From d76498f016bbbe0b2f60922b269081f54f215153 Mon Sep 17 00:00:00 2001 From: antoniotarricone Date: Tue, 17 Dec 2024 11:23:47 +0100 Subject: [PATCH 1/7] Added the link from user to client. --- .../mil/auth/admin/bean/CreateUserRequest.java | 10 ++++++++++ .../mil/auth/admin/resource/UserResource.java | 3 ++- .../pagopa/swclient/mil/auth/dao/UserEntity.java | 11 ++++++++++- .../swclient/mil/auth/dao/UserRepository.java | 13 +++++++++++-- .../mil/auth/service/TokenByPasswordService.java | 13 +++++++------ src/main/resources/META-INF/openapi.yaml | 4 ++++ .../auth/admin/resource/UserResourceTest.java | 8 ++++---- .../mil/auth/dao/UserRepositoryTest.java | 8 ++++---- .../auth/service/TokenByPasswordServiceTest.java | 16 ++++++++-------- 9 files changed, 60 insertions(+), 26 deletions(-) diff --git a/src/main/java/it/pagopa/swclient/mil/auth/admin/bean/CreateUserRequest.java b/src/main/java/it/pagopa/swclient/mil/auth/admin/bean/CreateUserRequest.java index bb61d0d..95593e9 100644 --- a/src/main/java/it/pagopa/swclient/mil/auth/admin/bean/CreateUserRequest.java +++ b/src/main/java/it/pagopa/swclient/mil/auth/admin/bean/CreateUserRequest.java @@ -71,4 +71,14 @@ public class CreateUserRequest { @JsonProperty(value = AdminJsonPropertyName.MERCHANT_ID) @Pattern(regexp = ValidationPattern.MERCHANT_ID, message = ErrorCode.MERCHANT_ID_MUST_MATCH_REGEXP_MSG) private String merchantId; + + /** + *

+ * Client ID. + *

+ */ + @JsonProperty(value = AdminJsonPropertyName.CLIENT_ID) + @NotNull(message = AuthErrorCode.CLIENT_ID_MUST_NOT_BE_NULL_MSG) + @Pattern(regexp = AuthValidationPattern.CLIENT_ID, message = AuthErrorCode.CLIENT_ID_MUST_MATCH_REGEXP_MSG) + private String clientId; } \ No newline at end of file diff --git a/src/main/java/it/pagopa/swclient/mil/auth/admin/resource/UserResource.java b/src/main/java/it/pagopa/swclient/mil/auth/admin/resource/UserResource.java index 39d3de1..22e96c3 100644 --- a/src/main/java/it/pagopa/swclient/mil/auth/admin/resource/UserResource.java +++ b/src/main/java/it/pagopa/swclient/mil/auth/admin/resource/UserResource.java @@ -154,7 +154,8 @@ public Uni create(@Valid CreateUserRequest req) { triplet.getSalt(), triplet.getHash(), req.getAcquirerId(), - req.getMerchantId()); + req.getMerchantId(), + req.getClientId()); return repository .persist(entity) diff --git a/src/main/java/it/pagopa/swclient/mil/auth/dao/UserEntity.java b/src/main/java/it/pagopa/swclient/mil/auth/dao/UserEntity.java index 1e040e7..cd36609 100644 --- a/src/main/java/it/pagopa/swclient/mil/auth/dao/UserEntity.java +++ b/src/main/java/it/pagopa/swclient/mil/auth/dao/UserEntity.java @@ -35,6 +35,7 @@ public class UserEntity { public static final String PASSWORD_HASH_PRP = "passwordHash"; public static final String ACQUIRER_ID_PRP = "acquirerId"; public static final String MERCHANT_ID_PRP = "merchantId"; + public static final String CLIENT_ID_PRP = "clientId"; /* * Used by MongoDB for the _id field. @@ -83,6 +84,12 @@ public class UserEntity { */ @BsonProperty(value = MERCHANT_ID_PRP) public String merchantId; + + /* + * + */ + @BsonProperty(value = CLIENT_ID_PRP) + public String clientId; /** * @@ -93,8 +100,9 @@ public class UserEntity { * @param passwordHash * @param acquirerId * @param merchantId + * @param clientId */ - public UserEntity(String userId, String username, String channel, String salt, String passwordHash, String acquirerId, String merchantId) { + public