From 033def565a58f2c7a48a0dd7ffec83217bb9fe76 Mon Sep 17 00:00:00 2001 From: petretiandrea Date: Tue, 15 Oct 2024 16:53:06 +0200 Subject: [PATCH 01/13] first openapi draft --- pagopa/openapi.yaml | 89 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 89 insertions(+) create mode 100644 pagopa/openapi.yaml diff --git a/pagopa/openapi.yaml b/pagopa/openapi.yaml new file mode 100644 index 0000000..bbba6e3 --- /dev/null +++ b/pagopa/openapi.yaml @@ -0,0 +1,89 @@ +openapi: 3.0.3 +info: + title: pagoPa RTP - OpenAPI 3.1 + description: DESCRIPTION + version: 1.0.11 +servers: + - url: http://localhost:8080 +tags: + - name: rtp-notice + description: API Group aims to notify a pagoPa notice through Request To Pay (RTP) +paths: + /rtp-notices: + post: + tags: + - rtp-notice + summary: "Create and send a new RTP from a pagoPa notice" + description: "" + requestBody: + description: "" + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/CreateRequestToPayNotice" + responses: + 201: + description: "Request to pay created and sent" + content: + application/json: + schema: + type: object + properties: + rtpId: + $ref: "#/components/schemas/RequestToPayId" + + +components: + schemas: + AmountEuroCents: + description: Amount for payments, in euro cents + type: integer + minimum: 0 + maximum: 99999999 + + NoticeCode: + type: string + pattern: "\\d{18}" + description: "pagoPa notice's code" + example: "311111111112222222" + externalDocs: + description: "See noticeNumber field" + url: "https://docs.pagopa.it/sanp/appendici/primitive#verifypaymentnotice-1" + + PayeeId: + type: string + pattern: "\\d{11}" + description: "The payee id (e.g. EC fiscal code)" + example: "77777777777" + externalDocs: + description: "See idPA field" + url: "https://docs.pagopa.it/sanp/appendici/primitive#paverifypaymentnotice" + + RequestToPayId: + type: string + format: uuid + description: "Request to pay unique id" + + CreateRequestToPayNotice: + type: object + properties: + noticeCode: + $ref: "#/components/schemas/NoticeCode" + amount: + $ref: "#/components/schemas/AmountEuroCents" + description: + type: string + description: "The pagopa notice's description" + maxLength: 140 + expiryDate: + type: string + description: "The pagoPa notice's expiry date. Formatted as ISO 8601 [YYYY]-[MM]-[DD]" + format: date + example: "2024-12-03" + payeeId: + $ref: "#/components/schemas/PayeeId" + payerId: + type: string + description: "The id of the recipient of the request to pay. The id is the fiscal code" + example: "ABCDEF12G34H567I" From b152b116de6a7f6c4efaaf14c354941a62379a5f Mon Sep 17 00:00:00 2001 From: petretiandrea Date: Wed, 16 Oct 2024 09:46:53 +0200 Subject: [PATCH 02/13] minor changes --- pagopa/openapi.yaml | 33 +++++++++++++++++++-------------- 1 file changed, 19 insertions(+), 14 deletions(-) diff --git a/pagopa/openapi.yaml b/pagopa/openapi.yaml index bbba6e3..af451e1 100644 --- a/pagopa/openapi.yaml +++ b/pagopa/openapi.yaml @@ -16,22 +16,21 @@ paths: summary: "Create and send a new RTP from a pagoPa notice" description: "" requestBody: - description: "" + description: "pagoPa notice's details to create as RTP" required: true content: application/json: schema: - $ref: "#/components/schemas/CreateRequestToPayNotice" + $ref: "#/components/schemas/CreateRtp" responses: 201: description: "Request to pay created and sent" - content: - application/json: - schema: - type: object - properties: - rtpId: - $ref: "#/components/schemas/RequestToPayId" + headers: + Location: + required: true + description: "The location of created rtp" + schema: + $ref: "#/components/schemas/RtpLocation" components: @@ -42,7 +41,7 @@ components: minimum: 0 maximum: 99999999 - NoticeCode: + NoticeNumber: type: string pattern: "\\d{18}" description: "pagoPa notice's code" @@ -60,16 +59,22 @@ components: description: "See idPA field" url: "https://docs.pagopa.it/sanp/appendici/primitive#paverifypaymentnotice" - RequestToPayId: + RtpId: type: string format: uuid description: "Request to pay unique id" - CreateRequestToPayNotice: + RtpLocation: + type: string + description: "The location of created resource" + format: url + example: "https://domain.com/rtp-notices/{rtpId}" + + CreateRtp: type: object properties: - noticeCode: - $ref: "#/components/schemas/NoticeCode" + noticeNumber: + $ref: "#/components/schemas/NoticeNumber" amount: $ref: "#/components/schemas/AmountEuroCents" description: From 901d62e332cd5e2a83080907ea0e2ccaa865da3d Mon