jar +RUN chmod 755 ./applicationinsights-agent.jar -EXPOSE 8080 +RUN chown -R 1001:1001 /app +RUN chmod 755 /app USER 1001 +EXPOSE 8080 + ENTRYPOINT ["java", "-jar", "app.jar"] \ No newline at end of file diff --git a/connector/azure_storage/src/main/java/it/pagopa/selfcare/party/connector/azure_storage/IvassDataConnectorImpl.java b/connector/azure_storage/src/main/java/it/pagopa/selfcare/party/connector/azure_storage/IvassDataConnectorImpl.java index b13960cd..4c2367df 100644 --- a/connector/azure_storage/src/main/java/it/pagopa/selfcare/party/connector/azure_storage/IvassDataConnectorImpl.java +++ b/connector/azure_storage/src/main/java/it/pagopa/selfcare/party/connector/azure_storage/IvassDataConnectorImpl.java @@ -60,7 +60,7 @@ public List getInsurances() { } catch (Exception e) { log.error("Impossible to acquire data for IVASS. Error: {}", e.getMessage(), e); } - log.debug("getInsurances result = {}", companies); + //log.debug("getInsurances result = {}", companies); log.trace("getInsurances end"); return companies .stream() diff --git a/connector/ftp/src/main/java/it/pagopa/selfcare/party/connector/ftp/client/AnacFTPClient.java b/connector/ftp/src/main/java/it/pagopa/selfcare/party/connector/ftp/client/AnacFTPClient.java index 101ec7e9..c70a0c23 100644 --- a/connector/ftp/src/main/java/it/pagopa/selfcare/party/connector/ftp/client/AnacFTPClient.java +++ b/connector/ftp/src/main/java/it/pagopa/selfcare/party/connector/ftp/client/AnacFTPClient.java @@ -53,7 +53,7 @@ public Optional getFile(String fileName) { } private Optional connectAndRetrieveFile(ChannelSftp channelSftp, String fileName) throws JSchException, SftpException, IOException { - channelSftp.connect(); + channelSftp.connect(30000); InputStream inputStream = channelSftp.get(fileName); InputStream finalInputStream = new ByteArrayInputStream(inputStream.readAllBytes()); return Optional.of(finalInputStream); diff --git a/connector/lucene/src/main/java/it/pagopa/selfcare/party/registry_proxy/connector/lucene/reader/DirectoryReaderFactory.java b/connector/lucene/src/main/java/it/pagopa/selfcare/party/registry_proxy/connector/lucene/reader/DirectoryReaderFactory.java index 985e88da..aaafcc6d 100644 --- a/connector/lucene/src/main/java/it/pagopa/selfcare/party/registry_proxy/connector/lucene/reader/DirectoryReaderFactory.java +++ b/connector/lucene/src/main/java/it/pagopa/selfcare/party/registry_proxy/connector/lucene/reader/DirectoryReaderFactory.java @@ -31,7 +31,7 @@ public DirectoryReader create() { currentReader = Optional.ofNullable(DirectoryReader.openIfChanged(currentReader)) .orElse(currentReader); } - log.debug("create result = {}", currentReader); + //log.debug("create result = {}", currentReader); log.trace("create end"); return currentReader; } diff --git a/connector/lucene/src/main/java/it/pagopa/selfcare/party/registry_proxy/connector/lucene/writer/IndexWriterFactoryTemplate.java b/connector/lucene/src/main/java/it/pagopa/selfcare/party/registry_proxy/connector/lucene/writer/IndexWriterFactoryTemplate.java index eb95b155..75302206 100644 --- a/connector/lucene/src/main/java/it/pagopa/selfcare/party/registry_proxy/connector/lucene/writer/IndexWriterFactoryTemplate.java +++ b/connector/lucene/src/main/java/it/pagopa/selfcare/party/registry_proxy/connector/lucene/writer/IndexWriterFactoryTemplate.java @@ -26,7 +26,7 @@ public IndexWriterFactoryTemplate(Directory directory, Analyzer analyzer) { public IndexWriter create() { log.trace("create start"); final IndexWriter indexWriter = new IndexWriter(directory, new IndexWriterConfig(analyzer)); - log.debug("create result = {}", indexWriter); + //log.debug("create result = {}", indexWriter); log.trace("create end"); return indexWriter; } diff --git a/connector/lucene/src/main/java/it/pagopa/selfcare/party/registry_proxy/connector/lucene/writer/IndexWriterServiceTemplate.java b/connector/lucene/src/main/java/it/pagopa/selfcare/party/registry_proxy/connector/lucene/writer/IndexWriterServiceTemplate.java index 84ca91a8..c3668838 100644 --- a/connector/lucene/src/main/java/it/pagopa/selfcare/party/registry_proxy/connector/lucene/writer/IndexWriterServiceTemplate.java +++ b/connector/lucene/src/main/java/it/pagopa/selfcare/party/registry_proxy/connector/lucene/writer/IndexWriterServiceTemplate.java @@ -31,7 +31,7 @@ public IndexWriterServiceTemplate(IndexWriterFactory indexWriterFactory, Functio @Override public void adds(List items) { log.trace("adds start"); - log.debug("adds items = {}", items); + log.debug("adds items = {}", items.size()); final IndexWriter indexWriter = indexWriterFactory.create(); try (indexWriter) { for (T item : items) { diff --git a/connector/rest/src/main/java/it/pagopa/selfcare/party/registry_proxy/connector/rest/OpenDataConnectorTemplate.java b/connector/rest/src/main/java/it/pagopa/selfcare/party/registry_proxy/connector/rest/OpenDataConnectorTemplate.java index 7c3b37dc..6f631ab4 100644 --- a/connector/rest/src/main/java/it/pagopa/selfcare/party/registry_proxy/connector/rest/OpenDataConnectorTemplate.java +++ b/connector/rest/src/main/java/it/pagopa/selfcare/party/registry_proxy/connector/rest/OpenDataConnectorTemplate.java @@ -39,7 +39,7 @@ public List getInstitutions() { } //TODO: scartare i record che non soddisfano determinati requisiti? - log.debug("getInstitutions result = {}", institutions); + //log.debug("getInstitutions result = {}", institutions); log.trace("getInstitutions end"); return institutions; } @@ -61,7 +61,7 @@ public List getCategories() { } //TODO: scartare i record che non soddisfano determinati requisiti? - log.debug("getCategories result = {}", categories); + //log.debug("getCategories result = {}", categories); log.trace("getCategories end"); return categories; } @@ -83,7 +83,7 @@ public List getAOOs() { } //TODO: scartare i record che non soddisfano determinati requisiti? - log.debug("getAOOs result = {}", aoos); + //log.debug("getAOOs result = {}", aoos); log.trace("getAOOs end"); return aoos; } @@ -105,7 +105,7 @@ public List getUOs() { } //TODO: scartare i record che non soddisfano