From 626f0f0de9a33c00ccc6a8f5aa88ae46dad83afe Mon Sep 17 00:00:00 2001
From: Francesco Cesareo <cesareo.francesco@gmail.com>
Date: Wed, 18 Dec 2024 17:58:17 +0100
Subject: [PATCH 1/2] chore: [PAGOPA-2505] fix private endpoint storage account
 WISP (#2684)

* improvements

* Revert "improvements"

This reverts commit 367d0415addbbb0630a53856115f6a4e3216740e.

* fix storage account private endpoints
---
 .../03_storage_account_wisp_converter.tf      | 56 +++++++++++++++++++
 .../nodo-common/env/weu-uat/terraform.tfvars  |  2 +-
 2 files changed, 57 insertions(+), 1 deletion(-)

diff --git a/src/domains/nodo-common/03_storage_account_wisp_converter.tf b/src/domains/nodo-common/03_storage_account_wisp_converter.tf
index 840b0dcca4..591a71aefd 100644
--- a/src/domains/nodo-common/03_storage_account_wisp_converter.tf
+++ b/src/domains/nodo-common/03_storage_account_wisp_converter.tf
@@ -70,6 +70,34 @@ resource "azurerm_storage_table" "wisp_converter_table" {
   ]
 }
 
+resource "azurerm_private_endpoint" "wispconv_private_endpoint_table" {
+  count = var.env_short == "d" ? 0 : var.create_wisp_converter ? 1 : 0
+
+  name                = "${local.project}-wisp-converter-private-endpoint-table"
+  location            = var.location
+  resource_group_name = azurerm_resource_group.wisp_converter_rg[0].name
+  subnet_id           = data.azurerm_subnet.private_endpoint_snet.id
+
+  private_dns_zone_group {
+    name                 = "${local.project}-wisp-converter-private-dns-zone-group-table"
+    private_dns_zone_ids = [data.azurerm_private_dns_zone.privatelink_table_azure_com.id]
+  }
+
+  private_service_connection {
+    name                           = "${local.project}-wisp-converter-private-service-connection-table"
+    private_connection_resource_id = module.wisp_converter_storage_account[0].id
+    is_manual_connection           = false
+    subresource_names              = ["table"]
+  }
+
+  tags = var.tags
+
+  depends_on = [
+    azurerm_resource_group.wisp_converter_rg,
+    module.wisp_converter_storage_account
+  ]
+}
+
 # blob wispconverter
 resource "azurerm_storage_container" "wisp_converter_container" {
   count                = var.create_wisp_converter ? 1 : 0
@@ -80,3 +108,31 @@ resource "azurerm_storage_container" "wisp_converter_container" {
     module.wisp_converter_storage_account
   ]
 }
+
+resource "azurerm_private_endpoint" "wispconv_private_endpoint_blob" {
+  count = var.env_short == "d" ? 0 : var.create_wisp_converter ? 1 : 0
+
+  name                = "${local.project}-wisp-converter-private-endpoint-blob"
+  location            = var.location
+  resource_group_name = azurerm_resource_group.wisp_converter_rg[0].name
+  subnet_id           = data.azurerm_subnet.private_endpoint_snet.id
+
+  private_dns_zone_group {
+    name                 = "${local.project}-wisp-converter-private-dns-zone-group-blob"
+    private_dns_zone_ids = [data.azurerm_private_dns_zone.privatelink_blob_azure_com.id]
+  }
+
+  private_service_connection {
+    name                           = "${local.project}-wisp-converter-private-service-connection-blob"
+    private_connection_resource_id = module.wisp_converter_storage_account[0].id
+    is_manual_connection           = false
+    subresource_names              = ["blob"]
+  }
+
+  tags = var.tags
+
+  depends_on = [
+    azurerm_resource_group.wisp_converter_rg,
+    module.wisp_converter_storage_account
+  ]
+}
diff --git a/src/domains/nodo-common/env/weu-uat/terraform.tfvars b/src/domains/nodo-common/env/weu-uat/terraform.tfvars
index 20f7ad7c57..1bd229f567 100644
--- a/src/domains/nodo-common/env/weu-uat/terraform.tfvars
+++ b/src/domains/nodo-common/env/weu-uat/terraform.tfvars
@@ -276,7 +276,7 @@ wisp_converter_storage_account = {
   blob_versioning_enabled       = false
   advanced_threat_protection    = true
   blob_delete_retention_days    = 90
-  public_network_access_enabled = true
+  public_network_access_enabled = false
   backup_enabled                = false
   backup_retention_days         = 0
 }