Sep 17 00:00:00 2001 From: petretiandrea Date: Wed, 16 Oct 2024 12:09:38 +0200 Subject: [PATCH 03/13] added spectral --- .github/workflows/validate-openapi.yaml | 20 ++++++++++++++++++++ .vscode/settings.json | 5 +++++ {pagopa => openapi/pagopa}/openapi.yaml | 11 +++++++---- 3 files changed, 32 insertions(+), 4 deletions(-) create mode 100644 .github/workflows/validate-openapi.yaml create mode 100644 .vscode/settings.json rename {pagopa => openapi/pagopa}/openapi.yaml (92%) diff --git a/.github/workflows/validate-openapi.yaml b/.github/workflows/validate-openapi.yaml new file mode 100644 index 0000000..39f0209 --- /dev/null +++ b/.github/workflows/validate-openapi.yaml @@ -0,0 +1,20 @@ +name: Run Spectral on Pull Requests + +on: + pull_request: + paths: + - 'openapi/**/*.yaml' + - 'openapi/**/*.yml' + + +jobs: + build: + name: Run Spectral + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + + # Run Spectral + - uses: stoplightio/spectral-action@latest + with: + file_glob: 'openapi/**/(*.yaml|*.yml)' diff --git a/.vscode/settings.json b/.vscode/settings.json new file mode 100644 index 0000000..bb30721 --- /dev/null +++ b/.vscode/settings.json @@ -0,0 +1,5 @@ +{ + "yaml.schemas": { + "https://json.schemastore.org/github-workflow.json": "file:///Users/andrea.petreti/Development/rtp-apis/.github/workflows/validate-openapi.yaml" + } +} \ No newline at end of file diff --git a/pagopa/openapi.yaml b/openapi/pagopa/openapi.yaml similarity index 92% rename from pagopa/openapi.yaml rename to openapi/pagopa/openapi.yaml index af451e1..61399ca 100644 --- a/pagopa/openapi.yaml +++ b/openapi/pagopa/openapi.yaml @@ -1,8 +1,10 @@ openapi: 3.0.3 info: - title: pagoPa RTP - OpenAPI 3.1 + title: pagoPa RTP - OpenAPI 3.x description: DESCRIPTION - version: 1.0.11 + version: 0.0.1 + contact: + email: cstar@pagopa.it servers: - url: http://localhost:8080 tags: @@ -13,8 +15,9 @@ paths: post: tags: - rtp-notice + operationId: "createRtp" summary: "Create and send a new RTP from a pagoPa notice" - description: "" + description: "Create and send a new RTP from a pagoPa notice" requestBody: description: "pagoPa notice's details to create as RTP" required: true @@ -23,7 +26,7 @@ paths: schema: $ref: "#/components/schemas/CreateRtp" responses: - 201: + "201": description: "Request to pay created and sent" headers: Location: From 87aa7102019c9ab8e51320d15d5efb43e9972725 Mon Sep 17 00:00:00 2001 From: petretiandrea Date: Wed, 16 Oct 2024 12:10:46 +0200 Subject: [PATCH 04/13] removed .vscode --- .gitignore | 1 + .vscode/settings.json | 5 ----- 2 files changed, 1 insertion(+), 5 deletions(-) create mode 100644 .gitignore delete mode 100644 .vscode/settings.json diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..600d2d3 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.vscode \ No newline at end of file diff --git a/.vscode/settings.json b/.vscode/settings.json deleted file mode 100644 index bb30721..0000000 --- a/.vscode/settings.json +++ /dev/null @@ -1,5 +0,0 @@ -{ - "yaml.schemas": { - "https://json.schemastore.org/github-workflow.json": "file:///Users/andrea.petreti/Development/rtp-apis/.github/workflows/validate-openapi.yaml" - } -} \ No newline at end of file From a4097d9ede1e2d7ab308d85c3d7de2bd1778c144 Mon Sep 17 00:00:00 2001 From: petretiandrea Date: Wed, 16 Oct 2024 12:12:46 +0200 Subject: [PATCH 05/13] removed spectral --- .github/workflows/validate-openapi.yaml | 20 -------------------- 1 file changed, 20 deletions(-) delete mode 100644 .github/workflows/validate-openapi.yaml diff --git a/.github/workflows/validate-openapi.yaml b/.github/workflows/validate-openapi.yaml deleted file mode 100644 index 39f0209..0000000 --- a/.github/workflows/validate-openapi.yaml +++ /dev/null @@ -1,20 +0,0 @@ -name: Run Spectral on Pull Requests - -on: - pull_request: - paths: - - 'openapi/**/*.yaml' - - 'openapi/**/*.yml' - - -jobs: - build: - name: Run Spectral - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - - # Run Spectral - - uses: stoplightio/spectral-action@latest - with: - file_glob: 'openapi/**/(*.yaml|*.yml)' From 51527788491f7bb36282ed7011facc821423e9fe Mon Sep 17 00:00:00 2001 From: petretiandrea Date: Wed, 16 Oct 2024 12:16:25 +0200 Subject: [PATCH 06/13] removed spectral --- .spectral.yml | 1 + 1 file changed, 1 insertion(+) create mode 100644 .spectral.yml diff --git a/.spectral.yml b/.spectral.yml new file mode 100644 index 0000000..1d37769 --- /dev/null +++ b/.spectral.yml @@ -0,0 +1 @@ +extends: ["spectral:oas"] \ No newline at end of file From 938438e5ea01d065b79122dc66daaee4c7e14111 Mon Sep 17 00:00:00 2001 From: petretiandrea Date: Wed, 16 Oct 2024 16:45:54 +0200 Subject: [PATCH 07/13] changed path --- openapi/pagopa/openapi.