UserEntity(String userId, String username, String channel, String salt, String passwordHash, String acquirerId, String merchantId, String clientId) { // NOSONAR this.userId = userId; this.username = username; this.channel = channel; @@ -102,5 +110,6 @@ public UserEntity(String userId, String username, String channel, String salt, S this.passwordHash = passwordHash; this.acquirerId = acquirerId; this.merchantId = merchantId; + this.clientId = clientId; } } \ No newline at end of file diff --git a/src/main/java/it/pagopa/swclient/mil/auth/dao/UserRepository.java b/src/main/java/it/pagopa/swclient/mil/auth/dao/UserRepository.java index 908ff73..e98aba0 100644 --- a/src/main/java/it/pagopa/swclient/mil/auth/dao/UserRepository.java +++ b/src/main/java/it/pagopa/swclient/mil/auth/dao/UserRepository.java @@ -19,13 +19,22 @@ @TraceReactivePanacheMongoRepository @ApplicationScoped public class UserRepository implements ReactivePanacheMongoRepository { + /* + * + */ + static final String FIND_BY_USERNAME_AND_CLIENT_ID = String.format( + "%s = ?1 and %s = ?2", + UserEntity.USERNAME_PRP, + UserEntity.CLIENT_ID_PRP); + /** * * @param username + * @param clientId * @return */ - public Uni> findByUsername(String username) { - return find(UserEntity.USERNAME_PRP, username).firstResultOptional(); + public Uni> findByUsernameAndClientId(String username, String clientId) { + return find(FIND_BY_USERNAME_AND_CLIENT_ID, username, clientId).firstResultOptional(); } /** diff --git a/src/main/java/it/pagopa/swclient/mil/auth/service/TokenByPasswordService.java b/src/main/java/it/pagopa/swclient/mil/auth/service/TokenByPasswordService.java index 5d1e027..efcbb0d 100644 --- a/src/main/java/it/pagopa/swclient/mil/auth/service/TokenByPasswordService.java +++ b/src/main/java/it/pagopa/swclient/mil/auth/service/TokenByPasswordService.java @@ -63,15 +63,16 @@ public class TokenByPasswordService extends TokenService { @CacheResult(cacheName = "client-role") public Uni findUser(GetAccessTokenRequest getAccessToken) { String username = getAccessToken.getUsername(); - Log.tracef("Search for the user %s", username); - return repository.findByUsername(username) + String clientId = getAccessToken.getClientId(); + Log.tracef("Search for the user %s and client %s", username, clientId); + return repository.findByUsernameAndClientId(username, clientId) .onFailure().transform(t -> { - String message = String.format("[%s] Error searching for user %s", AuthErrorCode.ERROR_SEARCHING_FOR_USER, username); + String message = String.format("[%s] Error searching for user %s with client %s", AuthErrorCode.ERROR_SEARCHING_FOR_USER, username, clientId); Log.errorf(t, message); return new AuthError(AuthErrorCode.ERROR_SEARCHING_FOR_USER, message); }) .map(opt -> opt.orElseThrow(() -> { - String message = String.format("[%s] User %s not found", AuthErrorCode.USER_NOT_FOUND, username); + String message = String.format("[%s] User %s with client %s not found", AuthErrorCode.USER_NOT_FOUND, username, clientId); Log.warn(message); throw new AuthException(AuthErrorCode.USER_NOT_FOUND, message); })) @@ -83,6 +84,8 @@ public Uni findUser(GetAccessTokenRequest getAccessToken) { *

* If the verification succeeds, the method returns ResourceOwnerCredentialsEntity, otherwise it * returns a failure with specific error code. + * + * TODO: AGGIUNGERE IL CONTROLLO DEL CLIENT_ID * * @param userEntity * @param getAccessToken @@ -136,8 +139,6 @@ private Void verifyPassword(UserEntity userEntity, GetAccessTokenRequest getAcce /** * This method verifies credentials. - *

