From 626f0f0de9a33c00ccc6a8f5aa88ae46dad83afe Mon Sep 17 00:00:00 2001 From: Francesco Cesareo Date: Wed, 18 Dec 2024 17:58:17 +0100 Subject: [PATCH 1/5] chore: [PAGOPA-2505] fix private endpoint storage account WISP (#2684) * improvements * Revert "improvements" This reverts commit 367d0415addbbb0630a53856115f6a4e3216740e. * fix storage account private endpoints --- .../03_storage_account_wisp_converter.tf | 56 +++++++++++++++++++ .../nodo-common/env/weu-uat/terraform.tfvars | 2 +- 2 files changed, 57 insertions(+), 1 deletion(-) diff --git a/src/domains/nodo-common/03_storage_account_wisp_converter.tf b/src/domains/nodo-common/03_storage_account_wisp_converter.tf index 840b0dcca4..591a71aefd 100644 --- a/src/domains/nodo-common/03_storage_account_wisp_converter.tf +++ b/src/domains/nodo-common/03_storage_account_wisp_converter.tf @@ -70,6 +70,34 @@ resource "azurerm_storage_table" "wisp_converter_table" { ] } +resource "azurerm_private_endpoint" "wispconv_private_endpoint_table" { + count = var.env_short == "d" ? 0 : var.create_wisp_converter ? 1 : 0 + + name = "${local.project}-wisp-converter-private-endpoint-table" + location = var.location + resource_group_name = azurerm_resource_group.wisp_converter_rg[0].name + subnet_id = data.azurerm_subnet.private_endpoint_snet.id + + private_dns_zone_group { + name = "${local.project}-wisp-converter-private-dns-zone-group-table" + private_dns_zone_ids = [data.azurerm_private_dns_zone.privatelink_table_azure_com.id] + } + + private_service_connection { + name = "${local.project}-wisp-converter-private-service-connection-table" + private_connection_resource_id = module.wisp_converter_storage_account[0].id + is_manual_connection = false + subresource_names = ["table"] + } + + tags = var.tags + + depends_on = [ + azurerm_resource_group.wisp_converter_rg, + module.wisp_converter_storage_account + ] +} + # blob wispconverter resource "azurerm_storage_container" "wisp_converter_container" { count = var.create_wisp_converter ? 1 : 0 @@ -80,3 +108,31 @@ resource "azurerm_storage_container" "wisp_converter_container" { module.wisp_converter_storage_account ] } + +resource "azurerm_private_endpoint" "wispconv_private_endpoint_blob" { + count = var.env_short == "d" ? 0 : var.create_wisp_converter ? 1 : 0 + + name = "${local.project}-wisp-converter-private-endpoint-blob" + location = var.location + resource_group_name = azurerm_resource_group.wisp_converter_rg[0].name + subnet_id = data.azurerm_subnet.private_endpoint_snet.id + + private_dns_zone_group { + name = "${local.project}-wisp-converter-private-dns-zone-group-blob" + private_dns_zone_ids = [data.azurerm_private_dns_zone.privatelink_blob_azure_com.id] + } + + private_service_connection { + name = "${local.project}-wisp-converter-private-service-connection-blob" + private_connection_resource_id = module.wisp_converter_storage_account[0].id + is_manual_connection = false + subresource_names = ["blob"] + } + + tags = var.tags + + depends_on = [ + azurerm_resource_group.wisp_converter_rg, + module.wisp_converter_storage_account + ] +} diff --git a/src/domains/nodo-common/env/weu-uat/terraform.tfvars b/src/domains/nodo-common/env/weu-uat/terraform.tfvars index 20f7ad7c57..1bd229f567 100644 --- a/src/domains/nodo-common/env/weu-uat/terraform.tfvars +++ b/src/domains/nodo-common/env/weu-uat/terraform.tfvars @@ -276,7 +276,7 @@ wisp_converter_storage_account = { blob_versioning_enabled = false advanced_threat_protection = true blob_delete_retention_days = 90 - public_network_access_enabled = true + public_network_access_enabled = false backup_enabled = false backup_retention_days = 0 } From 21d602cfefd04fba7d9e1e834a960b6d26e01031 Mon Sep 17 00:00:00 2001 From: gioelemella <128155546+gioelemella@users.noreply.github.com> Date: Wed, 18 Dec 2024 17:58:52 +0100 Subject: [PATCH 2/5] fix: Remove deprecated spontaneous payment api definition (#2671) removed deprecated spontaneous payment api Co-authored-by: pasqualespica Co-authored-by: Pasquale Spica <36746022+pasqualespica@users.noreply.github.com> --- src/domains/gps-app/04_apim_gps.tf | 55 ------------------------------ 1 file changed, 55 deletions(-) diff --git a/src/domains/gps-app/04_apim_gps.tf b/src/domains/gps-app/04_apim_gps.tf index efe179692a..a1d1676ad3 100644 --- a/src/domains/gps-app/04_apim_gps.tf +++ b/src/domains/gps-app/04_apim_gps.tf @@ -19,58 +19,3 @@ module "apim_gps_product" { policy_xml = file("./api_product/_base_policy_no_forbid.xml") } - -################# -## API GPS ## -################# - -################# -# Depreacted ⚠️⚠️⚠️⚠️⚠️⚠️⚠️ see here https://github.com/pagopa/pagopa-spontaneous-payments/blob/378d08505a12e1dbd83d69c2ea987a2a3ee475a1/infra/04_apim_api.tf#L4 -################# - -locals { - apim_spontaneous_payments_service_api = { - display_name = "GPS pagoPA - spontaneous payments service API" - description = "API to support spontaneous payments service" - path = "gps/spontaneous-payments-service" - subscription_required = false - service_url = null - } -} - -resource "azurerm_api_management_api_version_set" "api_gps_api" { - - name = format("%s-spontaneous-payments-service-api", var.env_short) - resource_group_name = local.pagopa_apim_rg - api_management_name = local.pagopa_apim_name - display_name = local.apim_spontaneous_payments_service_api.display_name - versioning_scheme = "Segment" -} - - -module "apim_api_gps_api_v1" { - source = "./.terraform/modules/__v3__/api_management_api" - - name = format("%s-spontaneous-payments-service-api", local.project) - api_management_name = local.pagopa_apim_name - resource_group_name = local.pagopa_apim_rg - product_ids = [module.apim_gps_product.product_id] - subscription_required = local.apim_spontaneous_payments_service_api.subscription_required - version_set_id = azurerm_api_management_api_version_set.api_gps_api.id - api_version = "v1" - - description = local.apim_spontaneous_payments_service_api.description - display_name = local.apim_spontaneous_payments_service_api.display_name - path = local.apim_spontaneous_payments_service_api.path - protocols = ["https"] - service_url = local.apim_spontaneous_payments_service_api.service_url - - content_format = "openapi" - content_value = templatefile("./api/spontaneous-payments-service/v1/_openapi.json.tpl", { - host = local.apim_hostname - }) - - xml_content = templatefile("./api/spontaneous-payments-service/v1/_base_policy.xml", { - hostname = local.gps_hostname - }) -} From 81092de198b91f1abd3e591e2062b6f521cff531 Mon Sep 17 00:00:00 2001 From: Simone infante <52280205+infantesimone@users.noreply.github.com> Date: Wed, 18 Dec 2024 18:52:01 +0100 Subject: [PATCH 3/5] fix: healthcheck ecommerce and wallet (#2686) --- .../v1/_base_policy.xml.tpl | 11 +++++++--- .../api/healthcheck/v1/_base_policy.xml.tpl | 20 +++++++++---------- 2 files changed, 17 insertions(+), 14 deletions(-) diff --git a/src/domains/ecommerce-app/api/ecommerce-healthcheck/v1/_base_policy.xml.tpl b/src/domains/ecommerce-app/api/ecommerce-healthcheck/v1/_base_policy.xml.tpl index a81e6a6eea..9152662cfb 100644 --- a/src/domains/ecommerce-app/api/ecommerce-healthcheck/v1/_base_policy.xml.tpl +++ b/src/domains/ecommerce-app/api/ecommerce-healthcheck/v1/_base_policy.xml.tpl @@ -67,12 +67,17 @@ bool allUp = true; foreach (var service in services) { - var parsedResponse = ((IResponse)context.Variables[service]).Body.As(); + + var serviceResponse = context.Variables[service] as IResponse; + + bool isServiceUp = serviceResponse.StatusCode == 200; + JObject parsedResponse = isServiceUp ? serviceResponse.Body.As() : new JObject(new JProperty("status", "DOWN")); + combinedResults[service] = parsedResponse; - if ((string)parsedResponse["status"] != "UP") { + if (isServiceUp && (string)parsedResponse["status"] != "UP" || !isServiceUp) { allUp = false; - } + } } var response = new JObject(); diff --git a/src/domains/pay-wallet-app/api/healthcheck/v1/_base_policy.xml.tpl b/src/domains/pay-wallet-app/api/healthcheck/v1/_base_policy.xml.tpl index 291d0eb93e..dc822296fa 100644 --- a/src/domains/pay-wallet-app/api/healthcheck/v1/_base_policy.xml.tpl +++ b/src/domains/pay-wallet-app/api/healthcheck/v1/_base_policy.xml.tpl @@ -25,12 +25,6 @@ GET - - - https://${hostname}/pagopa-payment-wallet-scheduler-service/actuator/health/liveness - - GET - @@ -42,7 +36,6 @@ "walletServiceLiveness", "walletEventDispatcherServiceLiveness", "walletCdcServiceLiveness", - "walletSchedulerServiceLiveness" }; var combinedResults = new JObject(); @@ -50,14 +43,19 @@ bool allUp = true; foreach (var service in services) { - var parsedResponse = ((IResponse)context.Variables[service]).Body.As(); + + var serviceResponse = context.Variables[service] as IResponse; + + bool isServiceUp = serviceResponse.StatusCode == 200; + JObject parsedResponse = isServiceUp ? serviceResponse.Body.As() : new JObject(new JProperty("status", "DOWN")); + combinedResults[service] = parsedResponse; - if ((string)parsedResponse["status"] != "UP") { + if (isServiceUp && (string)parsedResponse["status"] != "UP" || !isServiceUp) { allUp = false; - } + } } - + var response = new JObject(); response["status"] = allUp ? "UP" : "DOWN"; From dfae0efb02be415c9ddbe301ca188a44998af3ba Mon Sep 17 00:00:00 2001 From: Marco Mari <130982006+mamari90@users.noreply.github.com> Date: Thu, 19 Dec 2024 12:07:36 +0100 Subject: [PATCH 4/5] feat: Db virtual endpoint migration (#2679) * migrated fdr virtual endpoint * migrated gps virtual endpoint * wisp sa table private endpoint * migrated nodo-common to new provider and new db virtual endpoint * removed deleted resource reference * precommit fix --- src/domains/fdr-common/.terraform.lock.hcl | 42 +++++++----- .../fdr-common/03_postgresql_replica.tf | 31 +++------ src/domains/fdr-common/99_main.tf | 2 +- src/domains/fdr-common/README.md | 4 +- src/domains/gps-common/.terraform.lock.hcl | 44 ++++++++---- .../gps-common/03_postgresql_replica.tf | 28 ++------ src/domains/gps-common/99_locals.tf | 4 +- src/domains/gps-common/99_main.tf | 2 +- src/domains/gps-common/README.md | 5 +- src/domains/nodo-common/.terraform.lock.hcl | 44 +++++++----- src/domains/nodo-common/01_network.tf | 10 +-- .../nodo-common/03_cosmosdb_nodo_re.tf | 6 +- .../nodo-common/03_cosmosdb_nodo_verifyko.tf | 6 +- .../nodo-common/03_cosmosdb_standin.tf | 6 +- .../nodo-common/03_cosmosdb_wisp_converter.tf | 16 ++--- src/domains/nodo-common/03_postgresql.tf | 4 +- .../nodo-common/03_postgresql_replica.tf | 32 +++------ .../03_storage_account_nodo_cfg_sync.tf | 2 +- .../nodo-common/03_storage_account_nodo_re.tf | 2 +- .../03_storage_account_nodo_storico.tf | 2 +- .../03_storage_account_nodo_verifyko.tf | 2 +- .../03_storage_account_wisp_converter.tf | 3 +- src/domains/nodo-common/07_sftp.tf | 4 +- src/domains/nodo-common/10_github_identity.tf | 4 +- src/domains/nodo-common/99_main.tf | 9 ++- src/domains/nodo-common/99_variables.tf | 2 + src/domains/nodo-common/README.md | 67 ++++++++++--------- .../nodo-common/env/weu-dev/terraform.tfvars | 4 +- .../nodo-common/env/weu-prod/terraform.tfvars | 11 +-- .../nodo-common/env/weu-uat/terraform.tfvars | 1 + 30 files changed, 206 insertions(+), 193 deletions(-) diff --git a/src/domains/fdr-common/.terraform.lock.hcl b/src/domains/fdr-common/.terraform.lock.hcl index 6115a66cde..13cfcf858b 100644 --- a/src/domains/fdr-common/.terraform.lock.hcl +++ b/src/domains/fdr-common/.terraform.lock.hcl @@ -7,6 +7,9 @@ provider "registry.terraform.io/azure/azapi" { hashes = [ "h1:2cnqo8u7YMuBexFZv8/lXGxIn1dXuEnC44LAL90GAa0=", "h1:EHLgSlpuzCcWaDBCB3J1D5xkHKoEeX8TkeYNlnRA1qc=", + "h1:Q10vF78s0i71/CfRYbeoRLAWuJrat2kxIrHK9/yaEYk=", + "h1:l6sI11YTFkGxAB2HnLSi3u1TGscOO34BFuEg2TJUZHQ=", + "h1:xDZG4lbtQJeyJa3Gzo8qecYxyw+AIXYcdDRlkaSLNz8=", "zh:1f2aceddd67ceeb82a75c2f15dc01e54781e9aed5968507dbc29590c165b2e2b", "zh:397f0bfbac899d48e23cecf38d362c27562150aa20b19157b5bd370b8e6801ee", "zh:652263b7d00623684e29ef7b8ff285a17c5bd7cc8ba7d22967c66d0b3a3c568a", @@ -26,8 +29,11 @@ provider "registry.terraform.io/hashicorp/azuread" { version = "2.47.0" constraints = "<= 2.47.0" hashes = [ + "h1:8J74v92UvtqVNucugAtB+Sd44oTgnhfct+Xf8ObOZug=", + "h1:KB9BNRNStbdsfdRmVXUwXtN77qgX5VjBy2UALcqp218=", "h1:g8+gBFM4QVOEQFqAEs5pR6iXpbGvgPvcEi1evHwziyw=", "h1:iRwDQBdXBpVBoYwM9au2RG01RQuJSm3TGQ2kioFVAas=", + "h1:zYMGokLn44KSWir7Nr4t8lEAPMB6JuXd2LlP2Ac2tMY=", "zh:1372d81eb24ef3b4b00ea350fe87219f22da51691b8e42ce91d662f6c2a8af5e", "zh:1c3e89cf19118fc07d7b04257251fc9897e722c16e0a0df7b07fcd261f8c12e7", "zh:1e654a74d171d6ff8f9f6f67e3ff1421d4c5e56a18607703626bf12cd23ba001", @@ -44,22 +50,25 @@ provider "registry.terraform.io/hashicorp/azuread" { } provider "registry.terraform.io/hashicorp/azurerm" { - version = "3.107.0" - constraints = "~> 3.30, ~> 3.76, != 3.97.0, != 3.97.1, <= 3.107.0" + version = "3.117.0" + constraints = "~> 3.30, ~> 3.76, != 3.97.0, != 3.97.1, < 4.0.0" hashes = [ - "h1:IuCRZEfFU0lp1h3nhBT4cnyB3oOIXTDNFtrQ5/Aywp4=", - "h1:gk6yMuxWOxN01e68uTwJvQ91x8roEwyeYJBwNrYFHIk=", - "zh:0a5bfcdef1dad509c4f45c0ada2c8e2cc058cf9542ddec48fbee18c4097bce9e", - "zh:0b56736691e4b28ea15b381a4711ff39719ff83a40ce97cd283eb21988f471f6", - "zh:13d55030c8be466b5de4819e4a8b84da69a40b15bfa0cc2588f5270b4682fa89", - "zh:1eac398718cd0973f94015e49ff69a6ed8c860d69e4adbd192c7bea775af2941", - "zh:7b1984b60abc7f53298950680bda504eca8d70c9d0d906d6dee2aac6a827f9d6", - "zh:86f63ad98576d698c6ba8defa9165160633f086145a1f060014a93f5c2fb384e", - "zh:afc78e7e0e76b4d2593ca2ec78b064c896888d03c6cb82f2c5bd37e815e056e7", - "zh:b84997b287c673b297ede08404133279dbc72f070c8d6e4284bf62637de4bfb4", - "zh:dd1d21c8a37938082a5c2497eacd76bacb1ac459bc9d38ee782443fa87a2247d", - "zh:edcaca84c6473427d36f940748e5ce4d1d50b393012f6f6c0ec4303792f607d9", - "zh:f0892ecd0eea0c06710056048d8bb75c4c3bda74de7ba41afa60d7b9c9a3b0ca", + "h1:4v/cLZEL5PpXn36bG1YjD9sraf1XZ5NX/yMItDa6f18=", + "h1:Ew2CcKxce0b1gv3KpztpPt54dw1y7qEnkda5n0fuoPg=", + "h1:Ynfg+Iy7x6K8M6W1AhqXCe3wkoiqIQhROlca7C3KC3w=", + "h1:h4lGsuXDO9QRtFWrJrCWU355FDnlzX8CqKdTtZsgoBI=", + "h1:pAXy9cKU+bX1rvWog4YWeLbg7VFHqRTAFKbjayIXK1k=", + "zh:2e25f47492366821a786762369f0e0921cc9452d64bfd5075f6fdfcf1a9c6d70", + "zh:41eb34f2f7469bf3eb1019dfb0e7fc28256f809824016f4f8b9d691bf473b2ac", + "zh:48bb9c87b3d928da1abc1d3db75453c9725de4674c612daf3800160cc7145d30", + "zh:5d6b0de0bbd78943fcc65c53944ef4496329e247f434c6eab86ed051c5cea67b", + "zh:78c9f6fdb1206a89cf0e6706b4f46178169a93b6c964a4cad8a321058ccbd9b4", + "zh:793b702c352589d4360b580d4a1cf654a7439d2ad6bdb7bfea91de07bc4b0fac", + "zh:7ed687ff0a5509463a592f97431863574fe5cc80a34e395be06766215b8c6285", + "zh:955ba18789bd15592824eb426a8d0f38595bd09fffc6939c1c58933489c1a71e", + "zh:bf5949a55be0714cd9c8815d472eae4baa48ba06d0f6bf2b96775869acda8a54", + "zh:da5d31f635abd2c645ffc76d6176d73f646128e73720cc368247cc424975c127", + "zh:eed5a66d59883c9c56729b0a964a2b60d758ea7489ef3e920a6fbd48518ce5f5", "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c", ] } @@ -68,8 +77,11 @@ provider "registry.terraform.io/hashicorp/null" { version = "3.2.2" constraints = "~> 3.2, <= 3.2.2" hashes = [ + "h1:Gef5VGfobY5uokA5nV/zFvWeMNR2Pmq79DH94QnNZPM=", "h1:IMVAUHKoydFrlPrl9OzasDnw/8ntZFerCC9iXw1rXQY=", + "h1:m467k2tZ9cdFFgHW7LPBK2GLPH43LC6wc3ppxr8yvoE=", "h1:vWAsYRd7MjYr3adj8BVKRohVfHpWQdvkIwUQ2Jf5FVM=", + "h1:zT1ZbegaAYHwQa+QwIFugArWikRJI9dqohj8xb0GY88=", "zh:3248aae6a2198f3ec8394218d05bd5e42be59f43a3a7c0b71c66ec0df08b69e7", "zh:32b1aaa1c3013d33c245493f4a65465eab9436b454d250102729321a44c8ab9a", "zh:38eff7e470acb48f66380a73a5c7cdd76cc9b9c9ba9a7249c7991488abe22fe3", diff --git a/src/domains/fdr-common/03_postgresql_replica.tf b/src/domains/fdr-common/03_postgresql_replica.tf index 709b3f61f3..fa189ddf70 100644 --- a/src/domains/fdr-common/03_postgresql_replica.tf +++ b/src/domains/fdr-common/03_postgresql_replica.tf @@ -51,35 +51,20 @@ module "postgresql_fdr_replica_db" { tags = var.tags } -resource "null_resource" "virtual_endpoint" { - count = var.geo_replica_enabled ? 1 : 0 - triggers = { - rg_name = azurerm_resource_group.db_rg.name - primary_server_name = module.postgres_flexible_server_fdr.name - ve_name = "${local.project}-pgflex-ve" - member_name = module.postgresql_fdr_replica_db[0].name - } - - provisioner "local-exec" { - command = < [azapi](#requirement\_azapi) | <= 1.13.1 | | [azuread](#requirement\_azuread) | <= 2.47.0 | -| [azurerm](#requirement\_azurerm) | <= 3.107.0 | +| [azurerm](#requirement\_azurerm) | >= 3.116.0, < 4.0.0 | | [null](#requirement\_null) | <= 3.2.2 | ## Modules @@ -70,6 +70,7 @@ | [azurerm_postgresql_flexible_server_configuration.fdr_db_flex_wal_level](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_flexible_server_configuration) | resource | | [azurerm_postgresql_flexible_server_database.fdr_db](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_flexible_server_database) | resource | | [azurerm_postgresql_flexible_server_database.fdr_replica_db](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_flexible_server_database) | resource | +| [azurerm_postgresql_flexible_server_virtual_endpoint.virtual_endpoint](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_flexible_server_virtual_endpoint) | resource | | [azurerm_private_dns_a_record.ingress](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_dns_a_record) | resource | | [azurerm_private_dns_cname_record.cname_record](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_dns_cname_record) | resource | | [azurerm_private_endpoint.fdr_blob_private_endpoint](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_endpoint) | resource | @@ -99,7 +100,6 @@ | [null_resource.change_auth_fdr_blob_container](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource | | [null_resource.github_runner_app_permissions_to_namespace_cd_01](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource | | [null_resource.github_runner_app_permissions_to_namespace_ci_01](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource | -| [null_resource.virtual_endpoint](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource | | [azurerm_api_management.apim](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/api_management) | data source | | [azurerm_api_management_product.fdr_internal_product](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/api_management_product) | data source | | [azurerm_api_management_product.fdr_org_product](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/api_management_product) | data source | diff --git a/src/domains/gps-common/.terraform.lock.hcl b/src/domains/gps-common/.terraform.lock.hcl index 08e0a798d1..13cfcf858b 100644 --- a/src/domains/gps-common/.terraform.lock.hcl +++ b/src/domains/gps-common/.terraform.lock.hcl @@ -6,6 +6,10 @@ provider "registry.terraform.io/azure/azapi" { constraints = "<= 1.13.1" hashes = [ "h1:2cnqo8u7YMuBexFZv8/lXGxIn1dXuEnC44LAL90GAa0=", + "h1:EHLgSlpuzCcWaDBCB3J1D5xkHKoEeX8TkeYNlnRA1qc=", + "h1:Q10vF78s0i71/CfRYbeoRLAWuJrat2kxIrHK9/yaEYk=", + "h1:l6sI11YTFkGxAB2HnLSi3u1TGscOO34BFuEg2TJUZHQ=", + "h1:xDZG4lbtQJeyJa3Gzo8qecYxyw+AIXYcdDRlkaSLNz8=", "zh:1f2aceddd67ceeb82a75c2f15dc01e54781e9aed5968507dbc29590c165b2e2b", "zh:397f0bfbac899d48e23cecf38d362c27562150aa20b19157b5bd370b8e6801ee", "zh:652263b7d00623684e29ef7b8ff285a17c5bd7cc8ba7d22967c66d0b3a3c568a", @@ -25,7 +29,11 @@ provider "registry.terraform.io/hashicorp/azuread" { version = "2.47.0" constraints = "<= 2.47.0" hashes = [ + "h1:8J74v92UvtqVNucugAtB+Sd44oTgnhfct+Xf8ObOZug=", + "h1:KB9BNRNStbdsfdRmVXUwXtN77qgX5VjBy2UALcqp218=", "h1:g8+gBFM4QVOEQFqAEs5pR6iXpbGvgPvcEi1evHwziyw=", + "h1:iRwDQBdXBpVBoYwM9au2RG01RQuJSm3TGQ2kioFVAas=", + "h1:zYMGokLn44KSWir7Nr4t8lEAPMB6JuXd2LlP2Ac2tMY=", "zh:1372d81eb24ef3b4b00ea350fe87219f22da51691b8e42ce91d662f6c2a8af5e", "zh:1c3e89cf19118fc07d7b04257251fc9897e722c16e0a0df7b07fcd261f8c12e7", "zh:1e654a74d171d6ff8f9f6f67e3ff1421d4c5e56a18607703626bf12cd23ba001", @@ -42,21 +50,25 @@ provider "registry.terraform.io/hashicorp/azuread" { } provider "registry.terraform.io/hashicorp/azurerm" { - version = "3.107.0" - constraints = "~> 3.30, ~> 3.76, != 3.97.0, != 3.97.1, <= 3.107.0" + version = "3.117.0" + constraints = "~> 3.30, ~> 3.76, != 3.97.0, != 3.97.1, < 4.0.0" hashes = [ - "h1:IuCRZEfFU0lp1h3nhBT4cnyB3oOIXTDNFtrQ5/Aywp4=", - "zh:0a5bfcdef1dad509c4f45c0ada2c8e2cc058cf9542ddec48fbee18c4097bce9e", - "zh:0b56736691e4b28ea15b381a4711ff39719ff83a40ce97cd283eb21988f471f6", - "zh:13d55030c8be466b5de4819e4a8b84da69a40b15bfa0cc2588f5270b4682fa89", - "zh:1eac398718cd0973f94015e49ff69a6ed8c860d69e4adbd192c7bea775af2941", - "zh:7b1984b60abc7f53298950680bda504eca8d70c9d0d906d6dee2aac6a827f9d6", - "zh:86f63ad98576d698c6ba8defa9165160633f086145a1f060014a93f5c2fb384e", - "zh:afc78e7e0e76b4d2593ca2ec78b064c896888d03c6cb82f2c5bd37e815e056e7", - "zh:b84997b287c673b297ede08404133279dbc72f070c8d6e4284bf62637de4bfb4", - "zh:dd1d21c8a37938082a5c2497eacd76bacb1ac459bc9d38ee782443fa87a2247d", - "zh:edcaca84c6473427d36f940748e5ce4d1d50b393012f6f6c0ec4303792f607d9", - "zh:f0892ecd0eea0c06710056048d8bb75c4c3bda74de7ba41afa60d7b9c9a3b0ca", + "h1:4v/cLZEL5PpXn36bG1YjD9sraf1XZ5NX/yMItDa6f18=", + "h1:Ew2CcKxce0b1gv3KpztpPt54dw1y7qEnkda5n0fuoPg=", + "h1:Ynfg+Iy7x6K8M6W1AhqXCe3wkoiqIQhROlca7C3KC3w=", + "h1:h4lGsuXDO9QRtFWrJrCWU355FDnlzX8CqKdTtZsgoBI=", + "h1:pAXy9cKU+bX1rvWog4YWeLbg7VFHqRTAFKbjayIXK1k=", + "zh:2e25f47492366821a786762369f0e0921cc9452d64bfd5075f6fdfcf1a9c6d70", + "zh:41eb34f2f7469bf3eb1019dfb0e7fc28256f809824016f4f8b9d691bf473b2ac", + "zh:48bb9c87b3d928da1abc1d3db75453c9725de4674c612daf3800160cc7145d30", + "zh:5d6b0de0bbd78943fcc65c53944ef4496329e247f434c6eab86ed051c5cea67b", + "zh:78c9f6fdb1206a89cf0e6706b4f46178169a93b6c964a4cad8a321058ccbd9b4", + "zh:793b702c352589d4360b580d4a1cf654a7439d2ad6bdb7bfea91de07bc4b0fac", + "zh:7ed687ff0a5509463a592f97431863574fe5cc80a34e395be06766215b8c6285", + "zh:955ba18789bd15592824eb426a8d0f38595bd09fffc6939c1c58933489c1a71e", + "zh:bf5949a55be0714cd9c8815d472eae4baa48ba06d0f6bf2b96775869acda8a54", + "zh:da5d31f635abd2c645ffc76d6176d73f646128e73720cc368247cc424975c127", + "zh:eed5a66d59883c9c56729b0a964a2b60d758ea7489ef3e920a6fbd48518ce5f5", "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c", ] } @@ -65,7 +77,11 @@ provider "registry.terraform.io/hashicorp/null" { version = "3.2.2" constraints = "~> 3.2, <= 3.2.2" hashes = [ + "h1:Gef5VGfobY5uokA5nV/zFvWeMNR2Pmq79DH94QnNZPM=", "h1:IMVAUHKoydFrlPrl9OzasDnw/8ntZFerCC9iXw1rXQY=", + "h1:m467k2tZ9cdFFgHW7LPBK2GLPH43LC6wc3ppxr8yvoE=", + "h1:vWAsYRd7MjYr3adj8BVKRohVfHpWQdvkIwUQ2Jf5FVM=", + "h1:zT1ZbegaAYHwQa+QwIFugArWikRJI9dqohj8xb0GY88=", "zh:3248aae6a2198f3ec8394218d05bd5e42be59f43a3a7c0b71c66ec0df08b69e7", "zh:32b1aaa1c3013d33c245493f4a65465eab9436b454d250102729321a44c8ab9a", "zh:38eff7e470acb48f66380a73a5c7cdd76cc9b9c9ba9a7249c7991488abe22fe3", diff --git a/src/domains/gps-common/03_postgresql_replica.tf b/src/domains/gps-common/03_postgresql_replica.tf index a676027bcb..8d608f7aea 100644 --- a/src/domains/gps-common/03_postgresql_replica.tf +++ b/src/domains/gps-common/03_postgresql_replica.tf @@ -54,27 +54,13 @@ module "postgresql_gpd_replica_db" { tags = var.tags } -resource "null_resource" "virtual_endpoint" { - count = var.geo_replica_enabled ? 