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/openapi/pagopa/openapi.yaml b/openapi/pagopa/openapi.yaml index 61399ca..550cd6a 100644 --- a/openapi/pagopa/openapi.yaml +++ b/openapi/pagopa/openapi.yaml @@ -8,13 +8,13 @@ info: servers: - url: http://localhost:8080 tags: - - name: rtp-notice + - name: rtps description: API Group aims to notify a pagoPa notice through Request To Pay (RTP) paths: - /rtp-notices: + /rtps: post: tags: - - rtp-notice + - rtps operationId: "createRtp" summary: "Create and send a new RTP from a pagoPa notice" description: "Create and send a new RTP from a pagoPa notice" From 2b88dbcdf64e5785dcdecf376b224eb301e02a76 Mon Sep 17 00:00:00 2001 From: petretiandrea Date: Thu, 17 Oct 2024 14:20:57 +0200 Subject: [PATCH 08/13] pre-setup terraform --- .github/workflows/pr-title.yaml | 56 ++++ .github/workflows/static-analysis-pr.yaml | 16 ++ .github/workflows/static-analysis.yaml | 16 ++ .github/workflows/validate-openapi.yaml | 23 ++ .gitignore | 38 +++ .pre-commit-config.yaml | 14 + .terraform-version | 1 + scripts/terraform.sh | 324 ++++++++++++++++++++++ scripts/terraform_run_all.sh | 61 ++++ 9 files changed, 549 insertions(+) create mode 100644 .github/workflows/pr-title.yaml create mode 100644 .github/workflows/static-analysis-pr.yaml create mode 100644 .github/workflows/static-analysis.yaml create mode 100644 .github/workflows/validate-openapi.yaml create mode 100644 .pre-commit-config.yaml create mode 100644 .terraform-version create mode 100644 scripts/terraform.sh create mode 100644 scripts/terraform_run_all.sh diff --git a/.github/workflows/pr-title.yaml b/.github/workflows/pr-title.yaml new file mode 100644 index 0000000..a364f88 --- /dev/null +++ b/.github/workflows/pr-title.yaml @@ -0,0 +1,56 @@ +name: Validate PR title + +on: + pull_request_target: + types: + - opened + - edited + - synchronize + +jobs: + main: + name: Validate PR title + runs-on: ubuntu-22.04 + steps: + # Please look up the latest version from + # https://github.com/amannn/action-semantic-pull-request/releases + # from https://github.com/amannn/action-semantic-pull-request/commits/main + - uses: amannn/action-semantic-pull-request@e9fabac35e210fea40ca5b14c0da95a099eff26f # v5.4.0 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + # Configure which types are allowed. + # Default: https://github.com/commitizen/conventional-commit-types + types: | + fix + feat + docs + chore + breaking + # Configure that a scope must always be provided. + requireScope: false + # Configure additional validation for the subject based on a regex. + # This example ensures the subject starts with an uppercase character. + subjectPattern: ^.+$ + # If `subjectPattern` is configured, you can use this property to override + # the default error message that is shown when the pattern doesn't match. + # The variables `subject` and `title` can be used within the message. + subjectPatternError: | + The subject "{subject}" found in the pull request title "{title}" + didn't match the configured pattern. Please ensure that the subject + starts with an uppercase character. + # For work-in-progress PRs you can typically use draft pull requests + # from Github. However, private repositories on the free plan don't have + # this option and therefore this action allows you to opt-in to using the + # special "[WIP]" prefix to indicate this state. This will avoid the + # validation of the PR title and the pull request checks remain pending. + # Note that a second check will be reported if this is enabled. + wip: true + # When using "Squash and merge" on a PR with only one commit, GitHub + # will suggest using that commit message instead of the PR title for the + # merge commit, and it's easy to commit this by mistake. Enable this option + # to also validate the commit message for one commit PRs. + validateSingleCommit: false + # Related to `validateSingleCommit` you can opt-in to validate that the PR + # title matches a single commit to avoid confusion. + validateSingleCommitMatchesPrTitle: false \ No newline at end of file diff --git a/.github/workflows/static-analysis-pr.yaml b/.github/workflows/static-analysis-pr.yaml new file mode 100644 index 