- * ResourceOwnerCredentialsEntity * * @param getAccessToken */ diff --git a/src/main/resources/META-INF/openapi.yaml b/src/main/resources/META-INF/openapi.yaml index bd497d6..4f9775e 100644 --- a/src/main/resources/META-INF/openapi.yaml +++ b/src/main/resources/META-INF/openapi.yaml @@ -1193,10 +1193,14 @@ components: $ref: '#/components/schemas/AcquirerId' merchantId: $ref: '#/components/schemas/MerchantId' + clientId: + $ref: '#/components/schemas/UUID' required: - username + - clientId example: username: "mario.rossi@pagopa.it" + clientId: "d0d654e6-97da-4848-b568-99fedccb642b" CreateUserRes: description: Response to a request to create a new user additionalProperties: false diff --git a/src/test/java/it/pagopa/swclient/mil/auth/admin/resource/UserResourceTest.java b/src/test/java/it/pagopa/swclient/mil/auth/admin/resource/UserResourceTest.java index ae08ab2..e8a2d5b 100644 --- a/src/test/java/it/pagopa/swclient/mil/auth/admin/resource/UserResourceTest.java +++ b/src/test/java/it/pagopa/swclient/mil/auth/admin/resource/UserResourceTest.java @@ -93,7 +93,7 @@ void given_requestToCreateNewUser_when_allGoesOk_then_getPassword() { .log().all() .filter(validationFilter) .contentType(MediaType.APPLICATION_JSON) - .body(new CreateUserRequest().setUsername("username")) + .body(new CreateUserRequest().setUsername("username").setClientId("d0d654e6-97da-4848-b568-99fedccb642b")) .when() .post() .then() @@ -118,7 +118,7 @@ void given_requestToCreateNewUser_when_duplicateKeyOccurs_then_getFailure() { .log().all() .filter(validationFilter) .contentType(MediaType.APPLICATION_JSON) - .body(new CreateUserRequest().setUsername("username")) + .body(new CreateUserRequest().setUsername("username").setClientId("d0d654e6-97da-4848-b568-99fedccb642b")) .when() .post() .then() @@ -141,7 +141,7 @@ void given_requestToCreateNewClient_when_mongoErrorOccursOnPersist_then_getFailu .log().all() .filter(validationFilter) .contentType(MediaType.APPLICATION_JSON) - .body(new CreateUserRequest().setUsername("username")) + .body(new CreateUserRequest().setUsername("username").setClientId("d0d654e6-97da-4848-b568-99fedccb642b")) .when() .post() .then() @@ -161,7 +161,7 @@ void given_requestToCreateNewClient_when_otherErrorOccursOnPersist_then_getFailu .log().all() .filter(validationFilter) .contentType(MediaType.APPLICATION_JSON) - .body(new CreateUserRequest().setUsername("username")) + .body(new CreateUserRequest().setUsername("username").setClientId("d0d654e6-97da-4848-b568-99fedccb642b")) .when() .post() .then() diff --git a/src/test/java/it/pagopa/swclient/mil/auth/dao/UserRepositoryTest.java b/src/test/java/it/pagopa/swclient/mil/auth/dao/UserRepositoryTest.java index 7df36cc..4bb6c1f 100644 --- a/src/test/java/it/pagopa/swclient/mil/auth/dao/UserRepositoryTest.java +++ b/src/test/java/it/pagopa/swclient/mil/auth/dao/UserRepositoryTest.java @@ -48,20 +48,20 @@ void init(TestInfo testInfo) { */ @Test void testFindByUsername() { - UserEntity entity = new UserEntity("user_id", "username", "channel", "salt", "secret_hash", "acquirer_id", "merchant_id"); + UserEntity entity = new UserEntity("user_id", "username", "channel", "salt", "secret_hash", "acquirer_id", "merchant_id", "client_id"); @SuppressWarnings("unchecked") ReactivePanacheQuery query = mock(ReactivePanacheQuery.class); when(query.firstResultOptional()) .thenReturn(Uni.createFrom().item(Optional.of(entity))); - when(repository.find(UserEntity.USERNAME_PRP, "username")) + when(repository.find(UserRepository.FIND_BY_USERNAME_AND_CLIENT_ID, "username", "client_id")) .thenReturn(query); - when(repository.findByUsername("username")) + when(repository.findByUsernameAndClientId("username", "client_id")) .thenCallRealMethod(); - repository.findByUsername("username") + repository.findByUsernameAndClientId("username", "client_id") .subscribe() .withSubscriber(UniAssertSubscriber.create()) .assertCompleted() diff --git a/src/test/java/it/pagopa/swclient/mil/auth/service/TokenByPasswordServiceTest.java b/src/test/java/it/pagopa/swclient/mil/auth/service/TokenByPasswordServiceTest.java index 1edbc5c..b89f999 100644 --- a/src/test/java/it/pagopa/swclient/mil/auth/service/TokenByPasswordServiceTest.java +++ b/src/test/java/it/pagopa/swclient/mil/auth/service/TokenByPasswordServiceTest.java @@ -101,7 +101,7 @@ void given_userCredentials_when_allGoesOk_then_getAccessToken() throws ParseExce final String salt = "TSO2VIJixd6taCapX1Aq9bTIbTAEuDtXzLleB9A3W6NUgppiJkNbAnBX8CVYvpsPMpzJHGhK2ouHDONevrcVUg=="; final String passwordHash = "gKWXj0IXDkeO5xvrozbm47tO+SXHNGN8pE5ql3W4Hgo="; - when(repository.findByUsername(username)) + when(repository.findByUsernameAndClientId(username, "client_id")) .thenReturn(UniGenerator.item(Optional.of(new UserEntity() .setAcquirerId("acquirer_id") .setChannel(Channel.POS) @@ -157,7 +157,7 @@ void given_userCredentials_when_userNotFound_then_getFailure() { final String username = "username"; final String password = "password"; - when(repository.findByUsername(username)) + when(repository.findByUsernameAndClientId(username, "client_id")) .thenReturn(Uni.createFrom() .item(Optional.empty())); @@ -191,7 +191,7 @@ void given_userCredentials_when_getUserReturns500_then_getFailure() { final String username = "username"; final String password = "password"; - when(repository.findByUsername(username)) + when(repository.findByUsernameAndClientId(username, "client_id")) .thenReturn(Uni.createFrom().failure(new WebApplicationException(Response.status(Response.Status.INTERNAL_SERVER_ERROR).build()))); /* @@ -224,7 +224,7 @@ void given_userCredentials_when_getUserThrowsAnotherException_then_getFailure() final String username = "username"; final String password = "password"; - when(repository.findByUsername(username)) + when(repository.findByUsernameAndClientId(username, "client_id")) .thenReturn(Uni.createFrom().failure(new Exception("synthetic_exception"))); /* @@ -259,7 +259,7 @@ void given_userCredentials_when_consistencyVerificationFailsDueToAcquirerId_then final String salt = "TSO2VIJixd6taCapX1Aq9bTIbTAEuDtXzLleB9A3W6NUgppiJkNbAnBX8CVYvpsPMpzJHGhK2ouHDONevrcVUg=="; final String passwordHash = "gKWXj0IXDkeO5xvrozbm47tO+SXHNGN8pE5ql3W4Hgo="; - when(repository.findByUsername(username)) + when(repository.findByUsernameAndClientId(username, "client_id")) .thenReturn(UniGenerator.item(Optional.of(new UserEntity() .setAcquirerId("acquirer_id_2") .setChannel("channel") @@ -307,7 +307,7 @@ void given_userCredentials_when_consistencyVerificationFailsDueToChannel_then_ge final String salt = "TSO2VIJixd6taCapX1Aq9bTIbTAEuDtXzLleB9A3W6NUgppiJkNbAnBX8CVYvpsPMpzJHGhK2ouHDONevrcVUg=="; final String passwordHash = "gKWXj0IXDkeO5xvrozbm47tO+SXHNGN8pE5ql3W4Hgo="; - when(repository.findByUsername(username)) + when(repository.findByUsernameAndClientId(username, "client_id")) .thenReturn(UniGenerator.item(Optional.of(new UserEntity() .setAcquirerId("acquirer_id") .setChannel("channel_2") @@ -355,7 +355,7 @@ void given_userCredentials_when_consistencyVerificationFailsDueToMerchantId_then final String salt = "TSO2VIJixd6taCapX1Aq9bTIbTAEuDtXzLleB9A3W6NUgppiJkNbAnBX8CVYvpsPMpzJHGhK2ouHDONevrcVUg=="; final String passwordHash = "gKWXj0IXDkeO5xvrozbm47tO+SXHNGN8pE5ql3W4Hgo="; - when(repository.findByUsername(username)) + when(repository.findByUsernameAndClientId(username, "client_id")) .thenReturn(UniGenerator.item(Optional.of(new UserEntity() .setAcquirerId("acquirer_id") .setChannel("channel") @@ -402,7 +402,7 @@ void given_userCredentials_when_passwordIsWrong_then_getFailure() { final String salt = "TSO2VIJixd6taCapX1Aq9bTIbTAEuDtXzLleB9A3W6NUgppiJkNbAnBX8CVYvpsPMpzJHGhK2ouHDONevrcVUg=="; final String passwordHash = "gKWXj0IXDkeO5xvrozbm47tO+SXHNGN8pE5ql3W4Hgo="; - when(repository.findByUsername(username)) + when(repository.findByUsernameAndClientId(username, "client_id")) .thenReturn(UniGenerator.item(Optional.of(new UserEntity() .setAcquirerId("acquirer_id") .setChannel("channel") From 355c2ffdf9e19d1ccc57ca49ef7895dcfcc4176f Mon Sep 17 00:00:00 2001 From: antoniotarricone Date: Tue, 17 Dec 2024 16:31:51 +0100 Subject: [PATCH 2/7] Added custom scale rule to set replicas to 1 during office hours. --- src/main/terraform/container_app.tf | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/src/main/terraform/container_app.tf b/src/main/terraform/container_app.tf index e2fd43a..f3c1b69 100644 --- a/src/main/terraform/container_app.tf +++ b/src/main/terraform/container_app.tf @@ -122,6 +122,22 @@ resource "azurerm_container_app" "auth" { max_replicas = var.mil_auth_max_replicas min_replicas = var.mil_auth_min_replicas + + custom_scale_rule { + name = "office-hours" + custom_rule_type = "cron" + metadata { + timezone = "Europe/Rome" + start = "0 8 * * 1-5" + end = "0 18 * * 1-5" + desiredReplicas = "1" + } + } + + http_scale_rule { + name = "http-requests" + concurrent_requests = "25" + } } secret { @@ -170,5 +186,6 @@ resource "azurerm_container_app" "auth" { } } - tags = local.tags + max_inactive_revisions = 5 + tags = local.tags } \ No newline at end of file From 14ca1dcafbd1d284854998f7c0352b18c7ad5add Mon Sep 17 00:00:00 2001 From: antoniotarricone Date: Tue, 17 Dec 2024 16:33:44 +0100 Subject: [PATCH 3/7] Reduced the resources used by the container app. --- src/main/terraform/env/cstar-d-mcshared/terraform.tfvars | 4 ++-- src/main/terraform/env/cstar-p-mcshared/terraform.tfvars | 4 ++-- src/main/terraform/env/cstar-u-mcshared/terraform.tfvars | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/src/main/terraform/env/cstar-d-mcshared/terraform.tfvars b/src/main/terraform/env/cstar-d-mcshared/terraform.tfvars index c42a252..9c6fa71 100644 --- a/src/main/terraform/env/cstar-d-mcshared/terraform.tfvars +++ b/src/main/terraform/env/cstar-d-mcshared/terraform.tfvars @@ -40,8 +40,8 @@ mil_auth_keysize = 2048 mil_auth_access_duration = 900 mil_auth_refresh_duration = 3600 mil_auth_image = "ghcr.io/pagopa/mil-auth:latest" -mil_auth_cpu = 1 -mil_auth_memory = "2Gi" +mil_auth_cpu = "0.25 +mil_auth_memory = "0.5Gi" mil_auth_max_replicas = 5 mil_auth_min_replicas = 0 mil_auth_keyvault_maxresults = 20 diff --git a/src/main/terraform/env/cstar-p-mcshared/terraform.tfvars