1 : 0 - triggers = { - rg_name = azurerm_resource_group.flex_data[0].name - primary_server_name = module.postgres_flexible_server_private[0].name # NEWGPD-DB : DEPRECATED switch to new istance postgres_flexible_server_private_db - ve_name = "${local.project}-pgflex-ve" - member_name = module.postgresql_gpd_replica_db[0].name - } - - provisioner "local-exec" { - command = < [azapi](#requirement\_azapi) | <= 1.13.1 | | [azuread](#requirement\_azuread) | <= 2.47.0 | -| [azurerm](#requirement\_azurerm) | <= 3.107.0 | +| [azurerm](#requirement\_azurerm) | >= 3.116.0, < 4.0.0 | | [null](#requirement\_null) | <= 3.2.2 | ## Modules @@ -56,6 +56,7 @@ | [azurerm_key_vault_secret.db_url](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_secret) | resource | | [azurerm_key_vault_secret.elastic_otel_token_header](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_secret) | resource | | [azurerm_key_vault_secret.flows_sa_connection_string](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_secret) | resource | +| [azurerm_key_vault_secret.flyway_db_url](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_secret) | resource | | [azurerm_key_vault_secret.gpd-paa-password](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_secret) | resource | | [azurerm_key_vault_secret.gpd_apiconfig_subscription_key](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_secret) | resource | | [azurerm_key_vault_secret.gpd_archive_sa_connection_string](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_secret) | resource | @@ -99,6 +100,7 @@ | [azurerm_postgresql_flexible_server_configuration.pg_wal_level](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_flexible_server_configuration) | resource | | [azurerm_postgresql_flexible_server_database.apd_db_flex](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_flexible_server_database) | resource | | [azurerm_postgresql_flexible_server_database.pg_charset](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_flexible_server_database) | resource | +| [azurerm_postgresql_flexible_server_virtual_endpoint.virtual_endpoint](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_flexible_server_virtual_endpoint) | resource | | [azurerm_private_dns_a_record.ingress](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_dns_a_record) | resource | | [azurerm_private_dns_cname_record.cname_record](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_dns_cname_record) | resource | | [azurerm_private_endpoint.gpd_blob](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_endpoint) | resource | @@ -117,7 +119,6 @@ | [azurerm_storage_table.reporting_flows_table](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_table) | resource | | [azurerm_storage_table.reporting_organizations_table](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_table) | resource | | [null_resource.github_runner_app_permissions_to_namespace_cd_01](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource | -| [null_resource.virtual_endpoint](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource | | [azuread_group.adgroup_admin](https://registry.terraform.io/providers/hashicorp/azuread/latest/docs/data-sources/group) | data source | | [azuread_group.adgroup_developers](https://registry.terraform.io/providers/hashicorp/azuread/latest/docs/data-sources/group) | data source | | [azuread_group.adgroup_externals](https://registry.terraform.io/providers/hashicorp/azuread/latest/docs/data-sources/group) | data source | diff --git a/src/domains/nodo-common/.terraform.lock.hcl b/src/domains/nodo-common/.terraform.lock.hcl index 81b20f32a7..bad06d8cf2 100644 --- a/src/domains/nodo-common/.terraform.lock.hcl +++ b/src/domains/nodo-common/.terraform.lock.hcl @@ -6,7 +6,10 @@ provider "registry.terraform.io/azure/azapi" { constraints = "<= 1.3.0" hashes = [ "h1:OWZNYEGEIunmpxEcbGveH+kkdELQfMCUYxLt1b25UOc=", + "h1:UTQiZ34OcSms4LZ2sAa1OarDXw31OtogqBj0SwZCoDY=", + "h1:b4PzksrgRiHgOTVXIMTODOAlsvdj3uWSdCvA7lw+9ik=", "h1:h/ZVYAapVQ+W0R4P5IK/Mvsi84jiYTggmgJHZgfVbfg=", + "h1:zpNS7i+p+MeA4h6xCbwXzcKtMeAn3je9k6J7DZQqReY=", "zh:0923b297c5b71ed584e5f3a0b2393e80244076e85102a90438159833353274b0", "zh:11fa2922aa98ca55beaf7cc33c7edbde81bbd405fdfea2955276c7f5a8537240", "zh:14af830fb6091d084bfc2711c8e9c7bf05aa3c56fe8fd8e2fb4eddeb345be88d", @@ -26,7 +29,10 @@ provider "registry.terraform.io/hashicorp/azuread" { version = "2.21.0" constraints = "<= 2.21.0" hashes = [ + "h1:9gG6SWoUZZmmXbYBv6ra2RF5NYpamB9tGjsuBxrasFQ=", "h1:KbY8dRdbfTwTzEBcdOFdD50JX8CUG5Mni25D2+k1rGc=", + "h1:akcofWscEl0ecIbf7lyEqRvPfOdA5q75EZvK8uSum1c=", + "h1:p9epRqujcxIMeT9THP0oNLGe4jjMBLjT5a7RntnFDaA=", "h1:qHYbB6LJsYPVUcd7QkZ5tU+IX+10VcUG4NzsmIuWdlE=", "zh:18c56e0478e8b3849f6d52f7e0ee495538e7fce66f22fc84a79599615e50ad1c", "zh:1b95ba8dddc46c744b2d2be7da6fafaa8ebd8368d46ff77416a95cb7d622251e", @@ -44,31 +50,37 @@ provider "registry.terraform.io/hashicorp/azuread" { } provider "registry.terraform.io/hashicorp/azurerm" { - version = "3.95.0" - constraints = ">= 3.30.0, >= 3.76.0, <= 3.95.0, <= 3.97.1" + version = "3.117.0" + constraints = "~> 3.30, ~> 3.76, != 3.97.0, != 3.97.1, >= 3.116.0, < 4.0.0" hashes = [ - "h1:ANXIxSiPQBeuD8c7QiLcfq189oBGO207JL4zh0YdTqc=", - "h1:nyThHJeS3HbYCqgZskB/GOvQRt3DmNqFKmtUmAcr0AQ=", - "zh:36e96725fb5860b68c4f86d43988eadfe13ece7abfc3368bf01b2f4e253a05f8", - "zh:3f416b574518a63793dfda0efa588dd0d2432d4cbea5908d7a479f82f0a89a01", - "zh:3f94eb8dc1717bd5af524138258b65bb2011917e05db727a0696623d4a2cdf6f", - "zh:4fd395656aeb366830eebc11f10d29b2e9652b4d74e70bbe785768b7cbcf8d5c", - "zh:58bc5bd83a984f91faebbc71f27062d3a6ca4e3abfc2fe7fcd40833d8145c5a8", - "zh:5bfedb1592056da89c3cfa2cb409cdeadedc2d336a862d39c14a9a2a4424cb8a", - "zh:6135572aa2d99e95877a28deaa864742429ba7bba8ca39b5dd8261484d384c06", - "zh:8440dbc750cd06e51a640175acd2187ab2816e080c318ea278ef9657c3000675", - "zh:9dc9e301319f49c639535da6d5ed5d938a7c8153d4467816419466d343784d01", - "zh:e5c99bc6c960d0cc4f4aab4779ccb59ec8cc6802799f2fff9c41c945f2012f85", - "zh:e9d55f63a20054c3cbb95f14dc3670c89575893b9747eb2c2ee067e1bc521c48", + "h1:4v/cLZEL5PpXn36bG1YjD9sraf1XZ5NX/yMItDa6f18=", + "h1:Ew2CcKxce0b1gv3KpztpPt54dw1y7qEnkda5n0fuoPg=", + "h1:Ynfg+Iy7x6K8M6W1AhqXCe3wkoiqIQhROlca7C3KC3w=", + "h1:h4lGsuXDO9QRtFWrJrCWU355FDnlzX8CqKdTtZsgoBI=", + "h1:pAXy9cKU+bX1rvWog4YWeLbg7VFHqRTAFKbjayIXK1k=", + "zh:2e25f47492366821a786762369f0e0921cc9452d64bfd5075f6fdfcf1a9c6d70", + "zh:41eb34f2f7469bf3eb1019dfb0e7fc28256f809824016f4f8b9d691bf473b2ac", + "zh:48bb9c87b3d928da1abc1d3db75453c9725de4674c612daf3800160cc7145d30", + "zh:5d6b0de0bbd78943fcc65c53944ef4496329e247f434c6eab86ed051c5cea67b", + "zh:78c9f6fdb1206a89cf0e6706b4f46178169a93b6c964a4cad8a321058ccbd9b4", + "zh:793b702c352589d4360b580d4a1cf654a7439d2ad6bdb7bfea91de07bc4b0fac", + "zh:7ed687ff0a5509463a592f97431863574fe5cc80a34e395be06766215b8c6285", + "zh:955ba18789bd15592824eb426a8d0f38595bd09fffc6939c1c58933489c1a71e", + "zh:bf5949a55be0714cd9c8815d472eae4baa48ba06d0f6bf2b96775869acda8a54", + "zh:da5d31f635abd2c645ffc76d6176d73f646128e73720cc368247cc424975c127", + "zh:eed5a66d59883c9c56729b0a964a2b60d758ea7489ef3e920a6fbd48518ce5f5", "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c", ] } provider "registry.terraform.io/hashicorp/null" { version = "3.2.1" - constraints = "<= 3.2.1" + constraints = "~> 3.2, <= 3.2.1" hashes = [ + "h1:FbGfc+muBsC17Ohy5g806iuI1hQc4SIexpYCrQHQd8w=", "h1:tSj1mL6OQ8ILGqR2mDu7OYYYWf+hoir0pf9KAQ8IzO8=", + "h1:vUW21lLLsKlxtBf0QF7LKJreKxs0CM7YXGzqW1N/ODY=", + "h1:wqgRvlyVIbkCeCQs+5jj6zVuQL0KDxZZtNofGqqlSdI=", "h1:ydA0/SNRVB1o95btfshvYsmxA+jZFRZcvKzZSB+4S1M=", "zh:58ed64389620cc7b82f01332e27723856422820cfd302e304b5f6c3436fb9840", "zh:62a5cc82c3b2ddef7ef3a6f2fedb7b9b3deff4ab7b414938b08e51d6e8be87cb", diff --git a/src/domains/nodo-common/01_network.tf b/src/domains/nodo-common/01_network.tf index 5c4bfa5eaf..f39bb219b8 100644 --- a/src/domains/nodo-common/01_network.tf +++ b/src/domains/nodo-common/01_network.tf @@ -97,7 +97,7 @@ data "azurerm_private_dns_zone" "privatelink_table_azure_com" { # Azure Storage subnet module "storage_account_snet" { - source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//subnet?ref=v7.77.0" + source = "./.terraform/modules/__v3__/subnet" name = format("%s-storage-account-snet", local.project) address_prefixes = var.cidr_subnet_storage_account resource_group_name = data.azurerm_resource_group.rg_vnet.name @@ -109,7 +109,7 @@ module "storage_account_snet" { # CosmosDB subnet Nodo-RE module "cosmosdb_nodo_re_snet" { count = var.enable_nodo_re ? 1 : 0 - source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//subnet?ref=v7.77.0" + source = "./.terraform/modules/__v3__/subnet" name = "${local.project}-cosmosb-snet" address_prefixes = var.cidr_subnet_cosmosdb_nodo_re resource_group_name = local.vnet_resource_group_name @@ -125,7 +125,7 @@ module "cosmosdb_nodo_re_snet" { # CosmosDB subnet Verify KO module "cosmosdb_nodo_verifyko_snet" { - source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//subnet?ref=v7.77.0" + source = "./.terraform/modules/__v3__/subnet" name = "${local.project}-verifyko-cosmosdb-snet" address_prefixes = var.cidr_subnet_cosmosdb_nodo_verifyko resource_group_name = local.vnet_resource_group_name @@ -148,7 +148,7 @@ resource "azurerm_resource_group" "standin_rg" { } module "cosmosdb_standin_snet" { - source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//subnet?ref=v7.77.0" + source = "./.terraform/modules/__v3__/subnet" name = "${local.project}-standin-cosmosdb-snet" address_prefixes = var.cidr_subnet_cosmosdb_standin resource_group_name = local.vnet_resource_group_name @@ -173,7 +173,7 @@ resource "azurerm_resource_group" "wisp_converter_rg" { module "cosmosdb_wisp_converter_snet" { count = var.create_wisp_converter ? 1 : 0 - source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//subnet?ref=v7.77.0" + source = "./.terraform/modules/__v3__/subnet" name = "${local.project}-wisp-converter-cosmosdb-snet" address_prefixes = var.cidr_subnet_cosmosdb_wisp_converter resource_group_name = local.vnet_resource_group_name diff --git a/src/domains/nodo-common/03_cosmosdb_nodo_re.tf b/src/domains/nodo-common/03_cosmosdb_nodo_re.tf index c1debbf80f..46fd387af4 100644 --- a/src/domains/nodo-common/03_cosmosdb_nodo_re.tf +++ b/src/domains/nodo-common/03_cosmosdb_nodo_re.tf @@ -1,6 +1,6 @@ module "cosmosdb_account_nodo_re" { count = var.enable_nodo_re ? 1 : 0 - source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//cosmosdb_account?ref=v7.77.0" + source = "./.terraform/modules/__v3__/cosmosdb_account" domain = var.domain name = "${local.project}-re-cosmos-nosql-account" location = var.location @@ -37,7 +37,7 @@ module "cosmosdb_account_nodo_re" { # cosmosdb database for nodo_re module "cosmosdb_account_nodo_re_db" { count = var.enable_nodo_re ? 1 : 0 - source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//cosmosdb_sql_database?ref=v7.77.0" + source = "./.terraform/modules/__v3__/cosmosdb_sql_database" name = "nodo_re" resource_group_name = azurerm_resource_group.db_rg.name account_name = var.enable_nodo_re ? module.cosmosdb_account_nodo_re[0].name : "no-account-name" @@ -63,7 +63,7 @@ locals { # cosmosdb container for nodo re datastore module "cosmosdb_account_nodo_re_containers" { - source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//cosmosdb_sql_container?ref=v7.77.0" + source = "./.terraform/modules/__v3__/cosmosdb_sql_container" for_each = { for c in local.nodo_re_containers : c.name => c if var.enable_nodo_re } diff --git a/src/domains/nodo-common/03_cosmosdb_nodo_verifyko.tf b/src/domains/nodo-common/03_cosmosdb_nodo_verifyko.tf index 359238f9b8..7a3c234381 100644 --- a/src/domains/nodo-common/03_cosmosdb_nodo_verifyko.tf +++ b/src/domains/nodo-common/03_cosmosdb_nodo_verifyko.tf @@ -6,7 +6,7 @@ resource "azurerm_resource_group" "nodo_verifyko_to_datastore_rg" { } module "cosmosdb_account_nodo_verifyko" { - source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//cosmosdb_account?ref=v7.77.0" + source = "./.terraform/modules/__v3__/cosmosdb_account" domain = var.domain name = "${local.project}-verifyko-cosmos-account" location = var.location @@ -43,7 +43,7 @@ module "cosmosdb_account_nodo_verifyko" { # cosmosdb database for nodo_verify_ko module "cosmosdb_account_nodo_verifyko_db" { - source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//cosmosdb_sql_database?ref=v7.77.0" + source = "./.terraform/modules/__v3__/cosmosdb_sql_database" name = "nodo_verifyko" resource_group_name = azurerm_resource_group.nodo_verifyko_to_datastore_rg.name account_name = module.cosmosdb_account_nodo_verifyko.name @@ -65,7 +65,7 @@ locals { # cosmosdb container for nodo re datastore module "cosmosdb_account_nodo_verifyko_containers" { - source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//cosmosdb_sql_container?ref=v7.77.0" + source = "./.terraform/modules/__v3__/cosmosdb_sql_container" for_each = { for c in local.nodo_verify_ko_containers : c.name => c } name = each.value.name diff --git a/src/domains/nodo-common/03_cosmosdb_standin.tf b/src/domains/nodo-common/03_cosmosdb_standin.tf index fef6a6ba7d..9bdae7f8c0 100644 --- a/src/domains/nodo-common/03_cosmosdb_standin.tf +++ b/src/domains/nodo-common/03_cosmosdb_standin.tf @@ -1,5 +1,5 @@ module "cosmosdb_account_standin" { - source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//cosmosdb_account?ref=v7.77.0" + source = "./.terraform/modules/__v3__/cosmosdb_account" domain = var.domain name = "${local.project}-standin-cosmos-account" location = var.location @@ -36,7 +36,7 @@ module "cosmosdb_account_standin" { # cosmosdb database for standin module "cosmosdb_account_standin_db" { - source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//cosmosdb_sql_database?ref=v7.77.0" + source = "./.terraform/modules/__v3__/cosmosdb_sql_database" name = "standin" resource_group_name = azurerm_resource_group.standin_rg.name account_name = module.cosmosdb_account_standin.name @@ -79,7 +79,7 @@ locals { # cosmosdb container for stand-in datastore module "cosmosdb_account_standin_containers" { - source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//cosmosdb_sql_container?ref=v7.77.0" + source = "./.terraform/modules/__v3__/cosmosdb_sql_container" for_each = { for c in local.standin_containers : c.name => c } name = each.value.name diff --git a/src/domains/nodo-common/03_cosmosdb_wisp_converter.tf b/src/domains/nodo-common/03_cosmosdb_wisp_converter.tf index 40bed5f733..45c75b4ca6 100644 --- a/src/domains/nodo-common/03_cosmosdb_wisp_converter.tf +++ b/src/domains/nodo-common/03_cosmosdb_wisp_converter.tf @@ -1,17 +1,17 @@ module "cosmosdb_account_wispconv" { count = var.create_wisp_converter ? 