0000000..c95c1fc --- /dev/null +++ b/.github/workflows/static-analysis-pr.yaml @@ -0,0 +1,16 @@ +name: Static Analysis PR + +on: + push: + branches-ignore: + - main + +jobs: + static_analysis: + runs-on: ubuntu-22.04 + + steps: + - name: Static Analysis + uses: pagopa/eng-github-actions-iac-template/azure/terraform-static-analysis@1e65ac158f5f60d3e46d3621dd4321f7b6e2d80d # v1.8.0 + with: + precommit_version: 'v1.86.0@sha256:fed35dd9347aa3dd3e59a870dbc4500245dae26910d84065a6f66fe61afceaa8' \ No newline at end of file diff --git a/.github/workflows/static-analysis.yaml b/.github/workflows/static-analysis.yaml new file mode 100644 index 0000000..638524d --- /dev/null +++ b/.github/workflows/static-analysis.yaml @@ -0,0 +1,16 @@ +name: Static Analysis + +on: + push: + branches: + - main + +jobs: + static_analysis: + runs-on: ubuntu-22.04 + + steps: + - name: Static Analysis + uses: pagopa/eng-github-actions-iac-template/azure/terraform-static-analysis@1e65ac158f5f60d3e46d3621dd4321f7b6e2d80d # v1.8.0 + with: + precommit_version: 'v1.86.0@sha256:fed35dd9347aa3dd3e59a870dbc4500245dae26910d84065a6f66fe61afceaa8' \ No newline at end of file diff --git a/.github/workflows/validate-openapi.yaml b/.github/workflows/validate-openapi.yaml new file mode 100644 index 0000000..df37ac4 --- /dev/null +++ b/.github/workflows/validate-openapi.yaml @@ -0,0 +1,23 @@ +name: Run Spectral on Pull Requests + +on: + pull_request: + paths: + - 'openapi/**/*.yaml' + - 'openapi/**/*.yml' + +permissions: + pull-requests: write + +jobs: + build: + name: Run Spectral + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + + # Run Spectral + - uses: stoplightio/spectral-action@2ad0b9302e32a77c1caccf474a9b2191a8060d83 #v0.8.11 + with: + file_glob: 'openapi/**/(*.yaml|*.yml)' + repo_token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.gitignore b/.gitignore index 600d2d3..f6e80bc 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,39 @@ +.vscode + +# Local .terraform directories +**/.terraform/* + +# tfplan files +**/tfplan + +# .tfstate files +*.tfstate +*.tfstate.* + +# Crash log files +crash.log + +# Ignore any .tfvars files that are generated automatically for each Terraform run. Most +# .tfvars files are managed as part of configuration and so should be included in +# version control. +# +# example.tfvars + +# Ignore override files as they are usually used to override resources locally and so +# are not checked in +override.tf +override.tf.json +*_override.tf +*_override.tf.json + +# Include override files you do wish to add to version control using negated pattern +# +# !example_override.tf + +# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan +# example: *tfplan* + +*.DS_Store +*.log +.idea .vscode \ No newline at end of file diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml new file mode 100644 index 0000000..58e45f0 --- /dev/null +++ b/.pre-commit-config.yaml @@ -0,0 +1,14 @@ +repos: + - repo: https://github.com/antonbabenko/pre-commit-terraform + rev: v1.86.0 + hooks: + - id: terraform_fmt + - id: terraform_docs + args: + - markdown --sort-by required + - id: terraform_tfsec + - id: terraform_validate + args: + - --init-args=-lockfile=readonly + - --args=-json + - --args=-no-color \ No newline at end of file diff --git a/.terraform-version b/.terraform-version new file mode 100644 index 0000000..ff2fd4f --- /dev/null +++ b/.terraform-version @@ -0,0 +1 @@ +1.8.5 \ No newline at end of file diff --git a/scripts/terraform.sh b/scripts/terraform.sh new file mode 100644 index 0000000..2bde4b0 --- /dev/null +++ b/scripts/terraform.sh @@ -0,0 +1,324 @@ +#!/bin/bash +############################################################ +# Terraform script for managing infrastructure on Azure +# Fingerprint: d2hhdHlvdXdhbnQ/Cg== +############################################################ +# Global variables +# Version format x.y accepted +vers="1.11" +script_name=$(basename "$0") +git_repo="https://raw.githubusercontent.com/pagopa/eng-common-scripts/main/azure/${script_name}" +tmp_file="${script_name}.new" +# Check if the third parameter exists and is a file +if [ -n "$3" ] && [ -f "$3" ]; then + FILE_ACTION=true +else + FILE_ACTION=false +fi + +# Define functions +function clean_environment() { + rm -rf .terraform + rm tfplan 2>/dev/null + echo "cleaned!" +} + +function download_tool() { + #default value + cpu_type="intel" + os_type=$(uname) + + # only on MacOS + if [ "$os_type" == "Darwin" ]; then + cpu_brand=$(sysctl -n machdep.cpu.brand_string) + if grep -q -i "intel" <<< "$cpu_brand"; then + cpu_type="intel" + else + cpu_type="arm" + fi + fi + + echo $cpu_type + tool=$1 + git_repo="https://raw.githubusercontent.com/pagopa/eng-common-scripts/main/golang/${tool}_${cpu_type}" + if ! command -v $tool &> /dev/null; then + if ! curl -sL "$git_repo" -o "$tool"; then + echo "Error downloading ${tool}" + return 1 + else + chmod +x $tool + echo "${tool} downloaded! Please note this tool WON'T be copied in your **/bin folder for safety reasons. +You need to do it yourself!" + read -p "Press enter to continue" + + + fi + fi +} + +function extract_resources() { + TF_FILE=$1 + ENV=$2 + TARGETS="" + + # Check if the file exists + if [ ! -f "$TF_FILE" ]; then + echo "File $TF_FILE does not exist." + exit 1 + fi + + # Check if the directory exists + if [ ! -d "./env/$ENV" ]; then + echo "Directory ./env/$ENV does not exist." + exit 1 + fi + + TMP_FILE=$(mktemp) + grep -E '^resource|^module' $TF_FILE > $TMP_FILE + + while read -r line ; do + TYPE=$(echo $line | cut -d '"' -f 1 | tr -d ' ') + if [ "$TYPE" == "module" ]; then + NAME=$(echo $line | cut -d '"' -f 2) + TARGETS+=" -target=\"$TYPE.$NAME\"" + else + NAME1=$(echo $line | cut -d '"' -f 2) + NAME2=$(echo $line | cut -d '"' -f 4) + TARGETS+=" -target=\"$NAME1.$NAME2\"" + fi + done < $TMP_FILE + + rm $TMP_FILE + + echo "./terraform.sh $action $ENV $TARGETS" +} + +function help_usage() { + echo "terraform.sh Version ${vers}" + echo + echo "Usage: ./script.sh [ACTION] [ENV] [OTHER OPTIONS]" + echo "es. ACTION: init, apply, plan, etc." + echo "es. ENV: dev, uat, prod, etc." + echo + echo "Available actions:" + echo " clean Remove .terraform* folders and tfplan files" + echo " help This help" + echo " list List every environment available" + echo " update Update this script if possible" + echo " summ Generate summary of Terraform plan" + echo " tflist Generate an improved output of terraform state list" + echo " tlock Generate or update the dependency lock file" + echo " * any terraform option" +} + +function init_terraform() { + if [ -n "$env" ]; then + terraform init -reconfigure -backend-config="./env/$env/backend.tfvars" $other + else + echo "ERROR: no env configured!" + exit 1 + fi +} + +function list_env() { + # Check if env directory exists + if [ ! -d "./env" ]; then + echo "No environment directory found" + exit 1 + fi + + # List subdirectories under env directory + env_list=$(ls -d ./env/*/ 2>/dev/null) + + # Check if there are any subdirectories + if [ -z "$env_list" ]; then + echo "No environments found" + exit 1 + fi + + # Print the list of environments + echo "Available environments:" + for env in $env_list; do + env_name=$(echo "$env" | sed 's#./env/##;s#/##') + echo "- $env_name" + done +} + +function other_actions() { + if [ -n "$env" ] && [ -n "$action" ]; then + terraform "$action" -var-file="./env/$env/terraform.tfvars" -compact-warnings $other + else + echo "ERROR: no env or action configured!" + exit 1 + fi +} + +function state_output_taint_actions() { + if [ "$action" == "tflist" ]; then + # If 'tflist' is not installed globally and there is no 'tflist' file in the current directory, + # attempt to download the 'tflist' tool + if ! command -v tflist &> /dev/null && [ ! -f "tflist" ]; then + download_tool "tflist" + if [ $? -ne 0 ]; then + echo "Error: Failed to download tflist!!" + exit 1 + else + echo "tflist downloaded!" + fi + fi + if command -v tflist &> /dev/null; then + terraform state list | tflist + else + terraform state list | ./tflist + fi + else + terraform $action $other + fi +} + + +function parse_tfplan_option() { + # Create an array to contain arguments that do not start with '-tfplan=' + local other_args=() + + # Loop over all arguments + for arg in "$@"; do + # If the argument starts with '-tfplan=', extract the file name + if [[ "$arg" =~ ^-tfplan= ]]; then + echo "${arg#*=}" + else + # If the argument does not start with '-tfplan=', add it to the other_args array + other_args+=("$arg") + fi + done + + # Print all arguments in other_args separated by spaces + echo "${other_args[@]}" +} + +function tfsummary() { + local plan_file + plan_file=$(parse_tfplan_option "$@") + if [ -z "$plan_file" ]; then + plan_file="tfplan" + fi + action="plan" + other="-out=${plan_file}" + other_actions + if [ -n "$(command -v tf-summarize)" ]; then + tf-summarize -tree "${plan_file}" + else + echo "tf-summarize is not installed" + fi + if [ "$plan_file" == "tfplan" ]; then + rm $plan_file + fi +} + +function update_script() { + # Check if the repository was cloned successfully + if ! curl -sL "$git_repo" -o "$tmp_file"; then + echo "Error cloning the repository" + rm "$tmp_file" 2>/dev/null + return 1 + fi + + # Check if a newer version exists + remote_vers=$(sed -n '8s/vers="\(.