Merge branch 'main' into PPABV-98-auth-qi-fdr

pagopa · Dec 20, 2024 · a275c16 · a275c16
2 parents db431fb + d9a2026
commit a275c16
Show file tree

Hide file tree

Showing 58 changed files with 982 additions and 591 deletions.
diff --git a/src/aks-leonardo/env/itn-prod/terraform.tfvars b/src/aks-leonardo/env/itn-prod/terraform.tfvars
@@ -43,7 +43,7 @@ aks_private_cluster_enabled  = true
 aks_alerts_enabled           = false
 aks_kubernetes_version       = "1.29.4"
 aks_sku_tier                 = "Standard"
-aks_enable_workload_identity = false
+aks_enable_workload_identity = true
 
 aks_system_node_pool = {
   name            = "papaksleosys",

diff --git a/src/core/README.md b/src/core/README.md
@@ -245,14 +245,9 @@
 | [azurerm_key_vault_certificate.buyerbanks_cert](https://registry.terraform.io/providers/hashicorp/azurerm/2.99.0/docs/resources/key_vault_certificate) | resource |
 | [azurerm_monitor_autoscale_setting.buyerbanks_function](https://registry.terraform.io/providers/hashicorp/azurerm/2.99.0/docs/resources/monitor_autoscale_setting) | resource |
 | [azurerm_monitor_scheduled_query_rules_alert.buyerbanks_update_alert](https://registry.terraform.io/providers/hashicorp/azurerm/2.99.0/docs/resources/monitor_scheduled_query_rules_alert) | resource |
-| [azurerm_monitor_scheduled_query_rules_alert.pm_payment_gateway_availability](https://registry.terraform.io/providers/hashicorp/azurerm/2.99.0/docs/resources/monitor_scheduled_query_rules_alert) | resource |
-| [azurerm_monitor_scheduled_query_rules_alert.pm_restapi_availability](https://registry.terraform.io/providers/hashicorp/azurerm/2.99.0/docs/resources/monitor_scheduled_query_rules_alert) | resource |
-| [azurerm_monitor_scheduled_query_rules_alert.pm_restapi_cd_availability](https://registry.terraform.io/providers/hashicorp/azurerm/2.99.0/docs/resources/monitor_scheduled_query_rules_alert) | resource |
-| [azurerm_monitor_scheduled_query_rules_alert.pm_wallet_availability](https://registry.terraform.io/providers/hashicorp/azurerm/2.99.0/docs/resources/monitor_scheduled_query_rules_alert) | resource |
 | [azurerm_private_dns_zone.privatelink_postgres_database_azure_com](https://registry.terraform.io/providers/hashicorp/azurerm/2.99.0/docs/resources/private_dns_zone) | resource |
 | [azurerm_private_dns_zone_virtual_network_link.privatelink_postgres_database_azure_com_vnet](https://registry.terraform.io/providers/hashicorp/azurerm/2.99.0/docs/resources/private_dns_zone_virtual_network_link) | resource |
 | [azurerm_resource_group.buyerbanks_rg](https://registry.terraform.io/providers/hashicorp/azurerm/2.99.0/docs/resources/resource_group) | resource |
-| [azurerm_resource_group.payment_manager_monitor_rg](https://registry.terraform.io/providers/hashicorp/azurerm/2.99.0/docs/resources/resource_group) | resource |
 | [azurerm_storage_container.banks](https://registry.terraform.io/providers/hashicorp/azurerm/2.99.0/docs/resources/storage_container) | resource |
 | [azurerm_storage_management_policy.buyerbanks_storage_lifeclycle_policies](https://registry.terraform.io/providers/hashicorp/azurerm/2.99.0/docs/resources/storage_management_policy) | resource |
 | [null_resource.decoupler_configuration_from_json_2_xml](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource |

diff --git a/src/core/api/payment_manager_api/pm-per-nodo/v2/wisp-sendpaymentresult-uat.xml.tpl b/src/core/api/payment_manager_api/pm-per-nodo/v2/wisp-sendpaymentresult-uat.xml.tpl
@@ -0,0 +1,64 @@
+<!--
+    IMPORTANT:
+    - Policy elements can appear only within the <inbound>, <outbound>, <backend> section elements.
+    - To apply a policy to the incoming request (before it is forwarded to the backend service), place a corresponding policy element within the <inbound> section element.
+    - To apply a policy to the outgoing response (before it is sent back to the caller), place a corresponding policy element within the <outbound> section element.
+    - To add a policy, place the cursor at the desired insertion point and select a policy from the sidebar.
+    - To remove a policy, delete the corresponding policy statement from the policy document.
+    - Position the <base> element within a section element to inherit all policies from the corresponding section element in the enclosing scope.
+    - Remove the <base> element to prevent inheriting policies from the corresponding section element in the enclosing scope.
+    - Policies are applied in the order of their appearance, from the top down.
+    - Comments within policy elements are not supported and may disappear. Place your comments between policy elements or at a higher level scope.
+-->
+
+<!-- policy closePaymentV2 & sendPaymentResultV2 :
+- On outbound call /receipt/KO wisp-conv
+- On inbound  call /receipt/timer wisp-conv
+-->
+
+<policies>
+  <inbound>
+    <base />
+    <set-variable name="clientId" value="@(context.Request.OriginalUrl.Query.GetValueOrDefault("clientId"))" />
+    <choose>
+        <when condition="@("ecomm".Equals(context.Variables["clientId"]))">
+          <set-backend-service base-url="@("https://${ecommerce_ingress_hostname}/pagopa-ecommerce-transactions-service/")" />
+        </when>
+        <otherwise>
+            <set-header name="Ocp-Apim-Subscription-Key" exists-action="override">
+                <value>{{ecommerce-dev-sendpaymentresult-subscription-key-value}}</value>
+            </set-header>
+            <set-backend-service base-url="https://api.dev.platform.pagopa.it/ecommerce/transaction-user-receipts-service/v1" />
+        </otherwise>
+    </choose>
+    <!-- policy for WISP Dismantling -->
+    <set-variable name="enable_wisp_dismantling_switch" value="{{enable-wisp-dismantling-switch}}" />
+    <choose>
+      <when condition="@(context.Variables.GetValueOrDefault<string>("enable_wisp_dismantling_switch", "").Equals("true"))">
+        <set-variable name="primitive-ko" value="sendPaymentResultV2" />
+        <set-variable name="request-body" value="@(context.Request.Body.As<JObject>(preserveContent: true))" />
+        <set-variable name="wisp-payment-tokens" value="@{
+                try {
+                              JObject request = (JObject) context.Variables["request-body"];
+                              JArray payments = (JArray) request.Property("payments").Value;
+                              return string.Join(",", payments.Select(payment => payment["paymentToken"].ToString()));
+        } catch (Exception e) {
+        return "";
+        }
+        }" />
+        <include-fragment fragment-id="wisp-disable-payment-token-timer" />
+      </when>
+    </choose>
+</inbound>
+<backend>
+<base />
+</backend>
+<outbound>
+<base />
+<!-- fragment necessary for WISP Dismantling -->
+<include-fragment fragment-id="wisp-receipt-ko" />
+</outbound>
+<on-error>
+<base />
+</on-error>
+  </policies>
diff --git a/src/core/api/payment_manager_api/pm-per-nodo/v2/wisp-sendpaymentresult.xml.tpl b/src/core/api/payment_manager_api/pm-per-nodo/v2/wisp-sendpaymentresult.xml.tpl
@@ -19,13 +19,7 @@
 <policies>
   <inbound>
     <base />
-
-    <set-variable name="transactionId" value="@(context.Request.MatchedParameters["transactionId"])" />
-    <set-variable name="backend-base-url" value="@($"{{pm-host}}/pp-restapi-CD/v2")" />
-    <set-variable name="ecommerce_url" value="${ecommerce_ingress_hostname}" />
-    <set-variable name="body_value" value="@(context.Request.Body.As<string>(preserveContent: true))" />
-    <set-backend-service base-url="@((string)context.Variables["backend-base-url"])" />
-
+    <set-backend-service base-url="@("https://${ecommerce_ingress_hostname}/pagopa-ecommerce-transactions-service/")" />
     <!-- policy for WISP Dismantling -->
     <set-variable name="enable_wisp_dismantling_switch" value="{{enable-wisp-dismantling-switch}}" />
     <choose>
@@ -52,26 +46,6 @@
 <base />
 <!-- fragment necessary for WISP Dismantling -->
 <include-fragment fragment-id="wisp-receipt-ko" />
-
-<choose>
-  <when condition="@(context.Response.StatusCode == 200)">
-    <set-variable name="outcome" value="@(((string)((JObject)context.Response.Body.As<JObject>(preserveContent: true))["outcome"]))" />
-  </when>
-</choose>
-<choose>
-  <when condition="@(context.Response.StatusCode != 200 || !((string)context.Variables.GetValueOrDefault("outcome","")).Equals("OK"))">
-  <!-- addUserReceipt for ecommerce -->
-  <send-request ignore-error="true" timeout="10" response-variable-name="test-transaction" mode="new">
-    <set-url>@($"https://{(string)context.Variables["ecommerce_url"]}/pagopa-ecommerce-transactions-service/transactions/{(string)context.Variables["transactionId"]}/user-receipts")</set-url>
-    <set-method>POST</set-method>
-    <set-header name="Content-Type" exists-action="override">
-      <value>application/json</value>
-    </set-header>
-    <set-body>@($"{(string)context.Variables["body_value"]}")</set-body>
-  </send-request>
-  <return-response response-variable-name="test-transaction" />
-</when>
-</choose>
 </outbound>
 <on-error>
 <base />