b/src/main/terraform/env/cstar-p-mcshared/terraform.tfvars index 1ccb1a1..17c3ff7 100644 --- a/src/main/terraform/env/cstar-p-mcshared/terraform.tfvars +++ b/src/main/terraform/env/cstar-p-mcshared/terraform.tfvars @@ -40,8 +40,8 @@ mil_auth_keysize = 2048 mil_auth_access_duration = 900 mil_auth_refresh_duration = 3600 mil_auth_image = "ghcr.io/pagopa/mil-auth:latest" -mil_auth_cpu = 1 -mil_auth_memory = "2Gi" +mil_auth_cpu = "0.25 +mil_auth_memory = "0.5Gi" mil_auth_max_replicas = 5 mil_auth_min_replicas = 0 mil_auth_keyvault_maxresults = 20 diff --git a/src/main/terraform/env/cstar-u-mcshared/terraform.tfvars b/src/main/terraform/env/cstar-u-mcshared/terraform.tfvars index 0f6aaef..dca5239 100644 --- a/src/main/terraform/env/cstar-u-mcshared/terraform.tfvars +++ b/src/main/terraform/env/cstar-u-mcshared/terraform.tfvars @@ -40,8 +40,8 @@ mil_auth_keysize = 2048 mil_auth_access_duration = 900 mil_auth_refresh_duration = 3600 mil_auth_image = "ghcr.io/pagopa/mil-auth:latest" -mil_auth_cpu = 1 -mil_auth_memory = "2Gi" +mil_auth_cpu = "0.25 +mil_auth_memory = "0.5Gi" mil_auth_max_replicas = 5 mil_auth_min_replicas = 0 mil_auth_keyvault_maxresults = 20 From abed4e26ade4d37a5dbbf48bbbcf945d9a9390d2 Mon Sep 17 00:00:00 2001 From: antoniotarricone Date: Tue, 17 Dec 2024 16:34:05 +0100 Subject: [PATCH 4/7] Upgrade of azurerm to 4.14.0. --- src/main/terraform/main.tf | 2 +- src/main/terraform/terraform.sh | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/src/main/terraform/main.tf b/src/main/terraform/main.tf index e26dfb6..acd1685 100644 --- a/src/main/terraform/main.tf +++ b/src/main/terraform/main.tf @@ -3,7 +3,7 @@ terraform { required_providers { azurerm = { source = "hashicorp/azurerm" - version = "= 3.99.0" + version = "= 4.14.0" } } diff --git a/src/main/terraform/terraform.sh b/src/main/terraform/terraform.sh index 55ffc26..3b3c4fb 100755 --- a/src/main/terraform/terraform.sh +++ b/src/main/terraform/terraform.sh @@ -22,6 +22,7 @@ other=$@ source "./env/$env/backend.ini" az account set -s "${subscription}" +export ARM_SUBSCRIPTION_ID="$(az account list --query "[?isDefault].id" --output tsv)" if echo "init plan apply refresh import output state taint destroy console" | grep -w $action > /dev/null; then if [ $action = "init" ]; then From daa8a11c068402a3cc26af91727deb617e89f383 Mon Sep 17 00:00:00 2001 From: antoniotarricone Date: Wed, 18 Dec 2024 10:50:17 +0100 Subject: [PATCH 5/7] Job to build stable version has been fixed. --- .github/workflows/post-merge-mcshared.yml | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/.github/workflows/post-merge-mcshared.yml b/.github/workflows/post-merge-mcshared.yml index 4394b12..c203167 100644 --- a/.github/workflows/post-merge-mcshared.yml +++ b/.github/workflows/post-merge-mcshared.yml @@ -247,6 +247,21 @@ jobs: image: ${{ steps.stable_image.outputs.image }} steps: + # + # Checkout the source code. + # + - name: Checkout the source code + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # 4.2.2 + + # + # Setup Java Build Environment. + # + - name: Setup Java Build Environment + uses: pagopa/mil-actions/setup-java-build-env@f782a1b3cdb79afda2c10007ae46b831b31fe640 # 1.1.2 + with: + gh_user: ${{ secrets.GIT_USER }} + gh_token: ${{ secrets.GIT_PAT }} + # # STABLE - Update of pom.xml and openapi.yaml with the new version. # From 2ac82b04ddedcd5b32dd9a19dde2f3244f39fe0b Mon Sep 17 00:00:00 2001 From: antoniotarricone