1 : 0 - source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//cosmosdb_account?ref=v7.77.0" + source = "./.terraform/modules/__v3__/cosmosdb_account" domain = var.domain name = "${local.project}-wispconv-cosmos-account" location = var.location resource_group_name = azurerm_resource_group.wisp_converter_rg[0].name - offer_type = var.wisp_converter_cosmos_nosql_db_params.offer_type - kind = var.wisp_converter_cosmos_nosql_db_params.kind - capabilities = var.wisp_converter_cosmos_nosql_db_params.capabilities - enable_free_tier = var.wisp_converter_cosmos_nosql_db_params.enable_free_tier - + offer_type = var.wisp_converter_cosmos_nosql_db_params.offer_type + kind = var.wisp_converter_cosmos_nosql_db_params.kind + capabilities = var.wisp_converter_cosmos_nosql_db_params.capabilities + enable_free_tier = var.wisp_converter_cosmos_nosql_db_params.enable_free_tier + burst_capacity_enabled = var.wisp_converter_cosmos_nosql_db_params.burst_capacity_enabled subnet_id = module.cosmosdb_wisp_converter_snet[0].id public_network_access_enabled = var.wisp_converter_cosmos_nosql_db_params.public_network_access_enabled # private endpoint @@ -44,7 +44,7 @@ module "cosmosdb_account_wispconv" { # cosmosdb database for wispconv module "cosmosdb_account_wispconv_db" { count = var.create_wisp_converter ? 1 : 0 - source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//cosmosdb_sql_database?ref=v7.77.0" + source = "./.terraform/modules/__v3__/cosmosdb_sql_database" name = "wispconverter" resource_group_name = azurerm_resource_group.wisp_converter_rg[0].name account_name = module.cosmosdb_account_wispconv[0].name @@ -130,7 +130,7 @@ locals { # cosmosdb container for stand-in datastore module "cosmosdb_account_wispconv_containers" { - source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//cosmosdb_sql_container?ref=v7.77.0" + source = "./.terraform/modules/__v3__/cosmosdb_sql_container" for_each = { for c in local.wispconv_containers : c.name => c if var.create_wisp_converter } name = each.value.name diff --git a/src/domains/nodo-common/03_postgresql.tf b/src/domains/nodo-common/03_postgresql.tf index 105d492e05..ce9928c473 100644 --- a/src/domains/nodo-common/03_postgresql.tf +++ b/src/domains/nodo-common/03_postgresql.tf @@ -17,7 +17,7 @@ data "azurerm_key_vault_secret" "pgres_flex_admin_pwd" { # Postgres Flexible Server subnet module "postgres_flexible_snet" { - source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//subnet?ref=v7.77.0" + source = "./.terraform/modules/__v3__/subnet" name = format("%s-pgres-flexible-snet", local.project) address_prefixes = var.cidr_subnet_flex_dbms resource_group_name = data.azurerm_resource_group.rg_vnet.name @@ -37,7 +37,7 @@ module "postgres_flexible_snet" { } module "postgres_flexible_server" { - source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//postgres_flexible_server?ref=v7.77.0" + source = "./.terraform/modules/__v3__/postgres_flexible_server" name = format("%s-flexible-postgresql", local.project) location = azurerm_resource_group.db_rg.location resource_group_name = azurerm_resource_group.db_rg.name diff --git a/src/domains/nodo-common/03_postgresql_replica.tf b/src/domains/nodo-common/03_postgresql_replica.tf index f560cd827c..7d7fb58bd1 100644 --- a/src/domains/nodo-common/03_postgresql_replica.tf +++ b/src/domains/nodo-common/03_postgresql_replica.tf @@ -2,7 +2,7 @@ ## Postgres Flexible Server subnet module "postgres_flexible_snet_replica" { count = var.geo_replica_enabled ? 1 : 0 - source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//subnet?ref=v7.77.0" + source = "./.terraform/modules/__v3__/subnet" name = "${local.project_replica}-pgres-flexible-snet" address_prefixes = var.geo_replica_cidr_subnet_postgresql resource_group_name = data.azurerm_resource_group.rg_vnet.name @@ -24,7 +24,7 @@ module "postgres_flexible_snet_replica" { module "postgresql_nodo_replica_db" { - source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//postgres_flexible_server_replica?ref=v7.77.0" + source = "./.terraform/modules/__v3__/postgres_flexible_server_replica" count = var.geo_replica_enabled ? 1 : 0 name = "${local.project_replica}-flexible-postgresql" @@ -51,27 +51,13 @@ module "postgresql_nodo_replica_db" { } -resource "null_resource" "virtual_endpoint" { - count = var.geo_replica_enabled ? 1 : 0 - triggers = { - rg_name = azurerm_resource_group.db_rg.name - primary_server_name = module.postgres_flexible_server.name - ve_name = "${local.project}-pgflex-ve" - member_name = module.postgresql_nodo_replica_db[0].name - } - - provisioner "local-exec" { - command = <--github--identity prefix = var.prefix env_short = var.env_short @@ -91,7 +91,7 @@ module "identity_cd_01" { # create a module for each 20 repos module "identity_ci_01" { count = var.env_short == "p" ? 0 : 1 - source = "github.com/pagopa/terraform-azurerm-v3//github_federated_identity?ref=v7.77.0" + source = "./.terraform/modules/__v3__/github_federated_identity" # pagopa---github--identity prefix = var.prefix env_short = var.env_short diff --git a/src/domains/nodo-common/99_main.tf b/src/domains/nodo-common/99_main.tf index b4a5085fb6..97705252dc 100644 --- a/src/domains/nodo-common/99_main.tf +++ b/src/domains/nodo-common/99_main.tf @@ -10,7 +10,7 @@ terraform { } azurerm = { source = "hashicorp/azurerm" - version = "<= 3.95.0" + version = ">= 3.116.0, < 4.0.0" } null = { source = "hashicorp/null" @@ -22,6 +22,7 @@ terraform { } provider "azurerm" { + skip_provider_registration = true features { key_vault { purge_soft_delete_on_destroy = false @@ -32,3 +33,9 @@ provider "azurerm" { data "azurerm_subscription" "current" {} data "azurerm_client_config" "current" {} + + +module "__v3__" { + # 8.65.0 + source = "git::https://github.com/pagopa/terraform-azurerm-v3?ref=47ac1373640adf1653d19898e2c4237d25bcf861" +} diff --git a/src/domains/nodo-common/99_variables.tf b/src/domains/nodo-common/99_variables.tf index 3c3fdf5228..29c6661895 100644 --- a/src/domains/nodo-common/99_variables.tf +++ b/src/domains/nodo-common/99_variables.tf @@ -352,6 +352,8 @@ variable "wisp_converter_cosmos_nosql_db_params" { offer_type = string server_version = string kind = string + + burst_capacity_enabled = bool consistency_policy = object({ consistency_level = string max_interval_in_seconds = number diff --git a/src/domains/nodo-common/README.md b/src/domains/nodo-common/README.md index b13018d719..95f831a4c1 100644 --- a/src/domains/nodo-common/README.md +++ b/src/domains/nodo-common/README.md @@ -6,42 +6,43 @@ |------|---------| | [azapi](#requirement\_azapi) | <= 1.3.0 | | [azuread](#requirement\_azuread) | <= 2.21.0 | -| [azurerm](#requirement\_azurerm) | <= 3.95.0 | +| [azurerm](#requirement\_azurerm) | >= 3.116.0, < 4.0.0 | | [null](#requirement\_null) | <= 3.2.1 | ## Modules | Name | Source | Version | |------|--------|---------| -| [cosmosdb\_account\_nodo\_re](#module\_cosmosdb\_account\_nodo\_re) | git::https://github.com/pagopa/terraform-azurerm-v3.git//cosmosdb_account | v7.77.0 | -| [cosmosdb\_account\_nodo\_re\_containers](#module\_cosmosdb\_account\_nodo\_re\_containers) | git::https://github.com/pagopa/terraform-azurerm-v3.git//cosmosdb_sql_container | v7.77.0 | -| [cosmosdb\_account\_nodo\_re\_db](#module\_cosmosdb\_account\_nodo\_re\_db) | git::https://github.com/pagopa/terraform-azurerm-v3.git//cosmosdb_sql_database | v7.77.0 | -| [cosmosdb\_account\_nodo\_verifyko](#module\_cosmosdb\_account\_nodo\_verifyko) | git::https://github.com/pagopa/terraform-azurerm-v3.git//cosmosdb_account | v7.77.0 | -| [cosmosdb\_account\_nodo\_verifyko\_containers](#module\_cosmosdb\_account\_nodo\_verifyko\_containers) | git::https://github.com/pagopa/terraform-azurerm-v3.git//cosmosdb_sql_container | v7.77.0 | -| [cosmosdb\_account\_nodo\_verifyko\_db](#module\_cosmosdb\_account\_nodo\_verifyko\_db) | git::https://github.com/pagopa/terraform-azurerm-v3.git//cosmosdb_sql_database | v7.77.0 | -| [cosmosdb\_account\_standin](#module\_cosmosdb\_account\_standin) | git::https://github.com/pagopa/terraform-azurerm-v3.git//cosmosdb_account | v7.77.0 | -| [cosmosdb\_account\_standin\_containers](#module\_cosmosdb\_account\_standin\_containers) | git::https://github.com/pagopa/terraform-azurerm-v3.git//cosmosdb_sql_container | v7.77.0 | -| [cosmosdb\_account\_standin\_db](#module\_cosmosdb\_account\_standin\_db) | git::https://github.com/pagopa/terraform-azurerm-v3.git//cosmosdb_sql_database | v7.77.0 | -| [cosmosdb\_account\_wispconv](#module\_cosmosdb\_account\_wispconv) | git::https://github.com/pagopa/terraform-azurerm-v3.git//cosmosdb_account | v7.77.0 | -| [cosmosdb\_account\_wispconv\_containers](#module\_cosmosdb\_account\_wispconv\_containers) | git::https://github.com/pagopa/terraform-azurerm-v3.git//cosmosdb_sql_container | v7.77.0 | -| [cosmosdb\_account\_wispconv\_db](#module\_cosmosdb\_account\_wispconv\_db) | git::https://github.com/pagopa/terraform-azurerm-v3.git//cosmosdb_sql_database | v7.77.0 | -| [cosmosdb\_nodo\_re\_snet](#module\_cosmosdb\_nodo\_re\_snet) | git::https://github.com/pagopa/terraform-azurerm-v3.git//subnet | v7.77.0 | -| [cosmosdb\_nodo\_verifyko\_snet](#module\_cosmosdb\_nodo\_verifyko\_snet) | git::https://github.com/pagopa/terraform-azurerm-v3.git//subnet | v7.77.0 | -| [cosmosdb\_standin\_snet](#module\_cosmosdb\_standin\_snet) | git::https://github.com/pagopa/terraform-azurerm-v3.git//subnet | v7.77.0 | -| [cosmosdb\_wisp\_converter\_snet](#module\_cosmosdb\_wisp\_converter\_snet) | git::https://github.com/pagopa/terraform-azurerm-v3.git//subnet | v7.77.0 | -| [identity\_cd\_01](#module\_identity\_cd\_01) | github.com/pagopa/terraform-azurerm-v3//github_federated_identity | v7.77.0 | -| [identity\_ci\_01](#module\_identity\_ci\_01) | github.com/pagopa/terraform-azurerm-v3//github_federated_identity | v7.77.0 | -| [nodo\_cfg\_sync\_re\_storage\_account](#module\_nodo\_cfg\_sync\_re\_storage\_account) | git::https://github.com/pagopa/terraform-azurerm-v3.git//storage_account | v7.77.0 | -| [nodo\_re\_storage\_account](#module\_nodo\_re\_storage\_account) | git::https://github.com/pagopa/terraform-azurerm-v3.git//storage_account | v7.77.0 | -| [nodo\_storico\_storage\_account](#module\_nodo\_storico\_storage\_account) | git::https://github.com/pagopa/terraform-azurerm-v3.git//storage_account | v7.77.0 | -| [nodo\_verifyko\_storage\_account](#module\_nodo\_verifyko\_storage\_account) | git::https://github.com/pagopa/terraform-azurerm-v3.git//storage_account | v7.77.0 | -| [postgres\_flexible\_server](#module\_postgres\_flexible\_server) | git::https://github.com/pagopa/terraform-azurerm-v3.git//postgres_flexible_server | v7.77.0 | -| [postgres\_flexible\_snet](#module\_postgres\_flexible\_snet) | git::https://github.com/pagopa/terraform-azurerm-v3.git//subnet | v7.77.0 | -| [postgres\_flexible\_snet\_replica](#module\_postgres\_flexible\_snet\_replica) | git::https://github.com/pagopa/terraform-azurerm-v3.git//subnet | v7.77.0 | -| [postgresql\_nodo\_replica\_db](#module\_postgresql\_nodo\_replica\_db) | git::https://github.com/pagopa/terraform-azurerm-v3.git//postgres_flexible_server_replica | v7.77.0 | -| [sftp](#module\_sftp) | git::https://github.com/pagopa/terraform-azurerm-v3.git//storage_account | v7.77.0 | -| [storage\_account\_snet](#module\_storage\_account\_snet) | git::https://github.com/pagopa/terraform-azurerm-v3.git//subnet | v7.77.0 | -| [wisp\_converter\_storage\_account](#module\_wisp\_converter\_storage\_account) | git::https://github.com/pagopa/terraform-azurerm-v3.git//storage_account | v7.77.0 | +| [\_\_v3\_\_](#module\_\_\_v3\_\_) | git::https://github.com/pagopa/terraform-azurerm-v3 | 47ac1373640adf1653d19898e2c4237d25bcf861 | +| [cosmosdb\_account\_nodo\_re](#module\_cosmosdb\_account\_nodo\_re) | ./.terraform/modules/__v3__/cosmosdb_account | n/a | +| [cosmosdb\_account\_nodo\_re\_containers](#module\_cosmosdb\_account\_nodo\_re\_containers) | ./.terraform/modules/__v3__/cosmosdb_sql_container | n/a | +| [cosmosdb\_account\_nodo\_re\_db](#module\_cosmosdb\_account\_nodo\_re\_db) | ./.terraform/modules/__v3__/cosmosdb_sql_database | n/a | +| [cosmosdb\_account\_nodo\_verifyko](#module\_cosmosdb\_account\_nodo\_verifyko) | ./.terraform/modules/__v3__/cosmosdb_account | n/a | +| [cosmosdb\_account\_nodo\_verifyko\_containers](#module\_cosmosdb\_account\_nodo\_verifyko\_containers) | ./.terraform/modules/__v3__/cosmosdb_sql_container | n/a | +| [cosmosdb\_account\_nodo\_verifyko\_db](#module\_cosmosdb\_account\_nodo\_verifyko\_db) | ./.terraform/modules/__v3__/cosmosdb_sql_database | n/a | +| [cosmosdb\_account\_standin](#module\_cosmosdb\_account\_standin) | ./.terraform/modules/__v3__/cosmosdb_account | n/a | +| [cosmosdb\_account\_standin\_containers](#module\_cosmosdb\_account\_standin\_containers) | ./.terraform/modules/__v3__/cosmosdb_sql_container | n/a | +| [cosmosdb\_account\_standin\_db](#module\_cosmosdb\_account\_standin\_db) | ./.terraform/modules/__v3__/cosmosdb_sql_database | n/a | +| [cosmosdb\_account\_wispconv](#module\_cosmosdb\_account\_wispconv) | ./.terraform/modules/__v3__/cosmosdb_account | n/a | +| [cosmosdb\_account\_wispconv\_containers](#module\_cosmosdb\_account\_wispconv\_containers) | ./.terraform/modules/__v3__/cosmosdb_sql_container | n/a | +| [cosmosdb\_account\_wispconv\_db](#module\_cosmosdb\_account\_wispconv\_db) | ./.terraform/modules/__v3__/cosmosdb_sql_database | n/a | +| [cosmosdb\_nodo\_re\_snet](#module\_cosmosdb\_nodo\_re\_snet) | ./.terraform/modules/__v3__/subnet | n/a | +| [cosmosdb\_nodo\_verifyko\_snet](#module\_cosmosdb\_nodo\_verifyko\_snet) | ./.terraform/modules/__v3__/subnet | n/a | +| [cosmosdb\_standin\_snet](#module\_cosmosdb\_standin\_snet) | ./.terraform/modules/__v3__/subnet | n/a | +| [cosmosdb\_wisp\_converter\_snet](#module\_cosmosdb\_wisp\_converter\_snet) | ./.terraform/modules/__v3__/subnet | n/a | +| [identity\_cd\_01](#module\_identity\_cd\_01) | ./.terraform/modules/__v3__/github_federated_identity | n/a | +| [identity\_ci\_01](#module\_identity\_ci\_01) | ./.terraform/modules/__v3__/github_federated_identity | n/a | +| [nodo\_cfg\_sync\_re\_storage\_account](#module\_nodo\_cfg\_sync\_re\_storage\_account) | ./.terraform/modules/__v3__/storage_account | n/a | +| [nodo\_re\_storage\_account](#module\_nodo\_re\_storage\_account) | ./.terraform/modules/__v3__/storage_account | n/a | +| [nodo\_storico\_storage\_account](#module\_nodo\_storico\_storage\_account) | ./.terraform/modules/__v3__/storage_account | n/a | +| [nodo\_verifyko\_storage\_account](#module\_nodo\_verifyko\_storage\_account) | ./.terraform/modules/__v3__/storage_account | n/a | +| [postgres\_flexible\_server](#module\_postgres\_flexible\_server) | ./.terraform/modules/__v3__/postgres_flexible_server | n/a | +| [postgres\_flexible\_snet](#module\_postgres\_flexible\_snet) | ./.terraform/modules/__v3__/subnet | n/a | +| [postgres\_flexible\_snet\_replica](#module\_postgres\_flexible\_snet\_replica) | ./.terraform/modules/__v3__/subnet | n/a | +| [postgresql\_nodo\_replica\_db](#module\_postgresql\_nodo\_replica\_db) | ./.terraform/modules/__v3__/postgres_flexible_server_replica | n/a | +| [sftp](#module\_sftp) | ./.terraform/modules/__v3__/storage_account | n/a | +| [storage\_account\_snet](#module\_storage\_account\_snet) | ./.terraform/modules/__v3__/subnet | n/a | +| [wisp\_converter\_storage\_account](#module\_wisp\_converter\_storage\_account) | ./.terraform/modules/__v3__/storage_account | n/a | ## Resources @@ -97,6 +98,7 @@ | [azurerm_postgresql_flexible_server_configuration.nodo_db_flex_min_pool_size](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_flexible_server_configuration) | resource | | [azurerm_postgresql_flexible_server_database.nodo_db](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_flexible_server_database) | resource | | [azurerm_postgresql_flexible_server_database.nodo_replica_db](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_flexible_server_database) | resource | +| [azurerm_postgresql_flexible_server_virtual_endpoint.virtual_endpoint](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_flexible_server_virtual_endpoint) | resource | | [azurerm_private_dns_a_record.data_factory_a_record](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_dns_a_record) | resource | | [azurerm_private_dns_a_record.ingress](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_dns_a_record) | resource | | [azurerm_private_dns_cname_record.cname_record](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_dns_cname_record) | resource | @@ -109,7 +111,9 @@ | [azurerm_private_endpoint.nodo_verifyko_private_endpoint_blob](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_endpoint) | resource | | [azurerm_private_endpoint.nodo_verifyko_private_endpoint_table](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_endpoint) | resource | | [azurerm_private_endpoint.sftp_blob](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_endpoint) | resource | +| [azurerm_private_endpoint.wispconv_private_endpoint_blob](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_endpoint) | resource | | [azurerm_private_endpoint.wispconv_private_endpoint_container](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_endpoint) | resource | +| [azurerm_private_endpoint.wispconv_private_endpoint_table](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_endpoint) | resource | | [azurerm_resource_group.data_factory_rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource | | [azurerm_resource_group.db_rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource | | [azurerm_resource_group.nodo_cfg_sync_rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource | @@ -134,7 +138,6 @@ | [azurerm_storage_table.wisp_converter_table](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_table) | resource | | [null_resource.github_runner_app_permissions_to_namespace_cd_01](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource | | [null_resource.github_runner_app_permissions_to_namespace_ci_01](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource | -| [null_resource.virtual_endpoint](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource | | [azuread_group.adgroup_admin](https://registry.terraform.io/providers/hashicorp/azuread/latest/docs/data-sources/group) | data source | | [azuread_group.adgroup_developers](https://registry.terraform.io/providers/hashicorp/azuread/latest/docs/data-sources/group) | data source | | [azuread_group.adgroup_externals](https://registry.terraform.io/providers/hashicorp/azuread/latest/docs/data-sources/group) | data source | @@ -238,7 +241,7 @@ | [storage\_account\_snet\_private\_link\_service\_network\_policies\_enabled](#input\_storage\_account\_snet\_private\_link\_service\_network\_policies\_enabled) | If true, create a private link service | `bool` | `true` | no | | [tags](#input\_tags) | n/a | `map(any)` | 
{
  "CreatedBy": "Terraform"
}
| no | | [verifyko\_cosmos\_nosql\_db\_params](#input\_verifyko\_cosmos\_nosql\_db\_params) | n/a | 
object({
    capabilities   = list(string)
    offer_type     = string
    server_version = string
    kind           = string
    consistency_policy = object({
      consistency_level       = string
      max_interval_in_seconds = number
      max_staleness_prefix    = number
    })
    main_geo_location_zone_redundant = bool
    enable_free_tier                 = bool
    additional_geo_locations = list(object({
      location          = string
      failover_priority = number
      zone_redundant    = bool
    }))
    private_endpoint_enabled          = bool
    public_network_access_enabled     = bool
    is_virtual_network_filter_enabled = bool
    backup_continuous_enabled         = bool
    events_ttl                        = number
    max_throughput                    = number
  })
| n/a | yes | -| [wisp\_converter\_cosmos\_nosql\_db\_params](#input\_wisp\_converter\_cosmos\_nosql\_db\_params) | n/a | 
object({
    capabilities   = list(string)
    offer_type     = string
    server_version = string
    kind           = string
    consistency_policy = object({
      consistency_level       = string
      max_interval_in_seconds = number
      max_staleness_prefix    = number
    })
    main_geo_location_zone_redundant = bool
    enable_free_tier                 = bool
    additional_geo_locations = list(object({
      location          = string
      failover_priority = number
      zone_redundant    = bool
    }))
    private_endpoint_enabled          = bool
    public_network_access_enabled     = bool
    is_virtual_network_filter_enabled = bool
    backup_continuous_enabled         = bool

    data_ttl                           = number
    data_max_throughput                = number
    re_ttl                             = number
    re_max_throughput                  = number
    receipt_ttl                        = number
    receipt_max_throughput             = number
    receipt_dead_letter_ttl            = number
    receipt_dead_letter_max_throughput = number
    idempotency_ttl                    = number
    idempotency_max_throughput         = number
    rt_ttl                             = number
    rt_max_throughput                  = number
    configuration_ttl                  = number
    configuration_max_throughput       = number
    report_ttl                         = number
    report_max_throughput              = number
    nav2iuv_mapping_ttl                = number
    nav2iuv_mapping_max_throughput     = number
  })
| n/a | yes | +| [wisp\_converter\_cosmos\_nosql\_db\_params](#input\_wisp\_converter\_cosmos\_nosql\_db\_params) | n/a | 
object({
    capabilities   = list(string)
    offer_type     = string
    server_version = string
    kind           = string

    burst_capacity_enabled = bool
    consistency_policy = object({
      consistency_level       = string
      max_interval_in_seconds = number
      max_staleness_prefix    = number
    })
    main_geo_location_zone_redundant = bool
    enable_free_tier                 = bool
    additional_geo_locations = list(object({
      location          = string
      failover_priority = number
      zone_redundant    = bool
    }))
    private_endpoint_enabled          = bool
    public_network_access_enabled     = bool
    is_virtual_network_filter_enabled = bool
    backup_continuous_enabled         = bool

    data_ttl                           = number
    data_max_throughput                = number
    re_ttl                             = number
    re_max_throughput                  = number
    receipt_ttl                        = number
    receipt_max_throughput             = number
    receipt_dead_letter_ttl            = number
    receipt_dead_letter_max_throughput = number
    idempotency_ttl                    = number
    idempotency_max_throughput         = number
    rt_ttl                             = number
    rt_max_throughput                  = number
    configuration_ttl                  = number
    configuration_max_throughput       = number
    report_ttl                         = number
    report_max_throughput              = number
    nav2iuv_mapping_ttl                = number
    nav2iuv_mapping_max_throughput     = number
  })
| n/a | yes | | [wisp\_converter\_storage\_account](#input\_wisp\_converter\_storage\_account) | n/a | 
object({
    account_kind                  = string
    account_tier                  = string
    account_replication_type      = string
