pagopa · mamari90 · Sep 27, 2024 · Sep 30, 2024 · Sep 30, 2024 · Oct 11, 2024
@@ -0,0 +1,81 @@
+# decoupler named values
+
+# named value containing primitive names for routing algorithm
+resource "azurerm_api_management_named_value" "node_decoupler_primitives" {
+  name                = "node-decoupler-primitives"
+  api_management_name = data.azurerm_api_management.apim.name
+  resource_group_name = local.pagopa_apim_rg
+  display_name        = "node-decoupler-primitives"
+  value               = var.node_decoupler_primitives
+}
+
+
+resource "azurerm_api_management_named_value" "nexi_nodo_address" {
+  name                = "nexi-nodo-address"
+  api_management_name = data.azurerm_api_management.apim.name
+  resource_group_name = local.pagopa_apim_rg
+  display_name        = "nexi-nodo-address"
+  value               = var.nexi_nodo_address
+}
+
+resource "azurerm_api_management_named_value" "nexi_nodo_pg_address" {
+  name                = "nexi-nodo-pg-address"
+  api_management_name = data.azurerm_api_management.apim.name
+  resource_group_name = local.pagopa_apim_rg
+  display_name        = "nexi-nodo-pg-address"
+  value               = var.nexi_nodo_pg_address
+}
+
+resource "azurerm_api_management_named_value" "pagopa_nodo_address" {
+  name                = "pagopa-nodo-address"
+  api_management_name = data.azurerm_api_management.apim.name
+  resource_group_name = local.pagopa_apim_rg
+  display_name        = "pagopa-nodo-address"
+  value               = var.nexi_nodo_pg_address
+}
+
+resource "azurerm_api_management_named_value" "nexi_nodo_weight" {
+  name                = "nexi-nodo-weight"
+  api_management_name = data.azurerm_api_management.apim.name
+  resource_group_name = local.pagopa_apim_rg
+  display_name        = "nexi-nodo-weight"
+  value               = var.nexi_nodo_weight
+}
+
+resource "azurerm_api_management_named_value" "pagopa_nodo_weight" {
+  name                = "pagopa-nodo-weight"
+  api_management_name = data.azurerm_api_management.apim.name
+  resource_group_name = local.pagopa_apim_rg
+  display_name        = "pagopa-nodo-weight"
+  value               = var.pagopa_nodo_weight
+}
+resource "azurerm_api_management_named_value" "nexi_pg_nodo_weight" {
+  name                = "nexi-pg-nodo-weight"
+  api_management_name = data.azurerm_api_management.apim.name
+  resource_group_name = local.pagopa_apim_rg
+  display_name        = "nexi-pg-nodo-weight"
+  value               = var.nexi_pg_nodo_weight
+}
+
+resource "azurerm_api_management_named_value" "nexi_nodo_priority" {
+  name                = "nexi-nodo-priority"
+  api_management_name = data.azurerm_api_management.apim.name
+  resource_group_name = local.pagopa_apim_rg
+  display_name        = "nexi-nodo-priority"
+  value               = var.nexi_nodo_priority
+}
+
+resource "azurerm_api_management_named_value" "pagopa_nodo_priority" {
+  name                = "pagopa-nodo-priority"
+  api_management_name = data.azurerm_api_management.apim.name
+  resource_group_name = local.pagopa_apim_rg
+  display_name        = "pagopa-nodo-priority"
+  value               = var.pagopa_nodo_priority
+}
+resource "azurerm_api_management_named_value" "nexi_pg_nodo_priority" {
+  name                = "nexi-pg-nodo-priority"
+  api_management_name = data.azurerm_api_management.apim.name
+  resource_group_name = local.pagopa_apim_rg
+  display_name        = "nexi-pg-nodo-priority"
+  value               = var.nexi_pg_nodo_priority
+}
@@ -0,0 +1,151 @@
+###############
+## Decoupler ##
+###############
+
+# convert configuration from JSON to XML
+resource "null_resource" "decoupler_configuration_from_json_2_xml" {
+
+  triggers = {
