From 60b467a98c238cc2df6775e88e6f3aa8d7012ea8 Mon Sep 17 00:00:00 2001 From: Manuel Rafeli Date: Mon, 4 Nov 2024 17:14:54 +0100 Subject: [PATCH] [SELC-5899] feat: change Namirial SWS URL using container resource group (#588) Co-authored-by: Giulia Tremolada --- .../namirial-sign/container_group.tf | 2 +- infra/container_apps/namirial-sign/data.tf | 2 +- .../namirial-sign/env/dev/terraform.tfvars | 2 +- .../namirial-sign/env/prod/terraform.tfvars | 10 ++- .../namirial-sign/env/uat/terraform.tfvars | 2 +- infra/container_apps/namirial-sign/locals.tf | 2 +- .../container_apps/namirial-sign/variables.tf | 2 +- .../onboarding-functions/.terraform.lock.hcl | 83 +++++++++++++++++++ .../env/dev/terraform.tfvars | 14 ++-- .../env/prod/terraform.tfvars | 2 +- .../env/uat/terraform.tfvars | 30 +++---- .../crypto/client/NamirialHttpClient.java | 7 +- 12 files changed, 123 insertions(+), 35 deletions(-) create mode 100644 infra/functions/onboarding-functions/.terraform.lock.hcl diff --git a/infra/container_apps/namirial-sign/container_group.tf b/infra/container_apps/namirial-sign/container_group.tf index eed806042..e924534b6 100644 --- a/infra/container_apps/namirial-sign/container_group.tf +++ b/infra/container_apps/namirial-sign/container_group.tf @@ -1,5 +1,5 @@ resource "azurerm_container_group" "namirial_sws_cg" { - + count = var.enable_sws ? 1 : 0 name = "${local.project}-namirial-sws-cg" location = data.azurerm_resource_group.rg_contracts_storage.location diff --git a/infra/container_apps/namirial-sign/data.tf b/infra/container_apps/namirial-sign/data.tf index cccb29246..180333d66 100644 --- a/infra/container_apps/namirial-sign/data.tf +++ b/infra/container_apps/namirial-sign/data.tf @@ -1,5 +1,5 @@ data "azurerm_resource_group" "rg_contracts_storage" { - name = "${local.project}-contracts-storage-rg" + name = "${local.project}-contracts-storage-rg" } data "azurerm_key_vault" "key_vault" { diff --git a/infra/container_apps/namirial-sign/env/dev/terraform.tfvars b/infra/container_apps/namirial-sign/env/dev/terraform.tfvars index 00b9d38a5..dcbeca609 100644 --- a/infra/container_apps/namirial-sign/env/dev/terraform.tfvars +++ b/infra/container_apps/namirial-sign/env/dev/terraform.tfvars @@ -18,7 +18,7 @@ container_config = { } environment_variables = { - SPRINGDOC_API_DOCS_ENABLED=true + SPRINGDOC_API_DOCS_ENABLED = true } enable_sws = true diff --git a/infra/container_apps/namirial-sign/env/prod/terraform.tfvars b/infra/container_apps/namirial-sign/env/prod/terraform.tfvars index ede891f82..5956f9c6b 100644 --- a/infra/container_apps/namirial-sign/env/prod/terraform.tfvars +++ b/infra/container_apps/namirial-sign/env/prod/terraform.tfvars @@ -1,7 +1,7 @@ -prefix = "selc" -env_short = "p" -suffix_increment = "-002" -cae_name = "cae-002" +prefix = "selc" +env_short = "p" +suffix_increment = "-002" +cae_name = "cae-002" tags = { CreatedBy = "Terraform" @@ -17,3 +17,5 @@ container_config = { } enable_sws = true + +environment_variables = {} diff --git a/infra/container_apps/namirial-sign/env/uat/terraform.tfvars b/infra/container_apps/namirial-sign/env/uat/terraform.tfvars index 1f8c0a53c..da46f070e 100644 --- a/infra/container_apps/namirial-sign/env/uat/terraform.tfvars +++ b/infra/container_apps/namirial-sign/env/uat/terraform.tfvars @@ -17,7 +17,7 @@ container_config = { } environment_variables = { - SPRINGDOC_API_DOCS_ENABLED=true + SPRINGDOC_API_DOCS_ENABLED = true } enable_sws = true diff --git a/infra/container_apps/namirial-sign/locals.tf b/infra/container_apps/namirial-sign/locals.tf index 09f035e2c..7e50687a3 100644 --- a/infra/container_apps/namirial-sign/locals.tf +++ b/infra/container_apps/namirial-sign/locals.tf @@ -1,3 +1,3 @@ locals { - project = "selc-${var.env_short}" + project = "selc-${var.env_short}" } \ No newline at end of file diff --git a/infra/container_apps/namirial-sign/variables.tf b/infra/container_apps/namirial-sign/variables.tf index 305d77bac..35ff1259f 100644 --- a/infra/container_apps/namirial-sign/variables.tf +++ b/infra/container_apps/namirial-sign/variables.tf @@ -26,7 +26,7 @@ variable "tags" { } variable "enable_sws" { - type = bool + type = bool default = false } diff --git a/infra/functions/onboarding-functions/.terraform.lock.hcl b/infra/functions/onboarding-functions/.terraform.lock.hcl new file mode 100644 index 000000000..cf0aeb0bc --- /dev/null +++ b/infra/functions/onboarding-functions/.terraform.lock.hcl @@ -0,0 +1,83 @@ +# This file is maintained automatically by "terraform init". +# Manual edits may be lost in future updates. + +provider "registry.terraform.io/hashicorp/azuread" { + version = "2.30.0" + constraints = "2.30.0" + hashes = [ + "h1:Uw4TcmJBEJ71h+oCwwidlkk5jFpyFRDPAFCMs/bT/cw=", + "zh:1c3e89cf19118fc07d7b04257251fc9897e722c16e0a0df7b07fcd261f8c12e7", + "zh:2e62c193030e04ebb10cc0526119cf69824bf2d7e4ea5a2f45bd5d5fb7221d36", + "zh:2f3c7a35257332d68b778cefc5201a5f044e4914dd03794a4da662ddfe756483", + "zh:35d0d3a1b58fdb8b8c4462d6b7e7016042da43ea9cc734ce897f52a73407d9b0", + "zh:47ede0cd0206ec953d40bf4a80aa6e59af64e26cbbd877614ac424533dbb693b", + "zh:48c190307d4d42ea67c9b8cc544025024753f46cef6ea64db84735e7055a72da", + "zh:6fff9b2c6a962252a70a15b400147789ab369b35a781e9d21cce3804b04d29af", + "zh:7646980cf3438bff29c91ffedb74458febbb00a996638751fbd204ab1c628c9b", + "zh:77aa2fa7ca6d5446afa71d4ff83cb87b70a2f3b72110fc442c339e8e710b2928", + "zh:e20b2b2c37175b89dd0db058a096544d448032e28e3b56e2db368343533a9684", + "zh:eab175b1dfe9865ad9404dccb6d5542899f8c435095aa7c679314b811c717ce7", + "zh:efc862bd78c55d2ff089729e2a34c1831ab4b0644fc11b36ee4ebed00a4797ba", + ] +} + +provider "registry.terraform.io/hashicorp/azurerm" { + version = "3.85.0" + constraints = ">= 3.30.0, >= 3.76.0, <= 3.85.0, <= 3.86.0, <= 3.97.1" + hashes = [ + "h1:BX6+m8KJATrpqlwBSyA63Fmwjvgwcs/v1qwB7B5GLCU=", + "zh:1ae6c0d82b5801641a17094b84f2ec1dcac699c1c4e40669a267511061414a34", + "zh:259e9386a43aabecb1205b0ceea2d205223637c09b66d806a89fed04f3343253", + "zh:4d940f9c14fece4f1d9219ac9d104202e5561bddc5024e5ac97f3f93eea20110", + "zh:530bca70b950e835f63c796c694106d701e5de0e2cf096fa35f08afd5c254594", + "zh:69e6b7f44ffbe0383b6485bb9db26781eb7869503889303e202967900a6b35ed", + "zh:8528e7d054254daae06eeb2bf343d566d3908a024fdfb5e515fbdbe0669c15eb", + "zh:98d66edfa89ed9a431ca37be384e5dfe7fa20bdc732c6e7d30f3f922ca3b29dc", + "zh:b8d37cedeffeb6bd37d4ec79fc2da19ed6b57d1ac08d835395dfa4fb3cfdf447", + "zh:bbc94e89cd6c0d59c2e5ed0bce852cac8435b6dc2e979691ee84af4c8b2c9bb8", + "zh:ceb4c624e8bb56bbcfe53e3c4ed4b4d27c3a5b62e5f4890b32c98b60b83c7827", + "zh:f08c5bf19eb25f668633964c6bfa823aa0ead785824082533c4a6cff3959e3d0", + "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c", + ] +} + +provider "registry.terraform.io/hashicorp/null" { + version = "3.2.3" + hashes = [ + "h1:I0Um8UkrMUb81Fxq/dxbr3HLP2cecTH2WMJiwKSrwQY=", + "zh:22d062e5278d872fe7aed834f5577ba0a5afe34a3bdac2b81f828d8d3e6706d2", + "zh:23dead00493ad863729495dc212fd6c29b8293e707b055ce5ba21ee453ce552d", + "zh:28299accf21763ca1ca144d8f660688d7c2ad0b105b7202554ca60b02a3856d3", + "zh:55c9e8a9ac25a7652df8c51a8a9a422bd67d784061b1de2dc9fe6c3cb4e77f2f", + "zh:756586535d11698a216291c06b9ed8a5cc6a4ec43eee1ee09ecd5c6a9e297ac1", + "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3", + "zh:9d5eea62fdb587eeb96a8c4d782459f4e6b73baeece4d04b4a40e44faaee9301", + "zh:a6355f596a3fb8fc85c2fb054ab14e722991533f87f928e7169a486462c74670", + "zh:b5a65a789cff4ada58a5baffc76cb9767dc26ec6b45c00d2ec8b1b027f6db4ed", + "zh:db5ab669cf11d0e9f81dc380a6fdfcac437aea3d69109c7aef1a5426639d2d65", + "zh:de655d251c470197bcbb5ac45d289595295acb8f829f6c781d4a75c8c8b7c7dd", + "zh:f5c68199f2e6076bce92a12230434782bf768103a427e9bb9abee99b116af7b5", + ] +} + +provider "registry.terraform.io/integrations/github" { + version = "5.18.3" + constraints = "5.18.3" + hashes = [ + "h1:WbZvLB2qXKVoh4BvOOwFfEds+SZQrkINfSAWPnWFxGo=", + "zh:050b37d96628cb7451137755929ca8d21ea546bc46d11a715652584070e83ff2", + "zh:053051061f1b7f7673b0ceffac1f239ba28b0e5b375999206fd39976e85d9f2b", + "zh:0c300a977ca66d0347ed62bb116fd8fc9abb376a554d4c192d14f3ea71c83500", + "zh:1d5a1a5243eba78819d2f92ff2d504ebf9a9008a6670fb5f5660f44eb6a156d8", + "zh:a13ac15d251ebf4e7dc40acb0e40df066f443f4c7799186a29e2e44addc7d8e7", + "zh:a316d94b885953c036ebc9fba64a23da93974746bc3ac9d207462a6f02d44540", + "zh:a658a00373bff5979cc227052c693cbde8ca4c8f9fef1bc8094a3516f2e2a96d", + "zh:a7bfc6ad8465d5dc11b6f19d6805364de87fffe27622bb4f37da2319bb1c4956", + "zh:d7379a76861f1a6bfc36eca7a20f1f477711247563b105744d69d7bd1f365fad", + "zh:de1cd959fd4821248e8d21570601193408648474e74f49597f1d0c43185a4ab7", + "zh:e0b281240dd6f2aa405b2d6fe329bc15ab877161affe163fb150d1efca2fccdb", + "zh:e372c171358757a983d7aa878abfd05a84484fb4d22167e45c9c1267e78ed060", + "zh:f6d3116526030b3f6905f530cd6c04b23d42890d973fa2abe10ce9c89cb1db80", + "zh:f99eec731e03cc6a28996c875bd435887cd7ea75ec07cc77b9e768bb12da2227", + ] +} diff --git a/infra/functions/onboarding-functions/env/dev/terraform.tfvars b/infra/functions/onboarding-functions/env/dev/terraform.tfvars index 715dc15b2..7fc1d3dc0 100644 --- a/infra/functions/onboarding-functions/env/dev/terraform.tfvars +++ b/infra/functions/onboarding-functions/env/dev/terraform.tfvars @@ -21,12 +21,12 @@ cidr_subnet_selc_onboarding_fn = ["10.1.144.0/24"] function_always_on = false app_service_plan_info = { - kind = "Linux" - sku_size = "P1v3" - sku_tier = "PremiumV3" - maximum_elastic_worker_count = 1 - worker_count = 1 - zone_balancing_enabled = false + kind = "Linux" + sku_size = "P1v3" + sku_tier = "PremiumV3" + maximum_elastic_worker_count = 1 + worker_count = 1 + zone_balancing_enabled = false } storage_account_info = { @@ -107,7 +107,7 @@ app_settings = { ##NAMIRIAL SIGNATURE "PAGOPA_SIGNATURE_SOURCE" = "disabled", - "NAMIRIAL_BASE_URL" = "https://selc-d-namirial-sign-ca.whitemoss-eb7ef327.westeurope.azurecontainerapps.io", + "NAMIRIAL_BASE_URL" = "http://selc-d-namirial-sws-cg.westeurope.azurecontainer.io:8080", "NAMIRIAL_SIGN_SERVICE_IDENTITY_USER" = "@Microsoft.KeyVault(SecretUri=https://selc-d-kv.vault.azure.net/secrets/namirial-sign-service-user/)", "NAMIRIAL_SIGN_SERVICE_IDENTITY_PASSWORD" = "@Microsoft.KeyVault(SecretUri=https://selc-d-kv.vault.azure.net/secrets/namirial-sign-service-psw/)" } \ No newline at end of file diff --git a/infra/functions/onboarding-functions/env/prod/terraform.tfvars b/infra/functions/onboarding-functions/env/prod/terraform.tfvars index bfc4abf1d..2e280ddb6 100644 --- a/infra/functions/onboarding-functions/env/prod/terraform.tfvars +++ b/infra/functions/onboarding-functions/env/prod/terraform.tfvars @@ -119,7 +119,7 @@ app_settings = { "JWT_TOKEN_KID" = "@Microsoft.KeyVault(SecretUri=https://selc-p-kv.vault.azure.net/secrets/jwt-kid/)" ##NAMIRIAL SIGNATURE - "NAMIRIAL_BASE_URL" = "https://selc-p-namirial-sign-ca.lemonpond-bb0b750e.westeurope.azurecontainerapps.io", + "NAMIRIAL_BASE_URL" = "http://selc-p-namirial-sws-cg.westeurope.azurecontainer.io:8080", "NAMIRIAL_SIGN_SERVICE_IDENTITY_USER" = "@Microsoft.KeyVault(SecretUri=https://selc-p-kv.vault.azure.net/secrets/namirial-sign-service-user/)", "NAMIRIAL_SIGN_SERVICE_IDENTITY_PASSWORD" = "@Microsoft.KeyVault(SecretUri=https://selc-p-kv.vault.azure.net/secrets/namirial-sign-service-psw/)" } \ No newline at end of file diff --git a/infra/functions/onboarding-functions/env/uat/terraform.tfvars b/infra/functions/onboarding-functions/env/uat/terraform.tfvars index bbcaa4c1f..ef448f111 100644 --- a/infra/functions/onboarding-functions/env/uat/terraform.tfvars +++ b/infra/functions/onboarding-functions/env/uat/terraform.tfvars @@ -102,23 +102,23 @@ app_settings = { ##ARUBA SIGNATURE - "PAGOPA_SIGNATURE_SOURCE" = "disabled", - "ARUBA_SIGN_SERVICE_IDENTITY_TYPE_OTP_AUTH" = "faPagoPa", - "ARUBA_SIGN_SERVICE_IDENTITY_OTP_PWD" = "dsign", - "ARUBA_SIGN_SERVICE_IDENTITY_USER" = "@Microsoft.KeyVault(SecretUri=https://selc-u-kv.vault.azure.net/secrets/aruba-sign-service-user/)", - "ARUBA_SIGN_SERVICE_IDENTITY_DELEGATED_USER" = "@Microsoft.KeyVault(SecretUri=https://selc-u-kv.vault.azure.net/secrets/aruba-sign-service-delegated-user/)", - "ARUBA_SIGN_SERVICE_IDENTITY_DELEGATED_PASSWORD" = "@Microsoft.KeyVault(SecretUri=https://selc-u-kv.vault.azure.net/secrets/aruba-sign-service-delegated-psw/)", - "ARUBA_SIGN_SERVICE_IDENTITY_DELEGATED_DOMAIN" = "faPagoPa", - "ARUBA_SIGN_SERVICE_BASE_URL" = "https://asbr-pagopa.arubapec.it/ArubaSignService/ArubaSignService" - "ARUBA_SIGN_SERVICE_REQUEST_TIMEOUT_MS" = "60000" - "ARUBA_SIGN_SERVICE_CONNECT_TIMEOUT_MS" = "60000", - "EMAIL_SERVICE_AVAILABLE" = "true", - "JWT_TOKEN_ISSUER" = "SPID" - "JWT_TOKEN_PRIVATE_KEY" = "@Microsoft.KeyVault(SecretUri=https://selc-u-kv.vault.azure.net/secrets/jwt-private