    advanced_threat_protection    = bool
    blob_delete_retention_days    = number
    blob_versioning_enabled       = bool
    public_network_access_enabled = bool
    backup_enabled                = bool
    backup_retention_days         = number
  })
| n/a | yes | ## Outputs diff --git a/src/domains/nodo-common/env/weu-dev/terraform.tfvars b/src/domains/nodo-common/env/weu-dev/terraform.tfvars index cf396b3050..8661edaeed 100644 --- a/src/domains/nodo-common/env/weu-dev/terraform.tfvars +++ b/src/domains/nodo-common/env/weu-dev/terraform.tfvars @@ -205,8 +205,8 @@ wisp_converter_cosmos_nosql_db_params = { private_endpoint_enabled = false public_network_access_enabled = true is_virtual_network_filter_enabled = false - - backup_continuous_enabled = false + burst_capacity_enabled = true + backup_continuous_enabled = false data_ttl = 259200 # 3 days in second data_max_throughput = 400 diff --git a/src/domains/nodo-common/env/weu-prod/terraform.tfvars b/src/domains/nodo-common/env/weu-prod/terraform.tfvars index 263da5f77c..32513152a0 100644 --- a/src/domains/nodo-common/env/weu-prod/terraform.tfvars +++ b/src/domains/nodo-common/env/weu-prod/terraform.tfvars @@ -37,13 +37,13 @@ cidr_subnet_storage_account = ["10.1.137.16/29"] pgres_flex_params = { enabled = true - sku_name = "GP_Standard_D16ds_v4" + sku_name = "GP_Standard_D8ds_v4" db_version = "13" # Possible values are 32768, 65536, 131072, 262144, 524288, 1048576, # 2097152, 4194304, 8388608, 16777216, and 33554432. storage_mb = 1048576 - zone = 1 - standby_ha_zone = 2 + zone = 2 + standby_ha_zone = 1 backup_retention_days = 30 geo_redundant_backup_enabled = true create_mode = "Default" @@ -219,12 +219,13 @@ wisp_converter_cosmos_nosql_db_params = { is_virtual_network_filter_enabled = true backup_continuous_enabled = true + burst_capacity_enabled = true data_ttl = 10368000 # 120 days in second data_max_throughput = 2000 re_ttl = 31536000 # 1 year in second - re_max_throughput = 10000 - receipt_ttl = -1 # max + re_max_throughput = 25000 # aligned to prod actual value + receipt_ttl = -1 # max receipt_max_throughput = 2000 receipt_dead_letter_ttl = 7884000 # 3 months in second receipt_dead_letter_max_throughput = 1000 diff --git a/src/domains/nodo-common/env/weu-uat/terraform.tfvars b/src/domains/nodo-common/env/weu-uat/terraform.tfvars index 1bd229f567..f7d3837f3f 100644 --- a/src/domains/nodo-common/env/weu-uat/terraform.tfvars +++ b/src/domains/nodo-common/env/weu-uat/terraform.tfvars @@ -205,6 +205,7 @@ wisp_converter_cosmos_nosql_db_params = { public_network_access_enabled = false is_virtual_network_filter_enabled = true + burst_capacity_enabled = true backup_continuous_enabled = false data_ttl = 2592000 # 30 days in second From 856d8f1f996e76eb06102f058b9e5d01a009e3c6 Mon Sep 17 00:00:00 2001 From: gioelemella <128155546+gioelemella@users.noreply.github.com> Date: Thu, 19 Dec 2024 13:38:50 +0100 Subject: [PATCH 5/5] =?UTF-8?q?feat:=20Add=20enabled=20`workload=5Fidentit?= =?UTF-8?q?y`=F0=9F=87=AE=F0=9F=87=B9=20+=20apply=20payopt=20prod=20+=20ap?= =?UTF-8?q?ply=20mock=20payopt=20dev=20and=20uat=20(#2682)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * defined OdP uat test mock * enabled workload_identity ita + apply payopt prod + apply mock payopt dev and uat --------- Co-authored-by: pasqualespica Co-authored-by: Pasquale Spica <36746022+pasqualespica@users.noreply.github.com> --- .../env/itn-prod/terraform.tfvars | 2 +- .../payopt-app/04_apim_payment_options.tf | 2 +- .../04_apim_payment_options_mock.tf | 9 +- src/domains/payopt-app/05_subkey.tf | 12 + src/domains/payopt-app/06_keyvault.tf | 1 + src/domains/payopt-app/99_variables.tf | 2 - ...ml => _get_payment_options_dev_policy.xml} | 0 .../_get_payment_options_uat_policy.xml | 444 ++++++++++++++++++ .../payopt-app/env/itn-dev/terraform.tfvars | 1 - .../payopt-app/env/itn-prod/terraform.tfvars | 1 - .../payopt-app/env/itn-uat/terraform.tfvars | 1 - src/domains/payopt-common/.terraform.lock.hcl | 56 +-- .../env/itn-dev/terraform.tfvars | 94 ++-- .../env/itn-prod/terraform.tfvars | 96 ++-- .../env/itn-uat/terraform.tfvars | 94 ++-- .../env/itn-dev/terraform.tfvars | 4 - .../env/itn-prod/terraform.tfvars | 14 +- .../env/itn-uat/terraform.tfvars | 7 +- .../secret/itn-prod/noedit_secret_enc.json | 22 + 19 files changed, 663 insertions(+), 199 deletions(-) rename src/domains/payopt-app/api/payment-options-mock/{_get_payment_options_policy.xml => _get_payment_options_dev_policy.xml} (100%) create mode 100644 src/domains/payopt-app/api/payment-options-mock/_get_payment_options_uat_policy.xml create mode 100644 src/domains/payopt-secrets/secret/itn-prod/noedit_secret_enc.json diff --git a/src/aks-leonardo/env/itn-prod/terraform.tfvars b/src/aks-leonardo/env/itn-prod/terraform.tfvars index c6997560ea..b67233a34c 100644 --- a/src/aks-leonardo/env/itn-prod/terraform.tfvars +++ b/src/aks-leonardo/env/itn-prod/terraform.tfvars @@ -43,7 +43,7 @@ aks_private_cluster_enabled = true aks_alerts_enabled = false aks_kubernetes_version = "1.29.4" aks_sku_tier = "Standard" -aks_enable_workload_identity = false +aks_enable_workload_identity = true aks_system_node_pool = { name = "papaksleosys", diff --git a/src/domains/payopt-app/04_apim_payment_options.tf b/src/domains/payopt-app/04_apim_payment_options.tf index 3e7f22da2e..e72a136a7c 100644 --- a/src/domains/payopt-app/04_apim_payment_options.tf +++ b/src/domains/payopt-app/04_apim_payment_options.tf @@ -19,7 +19,7 @@ module "apim_payment_options_product" { published = false subscription_required = true approval_required = false - # subscriptions_limit = 1000 + subscriptions_limit = 1000 policy_xml = file("./api_product/_base_policy.xml") } diff --git a/src/domains/payopt-app/04_apim_payment_options_mock.tf b/src/domains/payopt-app/04_apim_payment_options_mock.tf index e142259ae6..e8ce68f80f 100644 --- a/src/domains/payopt-app/04_apim_payment_options_mock.tf +++ b/src/domains/payopt-app/04_apim_payment_options_mock.tf @@ -7,7 +7,7 @@ locals { module "apim_payment_options_mock_product" { source = "./.terraform/modules/__v3__/api_management_product" - count = var.is_feature_enabled.paymentoptions_mock ? 1 : 0 + count = var.env_short != "p" ? 1 : 0 product_id = "pagopa-payment-options-mock" display_name = local.apim_payment_options_mock_pagopa_api.display_name @@ -25,7 +25,7 @@ module "apim_payment_options_mock_product" { } resource "azurerm_api_management_api_version_set" "payment_options_mock_api" { - count = var.is_feature_enabled.paymentoptions_mock ? 1 : 0 + count = var.env_short != "p" ? 1 : 0 name = format("%s-payment-options-mock-api", var.env_short) resource_group_name = local.pagopa_apim_rg @@ -34,10 +34,9 @@ resource "azurerm_api_management_api_version_set" "payment_options_mock_api" { versioning_scheme = "Segment" } - module "apim_api_pay_opt_mock_api" { source = "./.terraform/modules/__v3__/api_management_api" - count = var.is_feature_enabled.paymentoptions_mock ? 1 : 0 + count = var.env_short != "p" ? 1 : 0 name = format("%s-pay-opt-mock-api", local.project) api_management_name = local.pagopa_apim_name @@ -65,7 +64,7 @@ module "apim_api_pay_opt_mock_api" { api_operation_policies = [ { operation_id = "get-payment-options", - xml_content = templatefile("./api/payment-options-mock/_get_payment_options_policy.xml", { + xml_content = templatefile("./api/payment-options-mock/_get_payment_options_${var.env}_policy.xml", { hostname = local.hostname }) }, diff --git a/src/domains/payopt-app/05_subkey.tf b/src/domains/payopt-app/05_subkey.tf index 15fba182f4..e002ccfc97 100644 --- a/src/domains/payopt-app/05_subkey.tf +++ b/src/domains/payopt-app/05_subkey.tf @@ -16,7 +16,18 @@ resource "azurerm_api_management_subscription" "forwarder_subkey" { state = "active" } +# use for testing ( perf ) + +data "azurerm_api_management_user" "user_demo" { + count = var.env_short != "p" ? 1 : 0 + # DEV -> 99999000001 PSP Signed Direct + # UAT -> 99999000011 PSP DEMO + user_id = var.env_short == "u" ? "349fab55-1fe5-4b89-92ac-5bdeabe3010e" : "2d6fe3c6-5656-43c8-afd4-ccf2bb352cec" + api_management_name = data.azurerm_api_management.apim.name + resource_group_name = data.azurerm_api_management.apim.resource_group_name +} resource "azurerm_api_management_subscription" "service_payment_options_subkey" { + depends_on = [ data.azurerm_api_management_user.user_demo ] count = var.env_short != "p" ? 1 : 0 api_management_name = data.azurerm_api_management.apim.name @@ -25,6 +36,7 @@ resource "azurerm_api_management_subscription" "service_payment_options_subkey" display_name = "Subscription for Payments Options APIM" allow_tracing = false state = "active" + user_id = data.azurerm_api_management_user.user_demo[0].id # https://github.com/pagopa/pagopa-payment-options-service/blob/9d2682c700f72cfe3693a8a8a902b72fc8433af5/infra/policy/_get_payment_options_policy.xml#L13 } diff --git a/src/domains/payopt-app/06_keyvault.tf b/src/domains/payopt-app/06_keyvault.tf index 83f09e182e..8c6e2f8fd0 100644 --- a/src/domains/payopt-app/06_keyvault.tf +++ b/src/domains/payopt-app/06_keyvault.tf @@ -67,6 +67,7 @@ resource "azurerm_key_vault_secret" "forwarder_subscription_key" { key_vault_id = data.azurerm_key_vault.kv.id } +# using for test resource "azurerm_key_vault_secret" "service_payment_options_subscription_key" { count = var.env_short != "p" ? 1 : 0 diff --git a/src/domains/payopt-app/99_variables.tf b/src/domains/payopt-app/99_variables.tf index b2c2b38a27..d2bb30b1e9 100644 --- a/src/domains/payopt-app/99_variables.tf +++ b/src/domains/payopt-app/99_variables.tf @@ -72,11 +72,9 @@ variable "tags" { variable "is_feature_enabled" { type = object({ paymentoptions = bool - paymentoptions_mock = bool }) default = { paymentoptions = false - paymentoptions_mock = false } } ### External resources diff --git a/src/domains/payopt-app/api/payment-options-mock/_get_payment_options_policy.xml b/src/domains/payopt-app/api/payment-options-mock/_get_payment_options_dev_policy.xml similarity index 100% rename from src/domains/payopt-app/api/payment-options-mock/_get_payment_options_policy.xml rename to src/domains/payopt-app/api/payment-options-mock/_get_payment_options_dev_policy.xml diff --git a/src/domains/payopt-app/api/payment-options-mock/_get_payment_options_uat_policy.xml b/src/domains/payopt-app/api/payment-options-mock/_get_payment_options_uat_policy.xml new file mode 100644 index 0000000000..136339054b --- /dev/null +++ b/src/domains/payopt-app/api/payment-options-mock/_get_payment_options_uat_policy.xml @@ -0,0 +1,444 @@ + + + + + + + + + + + + + + application/json + + + + + { + "paTaxCode": "99999000013", + "paFullName": "EC", + "paOfficeName": "EC", + "paymentOptions": [ + { + "description": "Test PayOpt - Opzione 1 - Soluzione Unica", + "numberOfInstallments": 1, + "amount": 120, + "dueDate": "2024-10-30T23:59:59", + "validFrom":"2024-09-30T23:59:59", + "status":"PO_UNPAID", + "statusReason":"Non pagato", + "allCCP": "false", + "installments": [ + { + "nav": "311111111111111112", + "iuv": "11111111111111112", + "amount": 120, + "description": "Test Opt Inst - soluzione unica", + "dueDate": "2024-10-30T23:59:59", + "validFrom":"2024-09-30T23:59:59", + "status":"POI_UNPAID", + "statusReason":"Non pagato" + } + ] + }, + { + "description": "Test PayOpt - Opzione 2 - Piano Rateale", + "numberOfInstallments": 3, + "amount": 120, + "dueDate": "2024-12-31T23:59:59", + "validFrom":"2024-09-30T23:59:59", + "status":"PO_UNPAID", + "statusReason":"Non pagatp", + "allCCP": "false", + "installments": [ + { + "nav": "311111111111111113", + "iuv": "11111111111111113", + "amount": 40, + "description": "rata 1", + "dueDate": "2024-10-31T23:59:59", + "validFrom":"2024-09-30T23:59:59", + "status":"POI_UNPAID", + "statusReason":"Non pagato" + }, + { + "nav": "311111111111111114", + "iuv": "311111111111111114", + "amount": 40, + "description": "rata 2", + "dueDate": "2024-11-31T23:59:59", + "validFrom":"2024-09-30T23:59:59", + "status":"POI_UNPAID", + "statusReason":"Non pagato" + }, + { + "nav": "311111111111111115", + "iuv": "11111111111111115", + "amount": 40, + "description": "rata 3", + "dueDate": "2024-12-31T23:59:59", + "validFrom":"2024-09-30T23:59:59", + "status":"POI_UNPAID", + "statusReason":"Non