*\)"/\1/p' "$tmp_file") + if [ "$(printf '%s\n' "$vers" "$remote_vers" | sort -V | tail -n 1)" == "$vers" ]; then + echo "The local script version is equal to or newer than the remote version." + rm "$tmp_file" 2>/dev/null + return 0 + fi + + # Check the fingerprint + local_fingerprint=$(sed -n '4p' "$0") + remote_fingerprint=$(sed -n '4p' "$tmp_file") + + if [ "$local_fingerprint" != "$remote_fingerprint" ]; then + echo "The local and remote file fingerprints do not match." + rm "$tmp_file" 2>/dev/null + return 0 + fi + + # Show the current and available versions to the user + echo "Current script version: $vers" + echo "Available script version: $remote_vers" + + # Ask the user if they want to update the script + read -rp "Do you want to update the script to version $remote_vers? (y/n): " answer + + if [ "$answer" == "y" ] || [ "$answer" == "Y" ]; then + # Replace the local script with the updated version + cp "$tmp_file" "$script_name" + chmod +x "$script_name" + rm "$tmp_file" 2>/dev/null + + echo "Script successfully updated to version $remote_vers" + else + echo "Update canceled by the user" + fi + + rm "$tmp_file" 2>/dev/null +} + +# Check arguments number +if [ "$#" -lt 1 ]; then + help_usage + exit 0 +fi + +# Parse arguments +action=$1 +env=$2 +filetf=$3 +shift 2 +other=$@ + +if [ -n "$env" ]; then + # shellcheck source=/dev/null + source "./env/$env/backend.ini" + if [ -z "$(command -v az)" ]; then + echo "az not found, cannot proceed" + exit 1 + fi + az account set -s "${subscription}" +fi + +# Call appropriate function based on action +case $action in + clean) + clean_environment + ;; + ?|help|-h) + help_usage + ;; + init) + init_terraform "$other" + ;; + list) + list_env + ;; + output|state|taint|tflist) + init_terraform + state_output_taint_actions $other + ;; + summ) + init_terraform + tfsummary "$other" + ;; + tlock) + terraform providers lock -platform=windows_amd64 -platform=darwin_amd64 -platform=darwin_arm64 -platform=linux_amd64 + ;; + update) + update_script + ;; + *) + if [ "$FILE_ACTION" = true ]; then + extract_resources "$filetf" "$env" + else + init_terraform + other_actions "$other" + fi + ;; +esac \ No newline at end of file diff --git a/scripts/terraform_run_all.sh b/scripts/terraform_run_all.sh new file mode 100644 index 0000000..ed074c2 --- /dev/null +++ b/scripts/terraform_run_all.sh @@ -0,0 +1,61 @@ +#!/bin/bash + + + +# +# bash .utils/terraform_run_all.sh +# bash .utils/terraform_run_all.sh init +# + +# 'set -e' tells the shell to exit if any of the foreground command fails, +# i.e. exits with a non-zero status. +set -eu + +pids=() +ACTION="$1" + +array=( + 'src/cittadini::itn-dev' + 'src/monitor::itn-dev' +) + +function rm_terraform { + find . \( -iname ".terraform*" ! -iname ".terraform-docs*" ! -iname ".terraform-version" ! -iname ".terraform.lock.hcl" \) -print0 | xargs -0 rm -rf +} + +# echo "[INFO] 🪚 Delete all .terraform folders" +# rm_terraform + +echo "[INFO] 🏁 Init all terraform repos" +for index in "${array[@]}" ; do + FOLDER="${index%%::*}" + COMMAND="${index##*::}" + pushd "$(pwd)/${FOLDER}" + echo "$FOLDER - $COMMAND" + echo "🔬 folder: $(pwd) in under terraform: $ACTION action" + sh terraform.sh "$ACTION" "$COMMAND" + + terraform providers lock \ + -platform=windows_amd64 \ + -platform=darwin_amd64 \ + -platform=darwin_arm64 \ + -platform=linux_amd64 & + + pids+=($!) + popd +done + + +# Wait for each specific process to terminate. +# Instead of this loop, a single call to 'wait' would wait for all the jobs +# to terminate, but it would not give us their exit status. +# +for pid in "${pids[@]}"; do + # + # Waiting on a specific PID makes the wait command return with the exit + # status of that process. Because of the 'set -e' setting, any exit status + # other than zero causes the current shell to terminate with that exit + # status as well. + # + wait "$pid" +done \ No newline at end of file From 1a0634f2923c4ea328a7d8be2f122ca34b57513d Mon Sep 17 00:00:00 2001 From: petretiandrea Date: Thu, 17 Oct 2024 14:24:56 +0200 Subject: [PATCH 09/13] refactor location header url example --- .github/workflows/validate-openapi.yaml | 2 +- openapi/pagopa/openapi.