-key/)" - "JWT_TOKEN_KID" = "@Microsoft.KeyVault(SecretUri=https://selc-u-kv.vault.azure.net/secrets/jwt-kid/)" + "PAGOPA_SIGNATURE_SOURCE" = "disabled", + "ARUBA_SIGN_SERVICE_IDENTITY_TYPE_OTP_AUTH" = "faPagoPa", + "ARUBA_SIGN_SERVICE_IDENTITY_OTP_PWD" = "dsign", + "ARUBA_SIGN_SERVICE_IDENTITY_USER" = "@Microsoft.KeyVault(SecretUri=https://selc-u-kv.vault.azure.net/secrets/aruba-sign-service-user/)", + "ARUBA_SIGN_SERVICE_IDENTITY_DELEGATED_USER" = "@Microsoft.KeyVault(SecretUri=https://selc-u-kv.vault.azure.net/secrets/aruba-sign-service-delegated-user/)", + "ARUBA_SIGN_SERVICE_IDENTITY_DELEGATED_PASSWORD" = "@Microsoft.KeyVault(SecretUri=https://selc-u-kv.vault.azure.net/secrets/aruba-sign-service-delegated-psw/)", + "ARUBA_SIGN_SERVICE_IDENTITY_DELEGATED_DOMAIN" = "faPagoPa", + "ARUBA_SIGN_SERVICE_BASE_URL" = "https://asbr-pagopa.arubapec.it/ArubaSignService/ArubaSignService" + "ARUBA_SIGN_SERVICE_REQUEST_TIMEOUT_MS" = "60000" + "ARUBA_SIGN_SERVICE_CONNECT_TIMEOUT_MS" = "60000", + "EMAIL_SERVICE_AVAILABLE" = "true", + "JWT_TOKEN_ISSUER" = "SPID" + "JWT_TOKEN_PRIVATE_KEY" = "@Microsoft.KeyVault(SecretUri=https://selc-u-kv.vault.azure.net/secrets/jwt-private-key/)" + "JWT_TOKEN_KID" = "@Microsoft.KeyVault(SecretUri=https://selc-u-kv.vault.azure.net/secrets/jwt-kid/)" ##NAMIRIAL SIGNATURE - "NAMIRIAL_BASE_URL" = "https://selc-u-namirial-sign-ca.mangopond-2a5d4d65.westeurope.azurecontainerapps.io", + "NAMIRIAL_BASE_URL" = "http://selc-u-namirial-sws-cg.westeurope.azurecontainer.io:8080", "NAMIRIAL_SIGN_SERVICE_IDENTITY_USER" = "@Microsoft.KeyVault(SecretUri=https://selc-u-kv.vault.azure.net/secrets/namirial-sign-service-user/)", "NAMIRIAL_SIGN_SERVICE_IDENTITY_PASSWORD" = "@Microsoft.KeyVault(SecretUri=https://selc-u-kv.vault.azure.net/secrets/namirial-sign-service-psw/)" } \ No newline at end of file diff --git a/libs/onboarding-sdk-crypto/src/main/java/it/pagopa/selfcare/onboarding/crypto/client/NamirialHttpClient.java b/libs/onboarding-sdk-crypto/src/main/java/it/pagopa/selfcare/onboarding/crypto/client/NamirialHttpClient.java index 769c45932..068fa163c 100644 --- a/libs/onboarding-sdk-crypto/src/main/java/it/pagopa/selfcare/onboarding/crypto/client/NamirialHttpClient.java +++ b/libs/onboarding-sdk-crypto/src/main/java/it/pagopa/selfcare/onboarding/crypto/client/NamirialHttpClient.java @@ -20,8 +20,11 @@ public byte[] signDocument(SignRequest request) throws IOException { HttpTransport httpTransport = new NetHttpTransport(); HttpRequestFactory requestFactory = httpTransport.createRequestFactory(); + String boundary = "----WebKitFormBoundary7MA4YWxkTrZu0gW"; + // Create the multipart content - MultipartContent multipartContent = new MultipartContent(); + MultipartContent multipartContent = new MultipartContent() + .setBoundary(boundary); ObjectMapper objectMapper = new ObjectMapper(); @@ -58,7 +61,7 @@ public byte[] signDocument(SignRequest request) throws IOException { new GenericUrl(NAMIRIAL_SIGN_PADES_URL), multipartContent); // Set any required headers - httpRequest.getHeaders().setContentType("multipart/form-data;"); + httpRequest.getHeaders().setContentType("multipart/form-data; boundary=" + boundary); try {