pagato" + } + ] + } + ] + } + + + + + { + "paTaxCode": "99999000013", + "paFullName": "EC", + "paOfficeName": "EC", + "paymentOptions": [ + { + "description": "Test PayOpt - Opzione 1 - Soluzione Unica", + "numberOfInstallments": 1, + "amount": 120, + "dueDate": "2024-10-30T23:59:59", + "validFrom":"2024-09-30T23:59:59", + "status":"PO_UNPAID", + "statusReason":"Non pagato", + "allCCP": "false", + "installments": [ + { + "nav": "311111111111111112", + "iuv": "11111111111111112", + "amount": 120, + "description": "Test Opt Inst - soluzione unica", + "dueDate": "2024-10-30T23:59:59", + "validFrom":"2024-09-30T23:59:59", + "status":"POI_UNPAID", + "statusReason":"Non pagato" + } + ] + }, + { + "description": "Test PayOpt - Opzione 2 - Piano Rateale", + "numberOfInstallments": 3, + "amount": 120, + "dueDate": "2024-12-31T23:59:59", + "validFrom":"2024-09-30T23:59:59", + "status":"PO_UNPAID", + "statusReason":"Non pagatp", + "allCCP": "false", + "installments": [ + { + "nav": "311111111111111113", + "iuv": "11111111111111113", + "amount": 40, + "description": "rata 1", + "dueDate": "2024-10-31T23:59:59", + "validFrom":"2024-09-30T23:59:59", + "status":"POI_UNPAID", + "statusReason":"Non pagato" + }, + { + "nav": "311111111111111114", + "iuv": "311111111111111114", + "amount": 40, + "description": "rata 2", + "dueDate": "2024-11-31T23:59:59", + "validFrom":"2024-09-30T23:59:59", + "status":"POI_UNPAID", + "statusReason":"Non pagato" + }, + { + "nav": "311111111111111115", + "iuv": "11111111111111115", + "amount": 40, + "description": "rata 3", + "dueDate": "2024-12-31T23:59:59", + "validFrom":"2024-09-30T23:59:59", + "status":"POI_UNPAID", + "statusReason":"Non pagato" + } + ] + }, + { + "description": "Test PayOpt - Opzione 3 - Piano Rateale - 5 rate", + "numberOfInstallments": 5, + "amount": 90, + "dueDate": "2024-12-31T23:59:59", + "validFrom":"2024-09-30T23:59:59", + "status": "PO_UNPAID", + "statusReason": "Non pagato", + "allCCP": "false", + "installments": [ + { + "nav": "311111111111111120", + "iuv": "311111111111111120", + "amount": 18, + "description": "rata 1", + "dueDate": "2024-10-31T23:59:59", + "validFrom":"2024-09-30T23:59:59", + "status": "POI_UNPAID", + "statusReason": "Non pagato" + }, + { + "nav": "311111111111111121", + "iuv": "311111111111111121", + "amount": 18, + "description": "rata 2", + "dueDate": "2024-11-31T23:59:59", + "validFrom":"2024-09-30T23:59:59", + "status": "POI_UNPAID", + "statusReason": "Non pagato" + }, + { + "nav": "311111111111111122", + "iuv": "311111111111111122", + "amount": 18, + "description": "rata 3", + "dueDate": "2024-12-31T23:59:59", + "validFrom":"2024-09-30T23:59:59", + "status": "POI_UNPAID", + "statusReason": "Non pagato" + }, + { + "nav": "311111111111111123", + "iuv": "311111111111111123", + "amount": 18, + "description": "rata 4", + "dueDate": "2025-01-31T23:59:59", + "validFrom":"2024-09-30T23:59:59", + "status": "POI_UNPAID", + "statusReason": "Non pagato" + }, + { + "nav": "311111111111111124", + "iuv": "311111111111111124", + "amount": 18, + "description": "rata 5", + "dueDate": "2025-02-31T23:59:59", + "validFrom":"2024-09-30T23:59:59", + "status": "POI_UNPAID", + "statusReason": "Non pagato" + } + ] + } + ] + } + + + + { + "paTaxCode": "99999000013", + "paFullName": "EC", + "paOfficeName": "EC", + "paymentOptions": [ + { + "description": "Test PayOpt - unica opzione", + "numberOfInstallments": 1, + "amount": 120, + "dueDate": "2024-10-30T23:59:59", + "validFrom": "2024-09-30T23:59:59", + "status": "PO_UNPAID", + "statusReason": "Non Pagato", + "allCCP": "false", + "installments": [ + { + "nav": "311111111111111111", + "iuv": "311111111111111111", + "amount": 120, + "description": "Test Opt Inst - unica opzione", + "dueDate": "2024-10-30T23:59:59", + "validFrom": "2024-09-30T23:59:59", + "status": "POI_UNPAID", + "statusReason": "Non Pagato" + } + ] + } + ] + } + + + { + "paTaxCode": "99999000013", + "paFullName": "EC", + "paOfficeName": "EC", + "paymentOptions": [ + { + "description": "Test PayOpt - Opzione 1 - CO-Obbligato 1", + "numberOfInstallments": 1, + "amount": 120, + "dueDate": "2024-10-30T23:59:59", + "validFrom":"2024-09-30T23:59:59", + "status": "PO_UNPAID", + "statusReason": "Non pagato", + "allCCP": "false", + "installments": [ + { + "nav": "311111111111111125", + "iuv": "311111111111111125", + "amount": 120, + "description": "Test PayOpt - Opzione 1 - CO-Obbligato 1", + "dueDate": "2024-10-30T23:59:59", + "validFrom":"2024-09-30T23:59:59", + "status": "POI_UNPAID", + "statusReason": "Non pagato" + } + ] + }, + { + "description": "Test PayOpt - Opzione 2 - CO-Obbligato 2", + "numberOfInstallments": 1, + "amount": 120, + "dueDate": "2024-10-30T23:59:59", + "validFrom":"2024-09-30T23:59:59", + "status": "PO_UNPAID", + "statusReason": "Non pagato", + "allCCP": "false", + "installments": [ + { + "nav": "311111111111111126", + "iuv": "311111111111111126", + "amount": 120, + "description": "Test PayOpt - Opzione 2 - CO-Obbligato 2", + "dueDate": "2024-10-30T23:59:59", + "validFrom":"2024-09-30T23:59:59", + "status": "POI_UNPAID", + "statusReason": "Non pagato" + } + ] + } + ] + } + + + + { + "httpStatusCode": 400, + "httpStatusDescription": "ND", + "appErrorCode": "PAA_SINTASSI", + "timestamp": 1724425035, + "dateTime": "2024-08-23T14:57:15.635528", + "errorMessage": "Errore di sintassi del modello nella risposta" + } + + + + { + "httpStatusCode": 400, + "httpStatusDescription": "ND", + "appErrorCode": "PAA_PAGAMENTO_SCONOSCIUTO", + "timestamp": 1724425035, + "dateTime": "2024-08-23T14:57:15.635528", + "errorMessage": "Errore per pagamento sconosciuto" + } + + + + { + "httpStatusCode": 400, + "httpStatusDescription": "ND", + "appErrorCode": "PAA_ID_DOMINIO_ERRATO", + "timestamp": 1724425035, + "dateTime": "2024-08-23T14:57:15.635528", + "errorMessage": "Errore per id dominio errato" + } + + + + { + "httpStatusCode": 400, + "httpStatusDescription": "ND", + "appErrorCode": "PAA_ID_INTERMEDIARIO_ERRATO", + "timestamp": 1724425035, + "dateTime": "2024-08-23T14:57:15.635528", + "errorMessage": "Errore per id intermediario errato" + } + + + + { + "httpStatusCode": 400, + "httpStatusDescription": "ND", + "appErrorCode": "PAA_PAGAMENTO_ANNULLATO", + "timestamp": 1724425035, + "dateTime": "2024-08-23T14:57:15.635528", + "errorMessage": "Errore per pagamento annullato" + } + + + + { + "httpStatusCode": 400, + "httpStatusDescription": "ND", + "appErrorCode": "PAA_PAGAMENTO_DUPLICATO", + "timestamp": 1724425035, + "dateTime": "2024-08-23T14:57:15.635528", + "errorMessage": "Errore per pagamento duplicato" + } + + + + { + "httpStatusCode": 400, + "httpStatusDescription": "ND", + "appErrorCode": "PAA_PAGAMENTO_IN_CORSO", + "timestamp": 1724425035, + "dateTime": "2024-08-23T14:57:15.635528", + "errorMessage": "Errore per pagamento ancora in corso" + } + + + + { + "httpStatusCode": 400, + "httpStatusDescription": "ND", + "appErrorCode": "PAA_PAGAMENTO_SCADUTO", + "timestamp": 1724425035, + "dateTime": "2024-08-23T14:57:15.635528", + "errorMessage": "Errore per pagamento scaduto" + } + + + + { + "httpStatusCode": 400, + "httpStatusDescription": "ND", + "appErrorCode": "PAA_SEMANTICA", + "timestamp": 1724425035, + "dateTime": "2024-08-23T14:57:15.635528", + "errorMessage": "Errore semantica" + } + + + + { + "httpStatusCode": 400, + "httpStatusDescription": "ND", + "appErrorCode": "PAA_STAZIONE_INT_ERRATA", + "timestamp": 1724425035, + "dateTime": "2024-08-23T14:57:15.635528", + "errorMessage": "Errore per stazione errata" + } + + + + { + "httpStatusCode": 400, + "httpStatusDescription": "ND", + "appErrorCode": "PAA_SYSTEM_ERROR", + "timestamp": 1724425035, + "dateTime": "2024-08-23T14:57:15.635528", + "errorMessage": "Errore generico" + } + + + + + + + + diff --git a/src/domains/payopt-app/env/itn-dev/terraform.tfvars b/src/domains/payopt-app/env/itn-dev/terraform.tfvars index a05aa001bb..ef64184a50 100644 --- a/src/domains/payopt-app/env/itn-dev/terraform.tfvars +++ b/src/domains/payopt-app/env/itn-dev/terraform.tfvars @@ -35,5 +35,4 @@ ingress_load_balancer_ip = "10.3.2.250" is_feature_enabled = { paymentoptions = true - paymentoptions_mock = true } diff --git a/src/domains/payopt-app/env/itn-prod/terraform.tfvars b/src/domains/payopt-app/env/itn-prod/terraform.tfvars index 674ca7b069..2417a65fe7 100644 --- a/src/domains/payopt-app/env/itn-prod/terraform.tfvars +++ b/src/domains/payopt-app/env/itn-prod/terraform.tfvars @@ -35,7 +35,6 @@ ingress_load_balancer_ip = "10.3.2.250" is_feature_enabled = { paymentoptions = true - paymentoptions_mock = false } pod_disruption_budgets = { diff --git a/src/domains/payopt-app/env/itn-uat/terraform.tfvars b/src/domains/payopt-app/env/itn-uat/terraform.tfvars index c0219aa389..0b4163b306 100644 --- a/src/domains/payopt-app/env/itn-uat/terraform.tfvars +++ b/src/domains/payopt-app/env/itn-uat/terraform.tfvars @@ -35,5 +35,4 @@ ingress_load_balancer_ip = "10.3.2.250" is_feature_enabled = { paymentoptions = true - paymentoptions_mock = true } diff --git a/src/domains/payopt-common/.terraform.lock.hcl b/src/domains/payopt-common/.terraform.lock.hcl index 7db4a688f8..7e8942e4b0 100644 --- a/src/domains/payopt-common/.terraform.lock.hcl +++ b/src/domains/payopt-common/.terraform.lock.hcl @@ -2,22 +2,22 @@ # Manual edits may be lost in future updates. provider "registry.terraform.io/hashicorp/azuread" { - version = "3.0.2" - constraints = "<= 3.0.2" + version = "2.47.0" + constraints = "<= 2.47.0" hashes = [ - "h1:yQqvUtgtrYKGpIygdM8P6N+pvMWJJWIsVdPow29VE20=", - "zh:16e724b80a9004c7978c30f69a73c98ff63eb8a03937dd44c2a8f0ea0438b7a3", + "h1:g8+gBFM4QVOEQFqAEs5pR6iXpbGvgPvcEi1evHwziyw=", + "zh:1372d81eb24ef3b4b00ea350fe87219f22da51691b8e42ce91d662f6c2a8af5e", "zh:1c3e89cf19118fc07d7b04257251fc9897e722c16e0a0df7b07fcd261f8c12e7", - "zh:2bbbf13713ca4767267b889471c9fc14a56a8fdf5d1013da3ca78667e3caec64", - "zh:409ccb05431d643a079da082d89db2d95d6afed4769997ac537c8b7de3bff867", - "zh:53e4bca0f5d015380f7f524f36344afe6211ccaf614bfc69af73ca64a9f47d6c", - "zh:5780be2c1981d090604d7fa4cef675462f17f40e7f3dc501a031488e87a35b8f", - "zh:850e61a1b3e64c752c418526ccf48653514c861b36f5feb631619f906f7e99a0", - "zh:8c3565bfcea006a734149cc080452a9daf7d2a9d5362eb7e0a088b6c0d7f0f03", - "zh:908b9e6ad49d5d21173ecefc7924902047611be93bbf8e7d021aa9563358396f", - "zh:a2a79765c029bc58966eff61cb6e9b0ee14d2ac52b0a22fc7dfa35c9a49af669", - "zh:c7f56cbe8743e9ba81fce871bc97d9c07abe86770d9ee7ffefbf3882a61ba89a", - "zh:d4dba80e33421b30d81c62611fb7fc62ad39afecc6484436e635913cd8553e67", + "zh:1e654a74d171d6ff8f9f6f67e3ff1421d4c5e56a18607703626bf12cd23ba001", + "zh:35227fad617a0509c64ab5759a8b703b10d244877f1aa5416bfbcc100c96996f", + "zh:357f553f0d78d46a96c7b2ed06d25ee0fc60fc5be19812ccb5d969fa47d62e17", + "zh:58faa2940065137e3e87d02eba59ab5cd7137d7a18caf225e660d1788f274569", + "zh:7308eda0339620fa24f47cedd22221fc2c02cab9d5be1710c09a783aea84eb3a", + "zh:863eabf7f908a8263e28d8aa2ad1381affd6bb5c67755216781f674ef214100e", + "zh:8b95b595a7c14ed7b56194d03cdec253527e7a146c1c58961be09e6b5c50baee", + "zh:afbca6b4fac9a0a488bc22ff9e51a8f14e986137d25275068fd932f379a51d57", + "zh:c6aadec4c81a44c3ffc22c2d90ffc6706bf5a9a903a395d896477516f4be6cbb", + "zh:e54a59de7d4ef0f3a18f91fed0b54a2bce18257ae2ee1df8a88226e1023c5811", ] } @@ -42,21 +42,21 @@ provider "registry.terraform.io/hashicorp/azurerm" { } provider "registry.terraform.io/hashicorp/null" { - version = "3.2.3" - constraints = "<= 3.2.3" + version = "3.2.2" + constraints = "<= 3.2.2" hashes = [ - "h1:I0Um8UkrMUb81Fxq/dxbr3HLP2cecTH2WMJiwKSrwQY=", - "zh:22d062e5278d872fe7aed834f5577ba0a5afe34a3bdac2b81f828d8d3e6706d2", - "zh:23dead00493ad863729495dc212fd6c29b8293e707b055ce5ba21ee453ce552d", - "zh:28299accf21763ca1ca144d8f660688d7c2ad0b105b7202554ca60b02a3856d3", - "zh:55c9e8a9ac25a7652df8c51a8a9a422bd67d784061b1de2dc9fe6c3cb4e77f2f", - "zh:756586535d11698a216291c06b9ed8a5cc6a4ec43eee1ee09ecd5c6a9e297ac1", + "h1:IMVAUHKoydFrlPrl9OzasDnw/8ntZFerCC9iXw1rXQY=", + "zh:3248aae6a2198f3ec8394218d05bd5e42be59f43a3a7c0b71c66ec0df08b69e7", + "zh:32b1aaa1c3013d33c245493f4a65465eab9436b454d250102729321a44c8ab9a", + "zh:38eff7e470acb48f66380a73a5c7cdd76cc9b9c9ba9a7249c7991488abe22fe3", + "zh:4c2f1faee67af104f5f9e711c4574ff4d298afaa8a420680b0cb55d7bbc65606", + "zh:544b33b757c0b954dbb87db83a5ad921edd61f02f1dc86c6186a5ea86465b546", + "zh:696cf785090e1e8cf1587499516b0494f47413b43cb99877ad97f5d0de3dc539", + "zh:6e301f34757b5d265ae44467d95306d61bef5e41930be1365f5a8dcf80f59452", "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3", - "zh:9d5eea62fdb587eeb96a8c4d782459f4e6b73baeece4d04b4a40e44faaee9301", - "zh:a6355f596a3fb8fc85c2fb054ab14e722991533f87f928e7169a486462c74670", - "zh:b5a65a789cff4ada58a5baffc76cb9767dc26ec6b45c00d2ec8b1b027f6db4ed", - "zh:db5ab669cf11d0e9f81dc380a6fdfcac437aea3d69109c7aef1a5426639d2d65", - "zh:de655d251c470197bcbb5ac45d289595295acb8f829f6c781d4a75c8c8b7c7dd", - "zh:f5c68199f2e6076bce92a12230434782bf768103a427e9bb9abee99b116af7b5", + "zh:913a929070c819e59e94bb37a2a253c228f83921136ff4a7aa1a178c7cce5422", + "zh:aa9015926cd152425dbf86d1abdbc74bfe0e1ba3d26b3db35051d7b9ca9f72ae", + "zh:bb04798b016e1e1d49bcc76d62c53b56c88c63d6f2dfe38821afef17c416a0e1", + "zh:c23084e1b23577de22603cff752e59128d83cfecc2e6819edadd8cf7a10af11e", ] } diff --git a/src/domains/payopt-common/env/itn-dev/terraform.tfvars b/src/domains/payopt-common/env/itn-dev/terraform.tfvars index b6da44353b..09dec5f204 100644 --- a/src/domains/payopt-common/env/itn-dev/terraform.tfvars +++ b/src/domains/payopt-common/env/itn-dev/terraform.tfvars @@ -56,51 +56,51 @@ ehns_zone_redundant = false ehns_public_network_access = true ehns_private_endpoint_is_present = false -ehns_metric_alerts = { - no_trx = { - aggregation = "Total" - metric_name = "IncomingMessages" - description = "No transactions received from acquirer in the last 24h" - operator = "LessThanOrEqual" - threshold = 1000 - frequency = "PT1H" - window_size = "P1D" - dimension = [ - { - name = "EntityName" - operator = "Include" - values = ["rtd-trx"] - } - ], - }, - active_connections = { - aggregation = "Average" - metric_name = "ActiveConnections" - description = null - operator = "LessThanOrEqual" - threshold = 0 - frequency = "PT5M" - window_size = "PT15M" - dimension = [], - }, - error_trx = { - aggregation = "Total" - metric_name = "IncomingMessages" - description = "Transactions rejected from one acquirer file received. trx write on eventhub. check immediately" - operator = "GreaterThan" - threshold = 0 - frequency = "PT5M" - window_size = "PT30M" - dimension = [ - { - name = "EntityName" - operator = "Include" - values = [ - "nodo-dei-pagamenti-log", - "nodo-dei-pagamenti-re" - ] - } - ], - }, -} +# ehns_metric_alerts = { +# no_trx = { +# aggregation = "Total" +# metric_name = "IncomingMessages" +# description = "No transactions received from acquirer in the last 24h" +# operator = "LessThanOrEqual" +# threshold = 1000 +# frequency = "PT1H" +# window_size = "P1D" +# dimension = [ +# { +# name = "EntityName" +# operator = "Include" +# values = ["rtd-trx"] +# } +# ], +# }, +# active_connections = { +# aggregation = "Average" +# metric_name = "ActiveConnections" +# description = null +# operator = "LessThanOrEqual" +# threshold = 0 +# frequency = "PT5M" +# window_size = "PT15M" +# dimension = [], +# }, +# error_trx = { +# aggregation = "Total" +# metric_name = "IncomingMessages" +# description = "Transactions rejected from one acquirer file received. trx write on eventhub. check immediately" +# operator = "GreaterThan" +# threshold = 0 +# frequency = "PT5M" +# window_size = "PT30M" +# dimension = [ +# { +# name = "EntityName" +# operator = "Include" +# values = [ +# "nodo-dei-pagamenti-log", +# "nodo-dei-pagamenti-re" +# ] +# } +# ], +# }, +# } diff --git a/src/domains/payopt-common/env/itn-prod/terraform.tfvars b/src/domains/payopt-common/env/itn-prod/terraform.tfvars index a70e0827de..7bc0fe202f 100644 --- a/src/domains/payopt-common/env/itn-prod/terraform.tfvars +++ b/src/domains/payopt-common/env/itn-prod/terraform.tfvars @@ -50,57 +50,57 @@ ehns_sku_name = "Standard" ehns_auto_inflate_enabled = true ehns_maximum_throughput_units = 5 ehns_capacity = 5 -ehns_alerts_enabled = true +ehns_alerts_enabled = false ehns_zone_redundant = true ehns_public_network_access = false ehns_private_endpoint_is_present = true -ehns_metric_alerts = { - no_trx = { - aggregation = "Total" - metric_name = "IncomingMessages" - description = "No transactions received from acquirer in the last 24h" - operator = "LessThanOrEqual" - threshold = 1000 - frequency = "PT1H" - window_size = "P1D" - dimension = [ - { - name = "EntityName" - operator = "Include" - values = ["rtd-trx"] - } - ], - }, - active_connections = { - aggregation = "Average" - metric_name = "ActiveConnections" - description = null - operator = "LessThanOrEqual" - threshold = 0 - frequency = "PT5M" - window_size = "PT15M" - dimension = [], - }, - error_trx = { - aggregation = "Total" - metric_name = "IncomingMessages" - description = "Transactions rejected from one acquirer file received. trx write on eventhub. check immediately" - operator = "GreaterThan" - threshold = 0 - frequency = "PT5M" - window_size = "PT30M" - dimension = [ - { - name = "EntityName" - operator = "Include" - values = [ - "nodo-dei-pagamenti-log", - "nodo-dei-pagamenti-re" - ] - } - ], - }, -} +# ehns_metric_alerts = { +# no_trx = { +# aggregation = "Total" +# metric_name = "IncomingMessages" +# description = "No transactions received from acquirer in the last 24h" +# operator = "LessThanOrEqual" +# threshold = 1000 +# frequency = "PT1H" +# window_size = "P1D" +# dimension = [ +# { +# name = "EntityName" +# operator = "Include" +# values = ["rtd-trx"] +# } +# ], +# }, +# active_connections = { +# aggregation = "Average" +# metric_name = "ActiveConnections" +# description = null +# operator = "LessThanOrEqual" +# threshold = 0 +# frequency = "PT5M" +# window_size = "PT15M" +# dimension = [], +# }, +# error_trx = { +# aggregation = "Total" +# metric_name = "IncomingMessages" +# description = "Transactions rejected from one acquirer file received. trx write on eventhub. check immediately" +# operator = "GreaterThan" +# threshold = 0 +# frequency = "PT5M" +# window_size = "PT30M" +# dimension = [ +# { +# name = "EntityName" +# operator = "Include" +# values = [ +# "nodo-dei-pagamenti-log", +# "nodo-dei-pagamenti-re" +# ] +# } +# ], +# }, +# } diff --git a/src/domains/payopt-common/env/itn-uat/terraform.tfvars b/src/domains/payopt-common/env/itn-uat/terraform.tfvars index da838589de..492c774c39 100644 --- a/src/domains/payopt-common/env/itn-uat/terraform.tfvars +++ b/src/domains/payopt-common/env/itn-uat/terraform.tfvars @@ -56,51 +56,51 @@ ehns_zone_redundant = false ehns_public_network_access = false ehns_private_endpoint_is_present = true -ehns_metric_alerts = { - no_trx = { - aggregation = "Total" - metric_name = "IncomingMessages" - description = "No transactions received from acquirer in the last 24h" - operator = "LessThanOrEqual" - threshold = 1000 - frequency = "PT1H" - window_size = "P1D" - dimension = [ - { - name = "EntityName" - operator = "Include" - values = ["rtd-trx"] - } - ], - }, - active_connections = { - aggregation = "Average" - metric_name = "ActiveConnections" - description = null - operator = "LessThanOrEqual" - threshold = 0 - frequency = "PT5M" - window_size = "PT15M" - dimension = [], - }, - error_trx = { - aggregation = "Total" - metric_name = "IncomingMessages" - description = "Transactions rejected from one acquirer file received. trx write on eventhub. check immediately" - operator = "GreaterThan" - threshold = 0 - frequency = "PT5M" - window_size = "PT30M" - dimension = [ - { - name = "EntityName" - operator = "Include" - values = [ - "nodo-dei-pagamenti-log", - "nodo-dei-pagamenti-re" - ] - } - ], - }, -} +# ehns_metric_alerts = { +# no_trx = { +# aggregation = "Total" +# metric_name = "IncomingMessages" +# description = "No transactions received from acquirer in the last 24h" +# operator = "LessThanOrEqual" +# threshold = 1000 +# frequency = "PT1H" +# window_size = "P1D" +# dimension = [ +# { +# name = "EntityName" +# operator = "Include" +# values = ["rtd-trx"] +# } +# ], +# }, +# active_connections = { +# aggregation = "Average" +# metric_name = "ActiveConnections" +# description = null +# operator = "LessThanOrEqual" +# threshold = 0 +# frequency = "PT5M" +# window_size = "PT15M" +# dimension = [], +# }, +# error_trx = { +# aggregation = "Total" +# metric_name = "IncomingMessages" +# description = "Transactions rejected from one acquirer file received. trx write on eventhub. check immediately" +# operator = "GreaterThan" +# threshold = 0 +# frequency = "PT5M" +# window_size = "PT30M" +# dimension = [ +# { +# name = "EntityName" +# operator = "Include" +# values = [ +# "nodo-dei-pagamenti-log", +# "nodo-dei-pagamenti-re" +# ] +# } +# ], +# }, +# } diff --git a/src/domains/payopt-secrets/env/itn-dev/terraform.tfvars b/src/domains/payopt-secrets/env/itn-dev/terraform.tfvars index 4cb569abdb..2381a79a51 100644 --- a/src/domains/payopt-secrets/env/itn-dev/terraform.tfvars +++ b/src/domains/payopt-secrets/env/itn-dev/terraform.tfvars @@ -24,7 +24,3 @@ input_file = "./secret/itn-dev/configs.json" enable_iac_pipeline = true - - - - diff --git a/src/domains/payopt-secrets/env/itn-prod/terraform.tfvars b/src/domains/payopt-secrets/env/itn-prod/terraform.tfvars index 4e852fe9cf..56d3b3808b 100644 --- a/src/domains/payopt-secrets/env/itn-prod/terraform.tfvars +++ b/src/domains/payopt-secrets/env/itn-prod/terraform.tfvars @@ -1,8 +1,8 @@ prefix = "pagopa" env_short = "p" env = "prod" -domain = "paymentoptns" -location = "payopt" +domain = "payopt" +location = "italynorth" location_short = "itn" instance = "prod" @@ -16,15 +16,11 @@ tags = { ### External resources -monitor_italy_resource_group_name = "pagopa-d-itn-core-monitor-rg" -log_analytics_italy_workspace_name = "pagopa-d-itn-core-law" -log_analytics_italy_workspace_resource_group_name = "pagopa-d-itn-core-monitor-rg" +monitor_italy_resource_group_name = "pagopa-p-itn-core-monitor-rg" +log_analytics_italy_workspace_name = "pagopa-p-itn-core-law" +log_analytics_italy_workspace_resource_group_name = "pagopa-p-itn-core-monitor-rg" input_file = "./secret/itn-prod/configs.json" enable_iac_pipeline = true - - - - diff --git a/src/domains/payopt-secrets/env/itn-uat/terraform.tfvars b/src/domains/payopt-secrets/env/itn-uat/terraform.tfvars index 170edb7557..84f787f696 100644 --- a/src/domains/payopt-secrets/env/itn-uat/terraform.tfvars +++ b/src/domains/payopt-secrets/env/itn-uat/terraform.tfvars @@ -16,12 +16,11 @@ tags = { ### External resources -monitor_italy_resource_group_name = "pagopa-d-itn-core-monitor-rg" -log_analytics_italy_workspace_name = "pagopa-d-itn-core-law" -log_analytics_italy_workspace_resource_group_name = "pagopa-d-itn-core-monitor-rg" +monitor_italy_resource_group_name = "pagopa-u-itn-core-monitor-rg" +log_analytics_italy_workspace_name = "pagopa-u-itn-core-law" +log_analytics_italy_workspace_resource_group_name = "pagopa-u-itn-core-monitor-rg" input_file = "./secret/itn-uat/configs.json" enable_iac_pipeline = true -force = "v1" diff --git a/src/domains/payopt-secrets/secret/itn-prod/noedit_secret_enc.json b/src/domains/payopt-secrets/secret/itn-prod/noedit_secret_enc.json new file mode 100644 index 0000000000..09fd9248bb --- /dev/null +++ b/src/domains/payopt-secrets/secret/itn-prod/noedit_secret_enc.json @@ -0,0 +1,22 @@ +{ + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": [ + { + "vault_url": "https://pagopa-p-itn-payopt-kv.vault.azure.net", + "name": "pagopa-p-payopt-sops-key", + "version": "9e9a36f67c7e4ec7867caf988fce16d3", + "created_at": "2024-12-19T10:48:49Z", + "enc": "p7B4dhShDFDIdJn34-RWc2m37at0bOwxXQXodhC_UZYdH2KtQT2OidFpP2hyGlAhAnmJt4vU-_PoiQQOu5RoMVSOYk_fhjJSotcGUi-kKicKz889RkTvvJYFN1Mlm7ParZA6oiVc_s1tmM_wAPH4j1cW_2gB6ukOyMuaozjjBVPBcbjwcz4gTzL7xGUTXJYC1BKUf1K8Rpa0DuNDhouIsViPQrE7_PoLvFDWofxK9WoU4VvInQnZmy1VuYhpnznq2tPMxuaXWbUbXmj1BSIPpFDRG1_rVhJOFn5rxzCgQ0PUi7VIqbz71DwcA4QXgam6eFrxM7_KTuvwOuEqkJEBDg" + } + ], + "hc_vault": null, + "age": null, + "lastmodified": "2024-12-19T10:48:51Z", + "mac": "ENC[AES256_GCM,data:1amA8z/QWdp8b3K34lMZzl7/a6VA9dGuG4C6DQTZK2YWVI5CoMRnnQ8irWA6G3xrrTmxMTjMHIwSeH+Zs20tB70HbR9CRg0sQwI4YvxeQ5Tkh6Rgv0ZRw8sd8ikAuFZrz+9+gXdSZOgqegkUuzJ3RzVINMj53o37CbiboUnzYzg=,iv:eIuOsv/qFBnaRLrlEGZo8jebPrF/4MQZ8mNJD3KbR/M=,tag:SXUztozYlQxOiGxHPSzoSw==,type:str]", + "pgp": null, + "unencrypted_suffix": "_unencrypted", + "version": "3.9.1" + } +} \ No newline at end of file