determinati requisiti? - log.debug("getUOs result = {}", uos); + //log.debug("getUOs result = {}", uos); log.trace("getUOs end"); return uos; } diff --git a/infra/container_apps/.terraform.lock.hcl b/infra/container_apps/.terraform.lock.hcl new file mode 100644 index 00000000..bdcbd8fe --- /dev/null +++ b/infra/container_apps/.terraform.lock.hcl @@ -0,0 +1,48 @@ +# This file is maintained automatically by "terraform init". +# Manual edits may be lost in future updates. + +provider "registry.terraform.io/azure/azapi" { + version = "1.9.0" + constraints = "~> 1.9.0" + hashes = [ + "h1:Ow1rr5fYBGSkplH/kcXeWz9y2wA81BnhZ7vTBzJfAAg=", + "h1:shpEoqcAbf+p6AvspiYO1YrX//8l1LV/owEcQpujWHw=", + "h1:yIJQVdnmGZdvS3yrw0M8ke9KiB/c0tjZ7KUXC46Hjx0=", + "h1:zaLH2Owmj61RX2G1Cy6VDy8Ttfzx+lDsSCyiu5cXkm4=", + "zh:349569471fbf387feaaf8b88da1690669e201147c342f905e5eb03df42b3cf87", + "zh:54346d5fb78cbad3eb7cfd96e1dd7ce4f78666cabaaccfec6ee9437476330018", + "zh:64b799da915ea3a9a58ac7a926c6a31c59fd0d911687804d8e815eda88c5580b", + "zh:9336ed9e112555e0fda8af6be9ba21478e30117d79ba662233311d9560d2b7c6", + "zh:a8aace9897b28ea0b2dbd7a3be3df033e158af40412c9c7670be0956f216ed7e", + "zh:ab23df7de700d9e785009a4ca9ceb38ae1ab894a13f5788847f15d018556f415", + "zh:b4f13f0b13560a67d427c71c85246f8920f98987120341830071df4535842053", + "zh:e58377bf36d8a14d28178a002657865ee17446182dac03525fd43435e41a1b5c", + "zh:ea5db4acc6413fd0fe6b35981e58cdc9850f5f3118031cc3d2581de511aee6aa", + "zh:f0b32c06c6bd4e4af2c02a62be07b947766aeeb09289a03f21aba16c2fd3c60f", + "zh:f1518e766a90c257d7eb36d360dafaf311593a4a9352ff8db0bcfe0ed8cf45ae", + "zh:fa89e84cff0776b5b61ff27049b1d8ed52040bd58c81c4628890d644a6fb2989", + ] +} + +provider "registry.terraform.io/hashicorp/azurerm" { + version = "3.91.0" + constraints = "<= 3.91.0" + hashes = [ + "h1:8hMFuaTQsZIV69D0J/W+6hSlhRRDzYSpC0Eg9yWYF0o=", + "h1:FEDNnFv/uKI2+FQ+nDoyswEI3trJ3d7Fx2Cy7Ff4Rq8=", + "h1:Iv9CR+7491iozaK2AkCSAK2u4a2rPyJDQpyHijClj6Y=", + "h1:t0I5G4canK6UdlgHGfMV4rUNBPGdrMiIB01VGizlXB8=", + "zh:13928b71b1235783f3f877a799e28fb91e50512b051eb8ccb370500fc140cf3f", + "zh:3264341657e9ff3963d69b0fa088f64665349e2a29b2f3aeb4deee6d9d7584b7", + "zh:467a2ddd2eee26353db65e949bfbe533481ca0fb53c152724380b63a308f11b9", + "zh:6133e57087167b163180df3a77fab0c63b3e11609d139d39db8d3be3d6ec7ccd", + "zh:6df24730bc9247647ffb44832c3c64e45ab731dd83a3592d33d28235a453235a", + "zh:775aae148223a4a86e2dd25533a95a5fea4817085b6c5e643a7192453270cd68", + "zh:89d51148c7c123685d3e2f7e291888a3af009656e5c0ad66235a7c686ecb19d2", + "zh:9c89552051226eeb7c0fc66ad5aa57d1d0f5acc1d56afad06b6596707ae6c85e", + "zh:c4f3bc269837fa3b6ad803de2c7d1125dd791d78a521dcad2e7a63b905a13a53", + "zh:e48f05de1ffdcc998c5ff915570fb0557c7ac1d3af971dd76aff82e66d45bf06", + "zh:f1945716c7b9c23c25ca9fb4a68f27b6cfa25f5d235112c31f9412eba47f93c6", + "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c", + ] +} diff --git a/infra/container_apps/README.md b/infra/container_apps/README.md new file mode 100644 index 00000000..6cf55732 --- /dev/null +++ b/infra/container_apps/README.md @@ -0,0 +1,42 @@ +# Container App + +Deploy container on a Container App instance. + + + +## Requirements + +| Name | Version | +|------|---------| +| [terraform](#requirement\_terraform) | >= 1.6.0 | + +## Providers + +No providers. + +## Modules + +| Name | Source | Version | +|------|--------|---------| +| [container\_app\_dashboard\_backend](#module\_container\_app\_dashboard\_backend) | github.com/pagopa/selfcare-commons//infra/terraform-modules/container_app_microservice | main | + +## Resources + +No resources. + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [app\_settings](#input\_app\_settings) | n/a | 
list(object({
    name  = string
    value = string
  }))
| n/a | yes | +| [container\_app](#input\_container\_app) | Container App configuration | 
object({
    min_replicas = number
    max_replicas = number

    scale_rules = list(object({
      name = string
      custom = object({
        metadata = map(string)
        type     = string
      })
    }))

    cpu    = number
    memory = string
  })
| n/a | yes | +| [env\_short](#input\_env\_short) | Environment short name | `string` | n/a | yes | +| [image\_tag](#input\_image\_tag) | Image tag to use for the container | `string` | `"latest"` | no | +| [is\_pnpg](#input\_is\_pnpg) | (Optional) True if you want to apply changes to PNPG environment | `bool` | `false` | no | +| [secrets\_names](#input\_secrets\_names) | KeyVault secrets to get values from | `map(string)` | n/a | yes | +| [tags](#input\_tags) | n/a | `map(any)` | n/a | yes | + +## Outputs + +No outputs. + \ No newline at end of file diff --git a/infra/container_apps/env/dev-pnpg/backend.ini b/infra/container_apps/env/dev-pnpg/backend.ini new file mode 100644 index 00000000..73ee9c6b --- /dev/null +++ b/infra/container_apps/env/dev-pnpg/backend.ini @@ -0,0 +1 @@ +subscription=DEV-SelfCare \ No newline at end of file diff --git a/infra/container_apps/env/dev-pnpg/backend.tfvars b/infra/container_apps/env/dev-pnpg/backend.tfvars new file mode 100644 index 00000000..24f06900 --- /dev/null +++ b/infra/container_apps/env/dev-pnpg/backend.tfvars @@ -0,0 +1,4 @@ +resource_group_name = "terraform-state-rg" +storage_account_name = "tfappdevselfcare" +container_name = "terraform-state" +key = "selfcare-pnpg-party-registry-proxy.container_app.tfstate" \ No newline at end of file diff --git a/infra/container_apps/env/dev-pnpg/terraform.tfvars b/infra/container_apps/env/dev-pnpg/terraform.tfvars new file mode 100644 index 00000000..515ef47d --- /dev/null +++ b/infra/container_apps/env/dev-pnpg/terraform.tfvars @@ -0,0 +1,79 @@ +is_pnpg = true +env_short = "d" + +tags = { + CreatedBy = "Terraform" + Environment = "Dev" + Owner = "SelfCare" + Source = "https://github.com/pagopa/selfcare-ms-party-registry-proxy" + CostCenter = "TS310 - PAGAMENTI & SERVIZI" +} + +container_app = { + min_replicas = 1 + max_replicas = 1 + scale_rules = [] + cpu = 1 + memory = "2Gi" +} + +app_settings = [ + { + name = "JAVA_TOOL_OPTIONS" + value = "-javaagent:applicationinsights-agent.jar" + }, + { + name = "APPLICATIONINSIGHTS_INSTRUMENTATION_LOGGING_LEVEL" + value = "OFF" + }, + { + name = "MS_PARTY_REGISTRY_PROXY_LOG_LEVEL" + value = "DEBUG" + }, + { + name = "MOCK_OPEN_DATA_ENABLED" + value = "false" + }, + { + name = "MOCK_OPEN_DATA_URL" + value = "https://selcdweupnpgcheckoutsa.z6.web.core.windows.net/resources" + }, + { + name = "MOCK_OPEN_DATA_INSTITUTION_ENDPOINT" + value = "/institutions-open-data-mock.csv" + }, + { + name = "MOCK_OPEN_DATA_CATEGORY_ENDPOINT" + value = "/categories-open-data-mock.csv" + }, + { + name = "MOCK_OPEN_DATA_AOO_ENDPOINT" + value = "/aoo-open-data-mock.csv" + }, + { + name = "MOCK_OPEN_DATA_UO_ENDPOINT" + value = "/uo-open-data-mock.csv" + }, + { + name = "INFO_CAMERE_URL" + value = "https://icapiscl.infocamere.it" + }, + { + name = "INFO_CAMERE_INSTITUTIONS_BY_LEGAL_ENDPOINT" + value = "/ic/ce/wspa/wspa/rest/listaLegaleRappresentante/{taxId}" + }, + { + name = "INFO_CAMERE_AUTHENTICATION_ENDPOINT" + value = "/ic/ce/wspa/wspa/rest/authentication" + }, + { + name = "NATIONAL_REGISTRIES_URL" + value = "https://api-selcpg.dev.notifichedigitali.it/national-registries-private" + } +] + +secrets_names = { + "BLOB_STORAGE_CONN_STRING" = "web-storage-connection-string" + "NATIONAL_REGISTRY_API_KEY" = "national-registry-api-key" + "APPLICATIONINSIGHTS_CONNECTION_STRING" = "appinsights-connection-string" +} diff --git a/infra/container_apps/env/dev/backend.ini b/infra/container_apps/env/dev/backend.ini new file mode 100644 index 00000000..73ee9c6b --- /dev/null +++ b/infra/container_apps/env/dev/backend.ini @@ -0,0 +1 @@ +subscription=DEV-SelfCare \ No newline at end of file diff --git a/infra/container_apps/env/dev/backend.tfvars b/infra/container_apps/env/dev/backend.tfvars new file mode 100644 index 00000000..462e91be --- /dev/null +++ b/infra/container_apps/env/dev/backend.tfvars @@ -0,0 +1,4 @@ +resource_group_name = "terraform-state-rg" +storage_account_name = "tfappdevselfcare" +container_name = "terraform-state" +key = "selfcare-party-registry-proxy.container_app.tfstate" \ No newline at end of file diff --git a/infra/container_apps/env/dev/terraform.tfvars b/infra/container_apps/env/dev/terraform.tfvars new file mode 100644 index 00000000..4d3d4fe3 --- /dev/null +++ b/infra/container_apps/env/dev/terraform.tfvars @@ -0,0 +1,87 @@ +env_short = "d" + +tags = { + CreatedBy = "Terraform" + Environment = "Dev" + Owner = "SelfCare" + Source = "https://github.com/pagopa/selfcare-ms-party-registry-proxy" + CostCenter = "TS310 - PAGAMENTI & SERVIZI" +} + +container_app = { + min_replicas = 1 + max_replicas = 1 + scale_rules = [] + cpu = 1 + memory = "2Gi" +} + +app_settings = [ + { + name = "JAVA_TOOL_OPTIONS" + value = "-javaagent:applicationinsights-agent.jar" + }, + { + name = "APPLICATIONINSIGHTS_INSTRUMENTATION_LOGGING_LEVEL" + value = "OFF" + }, + { + name = "MS_PARTY_REGISTRY_PROXY_LOG_LEVEL" + value = "DEBUG" + }, + { + name = "MOCK_OPEN_DATA_ENABLED" + value = "false" + }, + { + name = "MOCK_OPEN_DATA_URL" + value = "https://selcdcheckoutsa.z6.web.core.windows.net/resources" + }, + { + name = "MOCK_OPEN_DATA_INSTITUTION_ENDPOINT" + value = "/institutions-open-data-mock.csv" + }, + { + name = "MOCK_OPEN_DATA_CATEGORY_ENDPOINT" + value = "/categories-open-data-mock.csv" + }, + { + name = "MOCK_OPEN_DATA_AOO_ENDPOINT" + value = "/aoo-open-data-mock.csv" + }, + { + name = "MOCK_OPEN_DATA_UO_ENDPOINT" + value = "/uo-open-data-mock.csv" + }, + { + name = "INFO_CAMERE_URL" + value = "https://icapiscl.infocamere.it" + }, + { + name = "INFO_CAMERE_INSTITUTIONS_BY_LEGAL_ENDPOINT" + value = "/ic/ce/wspa/wspa/rest/listaLegaleRappresentante/{taxId}" + }, + { + name = "INFO_CAMERE_AUTHENTICATION_ENDPOINT" + value = "/ic/ce/wspa/wspa/rest/authentication" + }, + { + name = "ANAC_FTP_IP" + value = "93.43.119.85" + }, + { + name = "ANAC_FTP_USER" + value = "PagoPA_user" + }, + { + name = "ANAC_FTP_DIRECTORY" + value = "/mnt/RegistroGestoriPiattaforme/Collaudo/" + } +] + +secrets_names = { + "BLOB_STORAGE_CONN_STRING" = "web-storage-connection-string" + "NATIONAL_REGISTRY_API_KEY" = "national-registry-api-key" + "APPLICATIONINSIGHTS_CONNECTION_STRING" = "appinsights-connection-string" +} + diff --git a/infra/container_apps/env/prod-pnpg/backend.ini b/infra/container_apps/env/prod-pnpg/backend.ini new file mode 100644 index 00000000..0343b4a0 --- /dev/null +++ b/infra/container_apps/env/prod-pnpg/backend.ini @@ -0,0 +1 @@ +subscription=PROD-SelfCare \ No newline at end of file diff --git a/infra/container_apps/env/prod-pnpg/backend.tfvars b/infra/container_apps/env/prod-pnpg/backend.tfvars new file mode 100644 index 00000000..3ea9fdf1 --- /dev/null +++ b/infra/container_apps/env/prod-pnpg/backend.tfvars @@ -0,0 +1,4 @@ +resource_group_name = "terraform-state-rg" +storage_account_name = "tfappprodselfcare" +container_name = "terraform-state" +key = "selfcare-pnpg-party-registry-proxy.container_app.tfstate" \ No newline at end of file diff --git a/infra/container_apps/env/prod-pnpg/terraform.tfvars b/infra/container_apps/env/prod-pnpg/terraform.tfvars new file mode 100644 index 00000000..72ed589f --- /dev/null +++ b/infra/container_apps/env/prod-pnpg/terraform.tfvars @@ -0,0 +1,92 @@ +is_pnpg = true +env_short = "p" + +tags = { + CreatedBy = "Terraform" + Environment = "Prod" + Owner = "SelfCare" + Source = "https://github.com/pagopa/selfcare-ms-party-registry-proxy" + CostCenter = "TS310 - PAGAMENTI & SERVIZI" +} + +container_app = { + min_replicas = 1 + max_replicas = 5 + scale_rules = [ + { + custom = { + metadata = { + "desiredReplicas" = "3" + "start" = "0 8 * * MON-FRI" + "end" = "0 19 * * MON-FRI" + "timezone" = "Europe/Rome" + } + type = "cron" + } + name = "cron-scale-rule" + } + ] + cpu = 1.25 + memory = "2.5Gi" +} + +app_settings = [ + { + name = "JAVA_TOOL_OPTIONS" + value = "-javaagent:applicationinsights-agent.jar" + }, + { + name = "APPLICATIONINSIGHTS_INSTRUMENTATION_LOGGING_LEVEL" + value = "OFF" + }, + { + name = "MS_PARTY_REGISTRY_PROXY_LOG_LEVEL" + value = "DEBUG" + }, + { + name = "MOCK_OPEN_DATA_ENABLED" + value = "false" + }, + { + name = "MOCK_OPEN_DATA_URL" + value = "https://selcpweupnpgcheckoutsa.z6.web.core.windows.net/resources" + }, + { + name = "MOCK_OPEN_DATA_INSTITUTION_ENDPOINT" + value = "/institutions-open-data-mock.csv" + }, + { + name = "MOCK_OPEN_DATA_CATEGORY_ENDPOINT" + value = "/categories-open-data-mock.csv" + }, + { + name = "MOCK_OPEN_DATA_AOO_ENDPOINT" + value = "/aoo-open-data-mock.csv" + }, + { + name = "MOCK_OPEN_DATA_UO_ENDPOINT" + value = "/uo-open-data-mock.csv" + }, + { + name = "INFO_CAMERE_URL" + value = "https://icapiscl.infocamere.it" + }, + { + name = "INFO_CAMERE_INSTITUTIONS_BY_LEGAL_ENDPOINT" + value = "/ic/ce/wspa/wspa/rest/listaLegaleRappresentante/{taxId}" + }, + { + name = "INFO_CAMERE_AUTHENTICATION_ENDPOINT" + value = "/ic/ce/wspa/wspa/rest/authentication" + }, + { + name = "NATIONAL_REGISTRIES_URL" + value = "https://api-selcpg.notifichedigitali.it/national-registries-private" + } +] + +secrets_names = { + "BLOB_STORAGE_CONN_STRING" = "web-storage-connection-string" + "NATIONAL_REGISTRY_API_KEY" = "national-registry-api-key" + "APPLICATIONINSIGHTS_CONNECTION_STRING" = "appinsights-connection-string" +} \ No newline at end of file diff --git a/infra/container_apps/env/prod/backend.ini b/infra/container_apps/env/prod/backend.ini new file mode 100644 index 00000000..0343b4a0 --- /dev/null +++ b/infra/container_apps/env/prod/backend.ini @@ -0,0 +1 @@ +subscription=PROD-SelfCare \ No newline at end of file diff --git a/infra/container_apps/env/prod/backend.tfvars b/infra/container_apps/env/prod/backend.tfvars new file mode 100644 index 00000000..c370c4ea --- /dev/null +++ b/infra/container_apps/env/prod/backend.tfvars @@ -0,0 +1,4 @@ +resource_group_name = "terraform-state-rg" +storage_account_name = "tfappprodselfcare" +container_name = "terraform-state" +key = "selfcare-party-registry-proxy.container_app.tfstate" \ No newline at end of file diff --git a/infra/container_apps/env/prod/terraform.tfvars b/infra/container_apps/env/prod/terraform.tfvars new file mode 100644 index 00000000..36163644 --- /dev/null +++ b/infra/container_apps/env/prod/terraform.tfvars @@ -0,0 +1,87 @@ +env_short = "p" + +tags = { + CreatedBy = "Terraform" + Environment = "Prod" + Owner = "SelfCare" + Source = "https://github.com/pagopa/selfcare-ms-party-registry-proxy" + CostCenter = "TS310 - PAGAMENTI & SERVIZI" +} + +container_app = { + min_replicas = 1 + max_replicas = 5 + scale_rules = [ + { + custom = { + metadata = { + "desiredReplicas" = "3" + "start" = "0 8 * * MON-FRI" + "end" = "0 19 * * MON-FRI" + "timezone" = "Europe/Rome" + } + type = "cron" + } + name = "cron-scale-rule" + } + ] + cpu = 1.25 + memory = "2.5Gi" +} + +app_settings = [ + { + name = "JAVA_TOOL_OPTIONS" + value = "-javaagent:applicationinsights-agent.jar" + }, + { + name = "APPLICATIONINSIGHTS_INSTRUMENTATION_LOGGING_LEVEL" + value = "OFF" + }, + { + name = "MS_PARTY_REGISTRY_PROXY_LOG_LEVEL" + value = "DEBUG" + }, + { + name = "MOCK_OPEN_DATA_ENABLED" + value = "false" + }, + { + name = "MOCK_OPEN_DATA_URL" + value = "https://selcdcheckoutsa.z6.web.core.windows.net/resources" + }, + { + name = "MOCK_OPEN_DATA_INSTITUTION_ENDPOINT" + value = "/institutions-open-data-mock.csv" + }, + { + name = "MOCK_OPEN_DATA_CATEGORY_ENDPOINT" + value = "/categories-open-data-mock.csv" + }, + { + name = "MOCK_OPEN_DATA_AOO_ENDPOINT" + value = "/aoo-open-data-mock.csv" + }, + { + name = "MOCK_OPEN_DATA_UO_ENDPOINT" + value = "/uo-open-data-mock.csv" + }, + { + name = "ANAC_FTP_IP" + value = "93.43.119.85" + }, + { + name = "ANAC_FTP_USER" + value = "PagoPA_user" + }, + { + name = "ANAC_FTP_DIRECTORY" + value = "/mnt/RegistroGestoriPiattaforme/Collaudo/" + } +] + +secrets_names = { + "BLOB_STORAGE_CONN_STRING" = "web-storage-connection-string" + "NATIONAL_REGISTRY_API_KEY" = "national-registry-api-key" + "APPLICATIONINSIGHTS_CONNECTION_STRING" = "appinsights-connection-string" +} \ No newline at end of file diff --git a/infra/container_apps/env/uat-pnpg/backend.ini b/infra/container_apps/env/uat-pnpg/backend.ini new file mode 100644 index 00000000..8cadfd65 --- /dev/null +++ b/infra/container_apps/env/uat-pnpg/backend.ini @@ -0,0 +1 @@ +subscription=UAT-SelfCare \ No newline at end of file diff --git a/infra/container_apps/env/uat-pnpg/backend.tfvars b/infra/container_apps/env/uat-pnpg/backend.tfvars new file mode 100644 index 00000000..bfcfb4bd --- /dev/null +++ b/infra/container_apps/env/uat-pnpg/backend.tfvars @@ -0,0 +1,4 @@ +resource_group_name = "terraform-state-rg" +storage_account_name = "tfappuatselfcare" +container_name = "terraform-state" +key = "selfcare-pnpg-party-registry-proxy.container_app.tfstate" \ No newline at end of file diff --git a/infra/container_apps/env/uat-pnpg/terraform.tfvars b/infra/container_apps/env/uat-pnpg/terraform.tfvars new file mode 100644 index 00000000..1dcadc94 --- /dev/null +++ b/infra/container_apps/env/uat-pnpg/terraform.tfvars @@ -0,0 +1,79 @@ +is_pnpg = true +env_short = "u" + +tags = { + CreatedBy = "Terraform" + Environment = "Uat" + Owner = "SelfCare" + Source = "https://github.com/pagopa/selfcare-ms-party-registry-proxy" + CostCenter = "TS310 - PAGAMENTI & SERVIZI" +} + +container_app = { + min_replicas = 1 + max_replicas = 2 + scale_rules = [] + cpu = 1 + memory = "2Gi" +} + +app_settings = [ + { + name = "JAVA_TOOL_OPTIONS" + value = "-javaagent:applicationinsights-agent.jar" + }, + { + name = "APPLICATIONINSIGHTS_INSTRUMENTATION_LOGGING_LEVEL" + value = "OFF" + }, + { + name = "MS_PARTY_REGISTRY_PROXY_LOG_LEVEL" + value = "DEBUG" + }, + { + name = "MOCK_OPEN_DATA_ENABLED" + value = "false" + }, + { + name = "MOCK_OPEN_DATA_URL" + value = "https://selcuweupnpgcheckoutsa.z6.web.core.windows.net/resources" + }, + { + name = "MOCK_OPEN_DATA_INSTITUTION_ENDPOINT" + value = "/institutions-open-data-mock.csv" + }, + { + name = "MOCK_OPEN_DATA_CATEGORY_ENDPOINT" + value = "/categories-open-data-mock.csv" + }, + { + name = "MOCK_OPEN_DATA_AOO_ENDPOINT" + value = "/aoo-open-data-mock.csv" + }, + { + name = "MOCK_OPEN_DATA_UO_ENDPOINT" + value = "/uo-open-data-mock.csv" + }, + { + name = "INFO_CAMERE_URL" + value = "https://icapiscl.infocamere.it" + }, + { + name = "INFO_CAMERE_INSTITUTIONS_BY_LEGAL_ENDPOINT" + value = "/ic/ce/wspa/wspa/rest/listaLegaleRappresentante/{taxId}" + }, + { + name = "INFO_CAMERE_AUTHENTICATION_ENDPOINT" + value = "/ic/ce/wspa/wspa/rest/authentication" + }, + { + name = "NATIONAL_REGISTRIES_URL" + value = "https://api-selcpg.uat.notifichedigitali.it/national-registries-private" + } +] + +secrets_names = { + "BLOB_STORAGE_CONN_STRING" = "web-storage-connection-string" + "NATIONAL_REGISTRY_API_KEY" = "national-registry-api-key" + "APPLICATIONINSIGHTS_CONNECTION_STRING" = "appinsights-connection-string" +} diff --git a/infra/container_apps/env/uat/backend.ini b/infra/container_apps/env/uat/backend.ini new file mode 100644 index 00000000..8cadfd65 --- /dev/null +++ b/infra/container_apps/env/uat/backend.ini @@ -0,0 +1 @@ +subscription=UAT-SelfCare \ No newline at end of file diff --git a/infra/container_apps/env/uat/backend.tfvars b/infra/container_apps/env/uat/backend.tfvars new file mode 100644 index 00000000..49548af2 --- /dev/null +++ b/infra/container_apps/env/uat/backend.tfvars @@ -0,0 +1,4 @@ +resource_group_name = "terraform-state-rg" +storage_account_name = "tfappuatselfcare" +container_name = "terraform-state" +key = "selfcare-party-registry-proxy.container_app.tfstate" \ No newline at end of file diff --git a/infra/container_apps/env/uat/terraform.tfvars b/infra/container_apps/env/uat/terraform.tfvars new file mode 100644 index 00000000..ed0d3b48 --- /dev/null +++ b/infra/container_apps/env/uat/terraform.tfvars @@ -0,0 +1,74 @@ +env_short = "u" + +tags = { + CreatedBy = "Terraform" + Environment = "Uat" + Owner = "SelfCare" + Source = "https://github.com/pagopa/selfcare-ms-party-registry-proxy" + CostCenter = "TS310 - PAGAMENTI & SERVIZI" +} + +container_app = { + min_replicas = 1 + max_replicas = 2 + scale_rules = [] + cpu = 1 + memory = "2Gi" +} + +app_settings = [ + { + name = "JAVA_TOOL_OPTIONS" + value = "-javaagent:applicationinsights-agent.jar" + }, + { + name = "APPLICATIONINSIGHTS_INSTRUMENTATION_LOGGING_LEVEL" + value = "OFF" + }, + { + name = "MS_PARTY_REGISTRY_PROXY_LOG_LEVEL" + value = "DEBUG" + }, + { + name = "MOCK_OPEN_DATA_ENABLED" + value = "false" + }, + { + name = "MOCK_OPEN_DATA_URL" + value = "https://selcucheckoutsa.z6.web.core.windows.net/resources" + }, + { + name = "MOCK_OPEN_DATA_INSTITUTION_ENDPOINT" + value = "/institutions-open-data-mock.csv" + }, + { + name = "MOCK_OPEN_DATA_CATEGORY_ENDPOINT" + value = "/categories-open-data-mock.csv" + }, + { + name = "MOCK_OPEN_DATA_AOO_ENDPOINT" + value = "/aoo-open-data-mock.csv" + }, + { + name = "MOCK_OPEN_DATA_UO_ENDPOINT" + value = "/uo-open-data-mock.csv" + }, + { + name = "ANAC_FTP_IP" + value = "93.43.119.85" + }, + { + name = "ANAC_FTP_USER" + value = "PagoPA_user" + }, + { + name = "ANAC_FTP_DIRECTORY" + value = "/mnt/RegistroGestoriPiattaforme/Collaudo/" + } +] + +secrets_names = { + "BLOB_STORAGE_CONN_STRING" = "web-storage-connection-string" + "NATIONAL_REGISTRY_API_KEY" = "national-registry-api-key" + "APPLICATIONINSIGHTS_CONNECTION_STRING" = "appinsights-connection-string" +} diff --git a/infra/container_apps/main.tf b/infra/container_apps/main.tf new file mode 100644 index 00000000..ba34c19c --- /dev/null +++ b/infra/container_apps/main.tf @@ -0,0 +1,25 @@ +terraform { + required_version = ">= 1.6.0" + + backend "azurerm" {} +} + +provider "azurerm" { + features {} +} + +module "container_app_dashboard_backend" { + source = "github.com/pagopa/selfcare-commons//infra/terraform-modules/container_app_microservice?ref=main" + + is_pnpg = var.is_pnpg + + env_short = var.env_short + container_app = var.container_app + container_app_name = "party-reg-proxy" + image_name = "selfcare-ms-party-registry-proxy" + image_tag = var.image_tag + app_settings = var.app_settings + secrets_names = var.secrets_names + + tags = var.tags +} diff --git a/infra/container_apps/terraform.sh b/infra/container_apps/terraform.sh new file mode 100644 index 00000000..e8fe0425 --- /dev/null +++ b/infra/container_apps/terraform.sh @@ -0,0 +1,69 @@ +#!/bin/bash + +set -e + +action=$1 +env=$2 +shift 2 +other=$@ +# must be subscription in lower case +subscription="" +BACKEND_CONFIG_PATH="./env/${ENV}/backend.tfvars" + +if [ -z "$action" ]; then + echo "Missed action: init, apply, plan" + exit 0 +fi + +if [ -z "$env" ]; then + echo "env should be: dev, uat or prod." + exit 0 +fi + +source "./env/$env/backend.ini" + +az account set -s "${subscription}" + +# if using cygwin, we have to transcode the WORKDIR +if [[ $WORKDIR == /cygdrive/* ]]; then + WORKDIR=$(cygpath -w $WORKDIR) +fi + +if [ "$action" = "force-unlock" ]; then + echo "🧭 terraform INIT in env: ${env}" + terraform init -reconfigure -backend-config="./env/$env/backend.tfvars" $other + warn_message="You are about to unlock Terraform's remote state. + This is a dangerous task you want to be aware of before going on. + This operation won't affect your infrastructure directly. + However, please note that you may lose pieces of information about partially-applied configurations. + + Please refer to the official Terraform documentation about the command: + https://developer.hashicorp.com/terraform/cli/commands/force-unlock" + printf "\n\e[33m%s\e[0m\n\n" "$warn_message" + + read -r -p "Please enter the LOCK ID: " lock_id + terraform force-unlock "$lock_id" + + exit 0 # this line prevents the script to go on +fi + +if echo "init plan apply refresh import output state taint destroy" | grep -w "$action" > /dev/null; then + if [ "$action" = "init" ]; then + echo "🧭 terraform INIT in env: ${env}" + terraform "$action" -reconfigure -backend-config="./env/$env/backend.tfvars" $other + elif [ "$action" = "output" ] || [ "$action" = "state" ] || [ "$action" = "taint" ]; then + # init terraform backend + echo "🧭 terraform (output|state|taint) launched with action: ${action} in env: ${env}" + terraform init -reconfigure -backend-config="./env/$env/backend.tfvars" + terraform "$action" $other + else + # init terraform backend + echo "🧭 terraform launched with action: ${action} in env: ${env}" + + terraform init -reconfigure -backend-config="./env/$env/backend.tfvars" + terraform "$action" -var-file="./env/$env/terraform.tfvars" $other + fi +else + echo "Action not allowed." + exit 1 +fi \ No newline at end of file diff --git a/infra/container_apps/variables.tf b/infra/container_apps/variables.tf new file mode 100644 index 00000000..b9baf169 --- /dev/null +++ b/infra/container_apps/variables.tf @@ -0,0 +1,57 @@ +variable "is_pnpg" { + type = bool + default = false + description = "(Optional) True if you want to apply changes to PNPG environment" +} + +variable "env_short" { + description = "Environment short name" + type = string + validation { + condition = ( + length(var.env_short) <= 1 + ) + error_message = "Max length is 1 chars." + } +} + +variable "tags" { + type = map(any) +} + +variable "container_app" { + description = "Container App configuration" + type = object({ + min_replicas = number + max_replicas = number + + scale_rules = list(object({ + name = string + custom = object({ + metadata = map(string) + type = string + }) + })) + + cpu = number + memory = string + }) +} + +variable "image_tag" { + type = string + default = "latest" + description = "Image tag to use for the container" +} + +variable "app_settings" { + type = list(object({ + name = string + value = string + })) +} + +variable "secrets_names" { + type = map(string) + description = "KeyVault secrets to get values from" +} From 69936639db2529d1ef2392e7969aeacaae85f349 Mon Sep 17 00:00:00 2001 From: Manuel Rafeli Date: Wed, 13 Mar 2024 10:33:09 +0100 Subject: [PATCH 15/20] [EC-125] fix: added JWT_TOKEN_PUBLIC_KEY as secret (#182) --- infra/container_apps/env/dev-pnpg/terraform.tfvars | 1 + infra/container_apps/env/dev/terraform.tfvars | 1 + infra/container_apps/env/prod-pnpg/terraform.tfvars | 1 + infra/container_apps/env/prod/terraform.tfvars | 1 + infra/container_apps/env/uat-pnpg/terraform.tfvars | 1 + infra/container_apps/env/uat/terraform.tfvars | 1 + 6 files changed, 6 insertions(+) diff --git a/infra/container_apps/env/dev-pnpg/terraform.tfvars b/infra/container_apps/env/dev-pnpg/terraform.tfvars index 515ef47d..64d5f3c7 100644 --- a/infra/container_apps/env/dev-pnpg/terraform.tfvars +++ b/infra/container_apps/env/dev-pnpg/terraform.tfvars @@ -76,4 +76,5 @@ secrets_names = { "BLOB_STORAGE_CONN_STRING" = "web-storage-connection-string" "NATIONAL_REGISTRY_API_KEY" = "national-registry-api-key" "APPLICATIONINSIGHTS_CONNECTION_STRING" = "appinsights-connection-string" + "JWT_TOKEN_PUBLIC_KEY" = "jwt-public-key" } diff --git a/infra/container_apps/env/dev/terraform.tfvars b/infra/container_apps/env/dev/terraform.tfvars index 4d3d4fe3..bafea582 100644 --- a/infra/container_apps/env/dev/terraform.tfvars +++ b/infra/container_apps/env/dev/terraform.tfvars @@ -83,5 +83,6 @@ secrets_names = { "BLOB_STORAGE_CONN_STRING" = "web-storage-connection-string" "NATIONAL_REGISTRY_API_KEY" = "national-registry-api-key" "APPLICATIONINSIGHTS_CONNECTION_STRING" = "appinsights-connection-string" + "JWT_TOKEN_PUBLIC_KEY" = "jwt-public-key" } diff --git a/infra/container_apps/env/prod-pnpg/terraform.tfvars b/infra/container_apps/env/prod-pnpg/terraform.tfvars index 72ed589f..dcbaed63 100644 --- a/infra/container_apps/env/prod-pnpg/terraform.tfvars +++ b/infra/container_apps/env/prod-pnpg/terraform.tfvars @@ -89,4 +89,5 @@ secrets_names = { "BLOB_STORAGE_CONN_STRING" = "web-storage-connection-string" "NATIONAL_REGISTRY_API_KEY" = "national-registry-api-key" "APPLICATIONINSIGHTS_CONNECTION_STRING" = "appinsights-connection-string" + "JWT_TOKEN_PUBLIC_KEY" = "jwt-public-key" } \ No newline at end of file diff --git a/infra/container_apps/env/prod/terraform.tfvars b/infra/container_apps/env/prod/terraform.tfvars index 36163644..40ca738f 100644 --- a/infra/container_apps/env/prod/terraform.tfvars +++ b/infra/container_apps/env/prod/terraform.tfvars @@ -84,4 +84,5 @@ secrets_names = { "BLOB_STORAGE_CONN_STRING" = "web-storage-connection-string" "NATIONAL_REGISTRY_API_KEY" = "national-registry-api-key" "APPLICATIONINSIGHTS_CONNECTION_STRING" = "appinsights-connection-string" + "JWT_TOKEN_PUBLIC_KEY" = "jwt-public-key" } \ No newline at end of file diff --git a/infra/container_apps/env/uat-pnpg/terraform.tfvars b/infra/container_apps/env/uat-pnpg/terraform.tfvars index 1dcadc94..e4c6f8aa 100644 --- a/infra/container_apps/env/uat-pnpg/terraform.tfvars +++ b/infra/container_apps/env/uat-pnpg/terraform.tfvars @@ -76,4 +76,5 @@ secrets_names = { "BLOB_STORAGE_CONN_STRING" = "web-storage-connection-string" "NATIONAL_REGISTRY_API_KEY" = "national-registry-api-key" "APPLICATIONINSIGHTS_CONNECTION_STRING" = "appinsights-connection-string" + "JWT_TOKEN_PUBLIC_KEY" = "jwt-public-key" } diff --git a/infra/container_apps/env/uat/terraform.tfvars b/infra/container_apps/env/uat/terraform.tfvars index ed0d3b48..b651d360 100644 --- a/infra/container_apps/env/uat/terraform.tfvars +++ b/infra/container_apps/env/uat/terraform.tfvars @@ -71,4 +71,5 @@ secrets_names = { "BLOB_STORAGE_CONN_STRING" = "web-storage-connection-string" "NATIONAL_REGISTRY_API_KEY" = "national-registry-api-key" "APPLICATIONINSIGHTS_CONNECTION_STRING" = "appinsights-connection-string" + "JWT_TOKEN_PUBLIC_KEY" = "jwt-public-key" } From 43ded574f05f303bee1e3c02ffbb9d1122410603 Mon Sep 17 00:00:00 2001 From: Manuel Rafeli Date: Fri, 15 Mar 2024 17:02:43 +0100 Subject: [PATCH 16/20] [SELC-4512] Added apim group BFF proxy for ca (#183) --- infra/container_apps/.terraform.lock.hcl | 34 ++++---- infra/container_apps/apim.tf | 77 +++++++++++++++++++ infra/container_apps/env/dev/terraform.tfvars | 3 + .../container_apps/env/prod/terraform.tfvars | 3 + infra/container_apps/env/uat/terraform.tfvars | 3 + infra/container_apps/variables.tf | 23 ++++++ 6 files changed, 123 insertions(+), 20 deletions(-) create mode 100644 infra/container_apps/apim.tf diff --git a/infra/container_apps/.terraform.lock.hcl