diff --git a/src/core/apim_payment_manager.tf b/src/core/apim_payment_manager.tf
@@ -933,7 +933,7 @@ resource "azurerm_api_management_api_operation_policy" "send_payment_result_api_
   resource_group_name = data.azurerm_resource_group.rg_api.name
   api_management_name = data.azurerm_api_management.apim_migrated[0].name
   operation_id        = "addUserReceipt"
-  xml_content = templatefile("./api/payment_manager_api/pm-per-nodo/v2/wisp-sendpaymentresult.xml.tpl", {
+  xml_content = templatefile(var.env_short == "u" ? "./api/payment_manager_api/pm-per-nodo/v2/wisp-sendpaymentresult-uat.xml.tpl" : "./api/payment_manager_api/pm-per-nodo/v2/wisp-sendpaymentresult.xml.tpl", {
     host                       = local.api_domain,
     ecommerce_ingress_hostname = var.ecommerce_ingress_hostname
   })

diff --git a/src/core/payment_manager_monitor.tf b/src/core/payment_manager_monitor.tf
diff --git a/src/domains/ecommerce-app/04_apim_ecommerce.tf b/src/domains/ecommerce-app/04_apim_ecommerce.tf
@@ -658,3 +658,22 @@ module "apim_ecommerce_user_stats_service_api_v1" {
     hostname = local.ecommerce_hostname
   })
 }
+
+#################
+## NAMED VALUE ##
+#################
+data "azurerm_key_vault_secret" "ecommerce_dev_sendpaymentresult_subscription_key" {
+  count        = var.env_short == "u" ? 1 : 0
+  name         = "ecommerce-dev-sendpaymentresult-subscription-key"
+  key_vault_id = data.azurerm_key_vault.kv.id
+}
+
+resource "azurerm_api_management_named_value" "ecommerce_dev_sendpaymentresult_subscription_key_named_value" {
+  count               = var.env_short == "u" ? 1 : 0
+  name                = "ecommerce-dev-sendpaymentresult-subscription-key-value"
+  api_management_name = local.pagopa_apim_name
+  resource_group_name = local.pagopa_apim_rg
+  display_name        = "ecommerce-dev-sendpaymentresult-subscription-key-value"
+  value               = data.azurerm_key_vault_secret.ecommerce_dev_sendpaymentresult_subscription_key[0].value
+  secret              = true
+}