+    "changes-in-config-decoupler" : sha1(file("./api_product/nodo_pagamenti_api/decoupler/cfg/${var.env}/decoupler_configuration.json"))
+  }
+  provisioner "local-exec" {
+    command = "sh ./api_product/nodo_pagamenti_api/decoupler/cfg/decoupler_configurator.sh ${var.env}"
+  }
+}
+
+
+# fragment for loading configuration inside policy
+# https://github.com/hashicorp/terraform-provider-azurerm/issues/17016#issuecomment-1314991599
+# https://learn.microsoft.com/en-us/azure/templates/microsoft.apimanagement/2022-04-01-preview/service/policyfragments?pivots=deployment-language-terraform
+resource "terraform_data" "sha256_decoupler_configuration" {
+  input = sha256(file("./api_product/nodo_pagamenti_api/decoupler/cfg/${var.env}/decoupler-configuration.xml"))
+}
+resource "azapi_resource" "decoupler_configuration" {
+
+  depends_on = [null_resource.decoupler_configuration_from_json_2_xml]
+
+  type      = "Microsoft.ApiManagement/service/policyFragments@2022-04-01-preview"
+  name      = "decoupler-configuration"
+  parent_id = data.azurerm_api_management.apim.id
+  ignore_missing_property = false
+  body = jsonencode({
+    properties = {
+      description = "Configuration of NDP decoupler"
+      format      = "rawxml"
+      value       = file("./api_product/nodo_pagamenti_api/decoupler/cfg/${var.env}/decoupler-configuration.xml")
+    }
+  })
+
+  lifecycle {
+    ignore_changes = [output]
+  }
+}
+
+# decoupler algorithm fragment
+resource "terraform_data" "sha256_decoupler_algorithm" {
+  input = sha256(file("./api_product/nodo_pagamenti_api/decoupler/decoupler-algorithm.xml"))
+}
+resource "azapi_resource" "decoupler_algorithm" {
+  type      = "Microsoft.ApiManagement/service/policyFragments@2022-04-01-preview"
+  name      = "decoupler-algorithm"
+  parent_id = data.azurerm_api_management.apim.id
+  ignore_missing_property = false
+  body = jsonencode({
+    properties = {
+      description = "Logic about NPD decoupler"
+      format      = "rawxml"
+      value       = file("./api_product/nodo_pagamenti_api/decoupler/decoupler-algorithm.xml")
+    }
+  })
+
+  lifecycle {
+    ignore_changes = [output]
+  }
+}
+
+# fragment for managing inbound policy if primitive is activatePaymentV2
+resource "terraform_data" "sha256_decoupler_activate_inbound" {
+  input = sha256(file("./api_product/nodo_pagamenti_api/decoupler/decoupler-activate-inbound.xml"))
+}
+resource "azapi_resource" "decoupler_activate_inbound" {
+  type      = "Microsoft.ApiManagement/service/policyFragments@2022-04-01-preview"
+  name      = "decoupler-activate-inbound"
+  parent_id = data.azurerm_api_management.apim.id
+  ignore_missing_property = false
+  body = jsonencode({
+    properties = {
+      description = "Inbound logic for Activate primitive of NDP decoupler"
+      format      = "rawxml"
+      value       = file("./api_product/nodo_pagamenti_api/decoupler/decoupler-activate-inbound.xml")
+    }
+  })
+
+  lifecycle {
+    ignore_changes = [output]
+  }
+}
+
+# fragment for managing outbound policy if primitive is activatePayment or activateIO
+resource "terraform_data" "sha256_decoupler_activate_outbound" {
+  input = sha256(file("./api_product/nodo_pagamenti_api/decoupler/decoupler-activate-outbound.xml"))
+}
+resource "azapi_resource" "decoupler_activate_outbound" {
+  type      = "Microsoft.ApiManagement/service/policyFragments@2022-04-01-preview"
+  name      = "decoupler-activate-outbound"
+  parent_id = data.azurerm_api_management.apim.id
+  ignore_missing_property = false
+  body = jsonencode({
+    properties = {
+      description = "Outbound logic for Activate primitive of NDP decoupler"
+      format      = "rawxml"