From 21d602cfefd04fba7d9e1e834a960b6d26e01031 Mon Sep 17 00:00:00 2001
From: gioelemella <128155546+gioelemella@users.noreply.github.com>
Date: Wed, 18 Dec 2024 17:58:52 +0100
Subject: [PATCH 2/2] fix: Remove deprecated spontaneous payment api definition
 (#2671)

removed deprecated spontaneous payment api

Co-authored-by: pasqualespica <pasqualespica@gmail.com>
Co-authored-by: Pasquale Spica <36746022+pasqualespica@users.noreply.github.com>
---
 src/domains/gps-app/04_apim_gps.tf | 55 ------------------------------
 1 file changed, 55 deletions(-)

diff --git a/src/domains/gps-app/04_apim_gps.tf b/src/domains/gps-app/04_apim_gps.tf
index efe179692a..a1d1676ad3 100644
--- a/src/domains/gps-app/04_apim_gps.tf
+++ b/src/domains/gps-app/04_apim_gps.tf
@@ -19,58 +19,3 @@ module "apim_gps_product" {
 
   policy_xml = file("./api_product/_base_policy_no_forbid.xml")
 }
-
-#################
-##    API GPS  ##
-#################
-
-#################
-# Depreacted ⚠️⚠️⚠️⚠️⚠️⚠️⚠️ see here https://github.com/pagopa/pagopa-spontaneous-payments/blob/378d08505a12e1dbd83d69c2ea987a2a3ee475a1/infra/04_apim_api.tf#L4
-#################
-
-locals {
-  apim_spontaneous_payments_service_api = {
-    display_name          = "GPS pagoPA - spontaneous payments service API"
-    description           = "API to support spontaneous payments service"
-    path                  = "gps/spontaneous-payments-service"
-    subscription_required = false
-    service_url           = null
-  }
-}
-
-resource "azurerm_api_management_api_version_set" "api_gps_api" {
-
-  name                = format("%s-spontaneous-payments-service-api", var.env_short)
-  resource_group_name = local.pagopa_apim_rg
-  api_management_name = local.pagopa_apim_name
-  display_name        = local.apim_spontaneous_payments_service_api.display_name
-  versioning_scheme   = "Segment"
-}
-
-
-module "apim_api_gps_api_v1" {
-  source = "./.terraform/modules/__v3__/api_management_api"
-
-  name                  = format("%s-spontaneous-payments-service-api", local.project)
-  api_management_name   = local.pagopa_apim_name
-  resource_group_name   = local.pagopa_apim_rg
-  product_ids           = [module.apim_gps_product.product_id]
-  subscription_required = local.apim_spontaneous_payments_service_api.subscription_required
-  version_set_id        = azurerm_api_management_api_version_set.api_gps_api.id
-  api_version           = "v1"
-
-  description  = local.apim_spontaneous_payments_service_api.description
-  display_name = local.apim_spontaneous_payments_service_api.display_name
-  path         = local.apim_spontaneous_payments_service_api.path
-  protocols    = ["https"]
-  service_url  = local.apim_spontaneous_payments_service_api.service_url
-
-  content_format = "openapi"
-  content_value = templatefile("./api/spontaneous-payments-service/v1/_openapi.json.tpl", {
-    host = local.apim_hostname
-  })
-
-  xml_content = templatefile("./api/spontaneous-payments-service/v1/_base_policy.xml", {
-    hostname = local.gps_hostname
-  })
-}