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/validate-openapi.yaml b/.github/workflows/validate-openapi.yaml index df37ac4..6993bd7 100644 --- a/.github/workflows/validate-openapi.yaml +++ b/.github/workflows/validate-openapi.yaml @@ -7,7 +7,7 @@ on: - 'openapi/**/*.yml' permissions: - pull-requests: write + checks: write jobs: build: diff --git a/openapi/pagopa/openapi.yaml b/openapi/pagopa/openapi.yaml index 550cd6a..b884eab 100644 --- a/openapi/pagopa/openapi.yaml +++ b/openapi/pagopa/openapi.yaml @@ -71,7 +71,7 @@ components: type: string description: "The location of created resource" format: url - example: "https://domain.com/rtp-notices/{rtpId}" + example: "https://domain.com/rtps/{rtpId}" CreateRtp: type: object From 3bff8ddecaef968e1765948176af56e5a879996b Mon Sep 17 00:00:00 2001 From: petretiandrea Date: Fri, 18 Oct 2024 11:31:14 +0200 Subject: [PATCH 10/13] added payee name and required fields --- src/rtp/api/pagopa/openapi.yaml | 27 ++++++++++++++++++++++++--- 1 file changed, 24 insertions(+), 3 deletions(-) diff --git a/src/rtp/api/pagopa/openapi.yaml b/src/rtp/api/pagopa/openapi.yaml index b884eab..65db114 100644 --- a/src/rtp/api/pagopa/openapi.yaml +++ b/src/rtp/api/pagopa/openapi.yaml @@ -53,9 +53,22 @@ components: description: "See noticeNumber field" url: "https://docs.pagopa.it/sanp/appendici/primitive#verifypaymentnotice-1" + Payee: + type: object + properties: + payeeId: + $ref: "#/components/schemas/PayeeId" + name: + type: string + description: "The name of payee (e.g. EC name or Company Name)" + example: "Comune di Roma" + required: + - payeeId + - name + PayeeId: type: string - pattern: "\\d{11}" + pattern: "\\d{11}|\\d{16}" description: "The payee id (e.g. EC fiscal code)" example: "77777777777" externalDocs: @@ -89,9 +102,17 @@ components: description: "The pagoPa notice's expiry date. Formatted as ISO 8601 [YYYY]-[MM]-[DD]" format: date example: "2024-12-03" - payeeId: - $ref: "#/components/schemas/PayeeId" payerId: type: string description: "The id of the recipient of the request to pay. The id is the fiscal code" example: "ABCDEF12G34H567I" + payee: + $ref: "#/components/schemas/Payee" + required: + - noticeNumber + - amount + - description + - expiryDate + - payerId + - payee + From 8faa8066dd943110dbc50be9038493d34c01e3e2 Mon Sep 17 00:00:00 2001 From: petretiandrea Date: Fri, 18 Oct 2024 11:51:51 +0200 Subject: [PATCH 11/13] added max lenght for company name like sanp --- src/rtp/api/pagopa/openapi.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/src/rtp/api/pagopa/openapi.yaml b/src/rtp/api/pagopa/openapi.yaml index 65db114..e491ea1 100644 --- a/src/rtp/api/pagopa/openapi.yaml +++ b/src/rtp/api/pagopa/openapi.yaml @@ -60,6 +60,7 @@ components: $ref: "#/components/schemas/PayeeId" name: type: string + maxLength: 140 description: "The name of payee (e.g. EC name or Company Name)" example: "Comune di Roma" required: From 269855a08823e8cc45d9b23ea7f00eb33d3bd7bf Mon Sep 17 00:00:00 2001 From: petretiandrea Date: Fri, 18 Oct 2024 15:30:24 +0200 Subject: [PATCH 12/13] exposing service provider openapi + mock --- src/rtp/02_api_service_provider.tf | 54 +++++++++++++++++++ src/rtp/99_locals.tf | 2 + src/rtp/api/pagopa/create_rtp_mock_policy.xml | 35 ++++++++++++ 3 files changed, 91 insertions(+) create mode 100644 src/rtp/02_api_service_provider.tf create mode 100644 src/rtp/api/pagopa/create_rtp_mock_policy.xml diff --git a/src/rtp/02_api_service_provider.tf b/src/rtp/02_api_service_provider.tf new file mode 100644 index 0000000..f4b0f12 --- /dev/null +++ b/src/rtp/02_api_service_provider.tf @@ -0,0 +1,54 @@ +## RTP Service Provider API ## +resource "azurerm_api_management_api_version_set" "rtp_service_provider_api" { + name = "${var.env_short}-rtp-service-provider-api" + api_management_name = data.azurerm_api_management.this.name + resource_group_name = data.azurerm_api_management.this.resource_group_name + + display_name = "RTP Service Provider API" + versioning_scheme = "Segment" +} + +resource "azurerm_api_management_api" "rtp_service_provider_api" { + name = "${var.env_short}-rtp-service-provider-api" + api_management_name = data.azurerm_api_management.this.name + resource_group_name = data.azurerm_api_management.this.resource_group_name + + version_set_id = azurerm_api_management_api_version_set.rtp_service_provider_api.id + + revision = "1" + version = "v1" + description = "RTP Service Provider API" + display_name = "RTP Service Provider API" + path = "rtp" + protocols = ["https"] + subscription_required = false + + depends_on = [azurerm_api_management_product.rtp] + + import { + content_format = "openapi" + content_value = templatefile("./api/pagopa/openapi.yaml", {}) + } +} + + +resource "azurerm_api_management_product_api" "rtp_service_provider_product_api" { + api_management_name = data.azurerm_api_management.this.name + resource_group_name = data.azurerm_api_management.this.resource_group_name + + api_name = azurerm_api_management_api.rtp_service_provider_api.name + product_id = azurerm_api_management_product.rtp.product_id + depends_on = [azurerm_api_management_product.rtp, azurerm_api_management_api.rtp_service_provider_api] +} + +## Override API Operations Policies ## +resource "azurerm_api_management_api_operation_policy" "rtp_service_provider_create_rtp_policy" { + api_name = azurerm_api_management_api.rtp_service_provider_api.name + api_management_name = azurerm_api_management_api.rtp_service_provider_api.api_management_name + resource_group_name = azurerm_api_management_api.rtp_service_provider_api.resource_group_name + operation_id = "createRtp" + + xml_content = templatefile("./api/pagopa/create_rtp_mock_policy.xml", { + base_url : "${local.rtp_base_url}/${azurerm_api_management_api.rtp_service_provider_api.path}/${azurerm_api_management_api.rtp_service_provider_api.version}/rtps" + }) +} diff --git a/src/rtp/99_locals.tf b/src/rtp/99_locals.tf index 01f792b..ea5b645 100644 --- a/src/rtp/99_locals.tf +++ b/src/rtp/99_locals.tf @@ -4,4 +4,6 @@ locals { apim_name = "${local.product}-apim" apim_rg = "${local.product}-api-rg" + + rtp_base_url = "https://api-rtp.${var.env}.${var.prefix}.pagopa.it" } \ No newline at end of file diff --git a/src/rtp/api/pagopa/create_rtp_mock_policy.xml b/src/rtp/api/pagopa/create_rtp_mock_policy.xml new file mode 100644 index 0000000..dcc92de --- /dev/null +++ b/src/rtp/api/pagopa/create_rtp_mock_policy.xml @@ -0,0 +1,35 @@ + + + + + + + + application/json + + + @("${base_url}" + "/" + context.Variables["uuid"]) + + + + + + + + + + + + + \ No newline at end of file From dec44bcd434614a7e33e1e6b9806e80143ad1dbb Mon Sep 17 00:00:00 2001 From: petretiandrea Date: Mon, 21 Oct 2024 13:53:58 +0200 Subject: [PATCH 13/13] added dns zone prefix --- src/rtp/99_locals.tf | 2 +- src/rtp/99_variables.tf | 5 +++++ src/rtp/env/dev/terraform.tfvars | 2 ++ src/rtp/env/prod/terraform.tfvars | 2 ++ src/rtp/env/uat/terraform.tfvars | 2 ++ 5 files changed, 12 insertions(+), 1 deletion(-) diff --git a/src/rtp/99_locals.tf b/src/rtp/99_locals.tf index ea5b645..4cf1a64 100644 --- a/src/rtp/99_locals.tf +++ b/src/rtp/99_locals.tf @@ -5,5 +5,5 @@ locals { apim_name = "${local.product}-apim" apim_rg = "${local.product}-api-rg" - rtp_base_url = "https://api-rtp.${var.env}.${var.prefix}.pagopa.it" + rtp_base_url = "https://api-rtp.${var.dns_zone_prefix}" } \ No newline at end of file diff --git a/src/rtp/99_variables.tf b/src/rtp/99_variables.tf index 50b61b1..700c65a 100644 --- a/src/rtp/99_variables.tf +++ b/src/rtp/99_variables.tf @@ -48,3 +48,8 @@ variable "domain" { error_message = "Max length is 12 chars." } } + +variable "dns_zone_prefix" { + type = string + description = "The DNS zone prefix e.g. dev.cstar.pagopa.it" +} \ No newline at end of file diff --git a/src/rtp/env/dev/terraform.tfvars b/src/rtp/env/dev/terraform.tfvars index 76d3cdd..42ffd35 100644 --- a/src/rtp/env/dev/terraform.tfvars +++ b/src/rtp/env/dev/terraform.tfvars @@ -14,3 +14,5 @@ tags = { CostCenter = "TS310 - PAGAMENTI & SERVIZI" Application = "RTP" } + +dns_zone_prefix = "dev.cstar.pagopa.it" \ No newline at end of file diff --git a/src/rtp/env/prod/terraform.tfvars b/src/rtp/env/prod/terraform.tfvars index 9592fb6..46b8094 100644 --- a/src/rtp/env/prod/terraform.tfvars +++ b/src/rtp/env/prod/terraform.tfvars @@ -14,3 +14,5 @@ tags = { CostCenter = "TS310 - PAGAMENTI & SERVIZI" Application = "RTP" } + +dns_zone_prefix = "cstar.pagopa.it" \ No newline at end of file diff --git a/src/rtp/env/uat/terraform.tfvars b/src/rtp/env/uat/terraform.tfvars index b60828f..e798846 100644 --- a/src/rtp/env/uat/terraform.tfvars +++ b/src/rtp/env/uat/terraform.tfvars @@ -14,3 +14,5 @@ tags = { CostCenter = "TS310 - PAGAMENTI & SERVIZI" Application = "RTP" } + +dns_zone_prefix = "uat.cstar.pagopa.it" \ No newline at end of file