+      value       = file("./api_product/nodo_pagamenti_api/decoupler/decoupler-activate-outbound.xml")
+    }
+  })
+
+  lifecycle {
+    ignore_changes = [output]
+  }
+}
+
+resource "terraform_data" "sha256_on_erro_soap_handler" {
+  input = sha256(file("./api_product/nodo_pagamenti_api/on_error_soap_req.xml"))
+}
+resource "azapi_resource" "on_erro_soap_handler" {
+  type      = "Microsoft.ApiManagement/service/policyFragments@2022-04-01-preview"
+  name      = "onerror-soap-req"
+  parent_id = data.azurerm_api_management.apim.id
+
+  body = jsonencode({
+    properties = {
+      description = "On error SOAP request"
+      format      = "rawxml"
+      value       = file("./api_product/nodo_pagamenti_api/on_error_soap_req.xml")
+    }
+  })
+
+  lifecycle {
+    ignore_changes = [output]
+  }
+}
+
+# fragment for managing outbound policy for nodoInviaRPT and nodoInviaCarrelloRPT
+resource "terraform_data" "sha256_nodoinviarpt_wisp_nodoinviacarrellorpt_outbound_policy" {
+  input = sha256(file("./api/nodopagamenti_api/nodoPerPa/v1/wisp_nodoInviaRPT_nodoInviaCarrelloRPT_outbound_policy.xml"))
+}
+resource "azapi_resource" "wisp_nodoinviarpt_nodoinviacarrellorpt_outbound_policy" {
+  type      = "Microsoft.ApiManagement/service/policyFragments@2022-04-01-preview"
+  name      = "wisp-nodoinviarpt-nodoinviacarrellorpt-outbound"
+  parent_id = data.azurerm_api_management.apim.id
+  ignore_missing_property = false
+  body = jsonencode({
+    properties = {
+      description = "Outbound policy for nodoInviaRPT / nodoInviaCarrelloRPT regarding WISP"
+      format      = "rawxml"
+      value       = file("./api/nodopagamenti_api/nodoPerPa/v1/wisp_nodoInviaRPT_nodoInviaCarrelloRPT_outbound_policy.xml")
+    }
+  })
+
+  lifecycle {
+    ignore_changes = [output]
+  }
+}
@@ -30,6 +30,7 @@ terraform {
 }
 
 provider "azurerm" {
+  skip_provider_registration = true
   features {
     key_vault {
       purge_soft_delete_on_destroy = false

@@ -382,9 +382,54 @@ variable "apim_nodo_decoupler_enable" {
 variable "node_decoupler_primitives" {
   type        = string
   description = "Node decoupler primitives"
-  default     = "nodoChiediNumeroAvviso,nodoChiediCatalogoServizi,nodoAttivaRPT,nodoVerificaRPT,nodoChiediInformativaPA,nodoChiediInformativaPSP,nodoChiediTemplateInformativaPSP,nodoPAChiediInformativaPA,nodoChiediSceltaWISP,demandPaymentNotice"
+  default     = "nodoChiediNumeroAvviso,nodoChiediCatalogoServizi,nodoChiediInformativaPA,nodoChiediInformativaPSP,nodoChiediTemplateInformativaPSP,nodoPAChiediInformativaPA,nodoChiediSceltaWISP,demandPaymentNotice"
 }
 
+variable "nexi_nodo_address" {
+  type = string
+  description = "Nexi NdP address, used in decoupler configuration"
+}
+
+variable "nexi_nodo_pg_address" {
+  type = string
+  description = "Nexi NdP PostgreSQL address, used in decoupler configuration"
+}
+
+variable "nexi_nodo_weight" {
+  type = number
+  description = "Nexi NdP routing weight (0-100)"
+  default = 100
+}
+
+variable "pagopa_nodo_weight" {
+  type = number
+  description = "PagoPA NdP routing weight (0-100)"
+  default = 0
+}
+
+variable "nexi_pg_nodo_weight" {
+  type = number
+  description = "Nexi PostgreSQL NdP routing priority"
+  default = 0
+}
+
+variable "nexi_nodo_priority" {
+  type = number
+  description = "Nexi NdP routing priority"
+  default = 3
+}
+
+variable "pagopa_nodo_priority" {
+  type = number
+  description = "PagoPA NdP routing priority"
+  default = 1
+}
+
+variable "nexi_pg_nodo_priority" {
+  type = number
+  description = "Nexi PostgreSQL NdP routing priority"
+  default = 2
+}
 
 variable "nodo_pagamenti_subkey_required" {
   type        = bool