b/infra/container_apps/.terraform.lock.hcl index bdcbd8fe..382ae194 100644 --- a/infra/container_apps/.terraform.lock.hcl +++ b/infra/container_apps/.terraform.lock.hcl @@ -5,10 +5,7 @@ provider "registry.terraform.io/azure/azapi" { version = "1.9.0" constraints = "~> 1.9.0" hashes = [ - "h1:Ow1rr5fYBGSkplH/kcXeWz9y2wA81BnhZ7vTBzJfAAg=", "h1:shpEoqcAbf+p6AvspiYO1YrX//8l1LV/owEcQpujWHw=", - "h1:yIJQVdnmGZdvS3yrw0M8ke9KiB/c0tjZ7KUXC46Hjx0=", - "h1:zaLH2Owmj61RX2G1Cy6VDy8Ttfzx+lDsSCyiu5cXkm4=", "zh:349569471fbf387feaaf8b88da1690669e201147c342f905e5eb03df42b3cf87", "zh:54346d5fb78cbad3eb7cfd96e1dd7ce4f78666cabaaccfec6ee9437476330018", "zh:64b799da915ea3a9a58ac7a926c6a31c59fd0d911687804d8e815eda88c5580b", @@ -25,24 +22,21 @@ provider "registry.terraform.io/azure/azapi" { } provider "registry.terraform.io/hashicorp/azurerm" { - version = "3.91.0" - constraints = "<= 3.91.0" + version = "3.85.0" + constraints = ">= 3.30.0, <= 3.85.0, <= 3.91.0" hashes = [ - "h1:8hMFuaTQsZIV69D0J/W+6hSlhRRDzYSpC0Eg9yWYF0o=", - "h1:FEDNnFv/uKI2+FQ+nDoyswEI3trJ3d7Fx2Cy7Ff4Rq8=", - "h1:Iv9CR+7491iozaK2AkCSAK2u4a2rPyJDQpyHijClj6Y=", - "h1:t0I5G4canK6UdlgHGfMV4rUNBPGdrMiIB01VGizlXB8=", - "zh:13928b71b1235783f3f877a799e28fb91e50512b051eb8ccb370500fc140cf3f", - "zh:3264341657e9ff3963d69b0fa088f64665349e2a29b2f3aeb4deee6d9d7584b7", - "zh:467a2ddd2eee26353db65e949bfbe533481ca0fb53c152724380b63a308f11b9", - "zh:6133e57087167b163180df3a77fab0c63b3e11609d139d39db8d3be3d6ec7ccd", - "zh:6df24730bc9247647ffb44832c3c64e45ab731dd83a3592d33d28235a453235a", - "zh:775aae148223a4a86e2dd25533a95a5fea4817085b6c5e643a7192453270cd68", - "zh:89d51148c7c123685d3e2f7e291888a3af009656e5c0ad66235a7c686ecb19d2", - "zh:9c89552051226eeb7c0fc66ad5aa57d1d0f5acc1d56afad06b6596707ae6c85e", - "zh:c4f3bc269837fa3b6ad803de2c7d1125dd791d78a521dcad2e7a63b905a13a53", - "zh:e48f05de1ffdcc998c5ff915570fb0557c7ac1d3af971dd76aff82e66d45bf06", - "zh:f1945716c7b9c23c25ca9fb4a68f27b6cfa25f5d235112c31f9412eba47f93c6", + "h1:BX6+m8KJATrpqlwBSyA63Fmwjvgwcs/v1qwB7B5GLCU=", + "zh:1ae6c0d82b5801641a17094b84f2ec1dcac699c1c4e40669a267511061414a34", + "zh:259e9386a43aabecb1205b0ceea2d205223637c09b66d806a89fed04f3343253", + "zh:4d940f9c14fece4f1d9219ac9d104202e5561bddc5024e5ac97f3f93eea20110", + "zh:530bca70b950e835f63c796c694106d701e5de0e2cf096fa35f08afd5c254594", + "zh:69e6b7f44ffbe0383b6485bb9db26781eb7869503889303e202967900a6b35ed", + "zh:8528e7d054254daae06eeb2bf343d566d3908a024fdfb5e515fbdbe0669c15eb", + "zh:98d66edfa89ed9a431ca37be384e5dfe7fa20bdc732c6e7d30f3f922ca3b29dc", + "zh:b8d37cedeffeb6bd37d4ec79fc2da19ed6b57d1ac08d835395dfa4fb3cfdf447", + "zh:bbc94e89cd6c0d59c2e5ed0bce852cac8435b6dc2e979691ee84af4c8b2c9bb8", + "zh:ceb4c624e8bb56bbcfe53e3c4ed4b4d27c3a5b62e5f4890b32c98b60b83c7827", + "zh:f08c5bf19eb25f668633964c6bfa823aa0ead785824082533c4a6cff3959e3d0", "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c", ] } diff --git a/infra/container_apps/apim.tf b/infra/container_apps/apim.tf new file mode 100644 index 00000000..5f561c94 --- /dev/null +++ b/infra/container_apps/apim.tf @@ -0,0 +1,77 @@ +locals { + apim_name = format("selc-%s-apim", var.env_short) + apim_rg = format("selc-%s-api-rg", var.env_short) + api_name = format("selc-%s-api-bff-proxy", var.env_short) +} + + +resource "azurerm_api_management_api_version_set" "apim_api_bff_proxy" { + count = var.is_pnpg ? 0 : 1 + name = local.api_name + resource_group_name = local.apim_rg + api_management_name = local.apim_name + display_name = "BFF Proxy API" + versioning_scheme = "Segment" +} + + +module "apim_api_bff_proxy" { + count = var.is_pnpg ? 0 : 1 + source = "github.com/pagopa/terraform-azurerm-v3.git//api_management_api?ref=v7.50.1" + name = local.api_name + api_management_name = local.apim_name + resource_group_name = local.apim_rg + version_set_id = azurerm_api_management_api_version_set.apim_api_bff_proxy[0].id + + description = "BFF Proxy API" + display_name = "BFF Proxy API" + path = "party-registry-proxy/v1" + protocols = [ + "https" + ] + + service_url = format("https://%s", var.private_dns_name) + + content_format = "openapi+json" + content_value = templatefile("../../app/src/main/resources/swagger/api-docs.json", { + url = format("%s.%s", var.api_dns_zone_prefix, var.external_domain) + basePath = "/party-registry-proxy/v1" + }) + + subscription_required = false + + xml_content = < + + + + https://${var.dns_zone_prefix}.${var.external_domain} + https://${var.api_dns_zone_prefix}.${var.external_domain} + http://localhost:3000 + + + GET + POST + PUT + DELETE + HEAD + OPTIONS + + +
*
+ + + + + + + + + + + + + + +XML +} diff --git a/infra/container_apps/env/dev/terraform.tfvars b/infra/container_apps/env/dev/terraform.tfvars index bafea582..a174f547 100644 --- a/infra/container_apps/env/dev/terraform.tfvars +++ b/infra/container_apps/env/dev/terraform.tfvars @@ -1,4 +1,7 @@ env_short = "d" +private_dns_name = "selc-d-party-reg-proxy-ca.gentleflower-c63e62fe.westeurope.azurecontainerapps.io" +dns_zone_prefix = "dev.selfcare" +api_dns_zone_prefix = "api.dev.selfcare" tags = { CreatedBy = "Terraform" diff --git a/infra/container_apps/env/prod/terraform.tfvars b/infra/container_apps/env/prod/terraform.tfvars index 40ca738f..557ada9c 100644 --- a/infra/container_apps/env/prod/terraform.tfvars +++ b/infra/container_apps/env/prod/terraform.tfvars @@ -1,4 +1,7 @@ env_short = "p" +private_dns_name = "selc-p-party-reg-proxy-ca.bluedune-cc0f8752.westeurope.azurecontainerapps.io" +dns_zone_prefix = "selfcare" +api_dns_zone_prefix = "api.selfcare" tags = { CreatedBy = "Terraform" diff --git a/infra/container_apps/env/uat/terraform.tfvars b/infra/container_apps/env/uat/terraform.tfvars index b651d360..6502b5d9 100644 --- a/infra/container_apps/env/uat/terraform.tfvars +++ b/infra/container_apps/env/uat/terraform.tfvars @@ -1,4 +1,7 @@ env_short = "u" +private_dns_name = "selc-u-party-reg-proxy-ca.calmsky-143987c1.westeurope.azurecontainerapps.io" +dns_zone_prefix = "uat.selfcare" +api_dns_zone_prefix = "api.uat.selfcare" tags = { CreatedBy = "Terraform" diff --git a/infra/container_apps/variables.tf b/infra/container_apps/variables.tf index b9baf169..68a6cb88 100644 --- a/infra/container_apps/variables.tf +++ b/infra/container_apps/variables.tf @@ -55,3 +55,26 @@ variable "secrets_names" { type = map(string) description = "KeyVault secrets to get values from" } + +variable "private_dns_name" { + type = string + description = "Container Apps private DNS record" +} + +variable "external_domain" { + type = string + default = "pagopa.it" + description = "Domain for delegation" +} + +variable "dns_zone_prefix" { + type = string + default = "selfcare" + description = "The dns subdomain." +} + +variable "api_dns_zone_prefix" { + type = string + default = "api.selfcare" + description = "The dns subdomain." +} From 27ed9827153927e4d96f688c760b952a8145b66d Mon Sep 17 00:00:00 2001 From: Manuel Rafeli Date: Mon, 18 Mar 2024 10:25:15 +0100 Subject: [PATCH 17/20] chore: deployment k8s replica 0 dev (#184) --- helm/pnpg/values-dev.yaml | 6 ++++-- helm/values-dev.yaml | 6 +++--- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/helm/pnpg/values-dev.yaml b/helm/pnpg/values-dev.yaml index 337857c9..f0a5a824 100644 --- a/helm/pnpg/values-dev.yaml +++ b/helm/pnpg/values-dev.yaml @@ -1,3 +1,5 @@ +replicaCount: 0 + image: repository: selcdcommonacr.azurecr.io/selfcaremspartyregistryproxy @@ -16,8 +18,8 @@ ingress: autoscaling: enabled: false - minReplicas: 1 - maxReplicas: 100 + minReplicas: 0 + maxReplicas: 0 targetCPUUtilizationPercentage: 80 # targetMemoryUtilizationPercentage: 80 diff --git a/helm/values-dev.yaml b/helm/values-dev.yaml index 58367575..1db70e40 100644 --- a/helm/values-dev.yaml +++ b/helm/values-dev.yaml @@ -1,4 +1,4 @@ -replicaCount: 2 +replicaCount: 0 image: repository: selcdacr.azurecr.io/selfcaremspartyregistryproxy @@ -26,8 +26,8 @@ resources: autoscaling: enabled: false - minReplicas: 1 - maxReplicas: 100 + minReplicas: 0 + maxReplicas: 0 targetCPUUtilizationPercentage: 80 # targetMemoryUtilizationPercentage: 80 From 7d1164de92d842d88a8f18bdfc1366d169c24b09 Mon Sep 17 00:00:00 2001 From: manuraf Date: Mon, 18 Mar 2024 14:55:56 +0100 Subject: [PATCH 18/20] chore: fix private_dns_name pnpg --- infra/container_apps/variables.tf | 1 + 1 file changed, 1 insertion(+) diff --git a/infra/container_apps/variables.tf b/infra/container_apps/variables.tf index 68a6cb88..d0421d77 100644 --- a/infra/container_apps/variables.tf +++ b/infra/container_apps/variables.tf @@ -58,6 +58,7 @@ variable "secrets_names" { variable "private_dns_name" { type = string + default = "selc-d-party-reg-proxy-ca.gentleflower-c63e62fe.westeurope.azurecontainerapps.io" description = "Container Apps private DNS record" } From 22ec3f9d62de2e06cd838562d154e4f7e88cea27 Mon Sep 17 00:00:00 2001 From: manuraf Date: Mon, 18 Mar 2024 16:30:07 +0100 Subject: [PATCH 19/20] chore: added geotaxonomy-api-key secret --- infra/container_apps/env/dev/terraform.tfvars | 1 + infra/container_apps/env/prod/terraform.tfvars | 1 + infra/container_apps/env/uat/terraform.tfvars | 1 + 3 files changed, 3 insertions(+) diff --git a/infra/container_apps/env/dev/terraform.tfvars b/infra/container_apps/env/dev/terraform.tfvars index a174f547..069d6cb1 100644 --- a/infra/container_apps/env/dev/terraform.tfvars +++ b/infra/container_apps/env/dev/terraform.tfvars @@ -87,5 +87,6 @@ secrets_names = { "NATIONAL_REGISTRY_API_KEY" = "national-registry-api-key" "APPLICATIONINSIGHTS_CONNECTION_STRING" = "appinsights-connection-string" "JWT_TOKEN_PUBLIC_KEY" = "jwt-public-key" + "GEOTAXONOMY_API_KEY" = "geotaxonomy-api-key" } diff --git a/infra/container_apps/env/prod/terraform.tfvars b/infra/container_apps/env/prod/terraform.tfvars index 557ada9c..364fad94 100644 --- a/infra/container_apps/env/prod/terraform.tfvars +++ b/infra/container_apps/env/prod/terraform.tfvars @@ -88,4 +88,5 @@ secrets_names = { "NATIONAL_REGISTRY_API_KEY" = "national-registry-api-key" "APPLICATIONINSIGHTS_CONNECTION_STRING" = "appinsights-connection-string" "JWT_TOKEN_PUBLIC_KEY" = "jwt-public-key" + "GEOTAXONOMY_API_KEY" = "geotaxonomy-api-key" } \ No newline at end of file diff --git a/infra/container_apps/env/uat/terraform.tfvars b/infra/container_apps/env/uat/terraform.tfvars index 6502b5d9..8bb60ebf 100644 --- a/infra/container_apps/env/uat/terraform.tfvars +++ b/infra/container_apps/env/uat/terraform.tfvars @@ -75,4 +75,5 @@ secrets_names = { "NATIONAL_REGISTRY_API_KEY" = "national-registry-api-key" "APPLICATIONINSIGHTS_CONNECTION_STRING" = "appinsights-connection-string" "JWT_TOKEN_PUBLIC_KEY" = "jwt-public-key" + "GEOTAXONOMY_API_KEY" = "geotaxonomy-api-key" } From 09c98e58875be5b5a302bfec81cbf5c721d3a009 Mon Sep 17 00:00:00 2001 From: manuraf Date: Tue, 19 Mar 2024 17:53:32 +0100 Subject: [PATCH 20/20] chore: create release pipeline --- .github/workflows/create_release_branch.yml | 43 +++++++++++++++++++++ 1 file changed, 43 insertions(+) create mode 100644 .github/workflows/create_release_branch.yml diff --git a/.github/workflows/create_release_branch.yml b/.github/workflows/create_release_branch.yml new file mode 100644 index 00000000..0dbac08f --- /dev/null +++ b/.github/workflows/create_release_branch.yml @@ -0,0 +1,43 @@ +name: Create Release branch + +on: + workflow_dispatch: + inputs: + version-bump: + required: false + type: choice + options: + - major + - minor + - patch + default: patch + description: 'Major, Minor, or Patch version bump' + +jobs: + create_branch: + name: 'Create Release Branch' + runs-on: ubuntu-20.04 + permissions: + contents: write + actions: write + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + steps: + + - name: Create Release Branch + uses: pagopa/selfcare-commons/github-actions-template/create-release@main + with: + version_bump: ${{ inputs.version-bump }} + github_path_token: ${{ secrets.GH_PAT_VARIABLES }} + + - name: Trigger release ms UAT Release + run: | + gh workflow run release_ms.yml \ + --ref $NEW_BRANCH_NAME + + - name: Trigger PNPG release ms UAT Release + run: | + gh workflow run release_ms_pnpg.yml \ + --ref $NEW_BRANCH_NAME +