Date: Wed, 18 Dec 2024 11:15:46 +0100 Subject: [PATCH 6/7] Missing closing quote added. --- src/main/terraform/env/cstar-d-mcshared/terraform.tfvars | 2 +- src/main/terraform/env/cstar-p-mcshared/terraform.tfvars | 2 +- src/main/terraform/env/cstar-u-mcshared/terraform.tfvars | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/src/main/terraform/env/cstar-d-mcshared/terraform.tfvars b/src/main/terraform/env/cstar-d-mcshared/terraform.tfvars index 9c6fa71..e4d9a29 100644 --- a/src/main/terraform/env/cstar-d-mcshared/terraform.tfvars +++ b/src/main/terraform/env/cstar-d-mcshared/terraform.tfvars @@ -40,7 +40,7 @@ mil_auth_keysize = 2048 mil_auth_access_duration = 900 mil_auth_refresh_duration = 3600 mil_auth_image = "ghcr.io/pagopa/mil-auth:latest" -mil_auth_cpu = "0.25 +mil_auth_cpu = "0.25" mil_auth_memory = "0.5Gi" mil_auth_max_replicas = 5 mil_auth_min_replicas = 0 diff --git a/src/main/terraform/env/cstar-p-mcshared/terraform.tfvars b/src/main/terraform/env/cstar-p-mcshared/terraform.tfvars index 17c3ff7..5b4a4f6 100644 --- a/src/main/terraform/env/cstar-p-mcshared/terraform.tfvars +++ b/src/main/terraform/env/cstar-p-mcshared/terraform.tfvars @@ -40,7 +40,7 @@ mil_auth_keysize = 2048 mil_auth_access_duration = 900 mil_auth_refresh_duration = 3600 mil_auth_image = "ghcr.io/pagopa/mil-auth:latest" -mil_auth_cpu = "0.25 +mil_auth_cpu = "0.25" mil_auth_memory = "0.5Gi" mil_auth_max_replicas = 5 mil_auth_min_replicas = 0 diff --git a/src/main/terraform/env/cstar-u-mcshared/terraform.tfvars b/src/main/terraform/env/cstar-u-mcshared/terraform.tfvars index dca5239..23f14b2 100644 --- a/src/main/terraform/env/cstar-u-mcshared/terraform.tfvars +++ b/src/main/terraform/env/cstar-u-mcshared/terraform.tfvars @@ -40,7 +40,7 @@ mil_auth_keysize = 2048 mil_auth_access_duration = 900 mil_auth_refresh_duration = 3600 mil_auth_image = "ghcr.io/pagopa/mil-auth:latest" -mil_auth_cpu = "0.25 +mil_auth_cpu = "0.25" mil_auth_memory = "0.5Gi" mil_auth_max_replicas = 5 mil_auth_min_replicas = 0 From deba58b4d8c63375949f124834ac1d239cfec50d Mon Sep 17 00:00:00 2001 From: antoniotarricone Date: Wed, 18 Dec 2024 11:40:21 +0100 Subject: [PATCH 7/7] Fixed metadata field. --- src/main/terraform/container_app.tf | 2 +- src/main/terraform/env/cstar-d-mcshared/terraform.tfvars | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/main/terraform/container_app.tf b/src/main/terraform/container_app.tf index f3c1b69..d773174 100644 --- a/src/main/terraform/container_app.tf +++ b/src/main/terraform/container_app.tf @@ -126,7 +126,7 @@ resource "azurerm_container_app" "auth" { custom_scale_rule { name = "office-hours" custom_rule_type = "cron" - metadata { + metadata = { timezone = "Europe/Rome" start = "0 8 * * 1-5" end = "0 18 * * 1-5" diff --git a/src/main/terraform/env/cstar-d-mcshared/terraform.tfvars b/src/main/terraform/env/cstar-d-mcshared/terraform.tfvars index e4d9a29..0310c69 100644 --- a/src/main/terraform/env/cstar-d-mcshared/terraform.tfvars +++ b/src/main/terraform/env/cstar-d-mcshared/terraform.tfvars @@ -39,7 +39,7 @@ mil_auth_cryptoperiod = 43200 mil_auth_keysize = 2048 mil_auth_access_duration = 900 mil_auth_refresh_duration = 3600 -mil_auth_image = "ghcr.io/pagopa/mil-auth:latest" +mil_auth_image = "ghcr.io/pagopa/mil-auth:2.15.0-RC@sha256:4ab09519b87abbd8590f2f3edafa75b46684c7884f8a9cf6dd9ad9b4414eb38e" mil_auth_cpu = "0.25" mil_auth_memory = "0.5Gi" mil_auth_max_replicas = 5