From b65272285c1c5e723dc5669ab3b2c8cffc146232 Mon Sep 17 00:00:00 2001 From: Daniele Manni Date: Fri, 28 Jun 2024 14:18:46 +0200 Subject: [PATCH 1/4] [#IOPID-2001] Appinsight connection string fn-lollipop --- .../citizen-auth-app/04_function_lollipop.tf | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/src/domains/citizen-auth-app/04_function_lollipop.tf b/src/domains/citizen-auth-app/04_function_lollipop.tf index 5914c604b..a7a7ae797 100644 --- a/src/domains/citizen-auth-app/04_function_lollipop.tf +++ b/src/domains/citizen-auth-app/04_function_lollipop.tf @@ -4,6 +4,8 @@ data "azurerm_key_vault_secret" "first_lollipop_consumer_subscription_key" { } locals { + function_name = format("%s-lollipop-fn-01", local.common_project_itn) + function_lollipop = { app_settings = { FUNCTIONS_WORKER_PROCESS_COUNT = 4 @@ -44,6 +46,10 @@ locals { // ------------------------- FIRST_LC_ASSERTION_CLIENT_BASE_URL = "https://api.io.pagopa.it" FIRST_LC_ASSERTION_CLIENT_SUBSCRIPTION_KEY = data.azurerm_key_vault_secret.first_lollipop_consumer_subscription_key.value + + # APPINSIGHTS + APPINSIGHTS_CONNECTION_STRING = data.azurerm_application_insights.application_insights.connection_string + } # Scaling strategy @@ -153,7 +159,7 @@ module "function_lollipop_itn" { source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//function_app?ref=v8.22.0" resource_group_name = azurerm_resource_group.lollipop_rg_itn.name - name = format("%s-lollipop-fn-01", local.common_project_itn) + name = local.function_name location = local.itn_location domain = "IO-COMMONS" health_check_path = "/info" @@ -184,7 +190,8 @@ module "function_lollipop_itn" { app_settings = merge( local.function_lollipop.app_settings, - { "AzureWebJobs.HandlePubKeyRevoke.Disabled" = "0" }, + { "AzureWebJobs.HandlePubKeyRevoke.Disabled" = "0", + APPINSIGHTS_CLOUD_ROLE_NAME = local.function_name }, ) sticky_app_setting_names = ["AzureWebJobs.HandlePubKeyRevoke.Disabled"] @@ -234,7 +241,8 @@ module "function_lollipop_staging_slot_itn" { app_settings = merge( local.function_lollipop.app_settings, - { "AzureWebJobs.HandlePubKeyRevoke.Disabled" = "1" }, + { "AzureWebJobs.HandlePubKeyRevoke.Disabled" = "1", + APPINSIGHTS_CLOUD_ROLE_NAME = "${module.function_lollipop_itn.name}-staging" }, ) subnet_id = azurerm_subnet.lollipop_snet_itn.id From 61cddf3f668e69abb4e595eda9ca5abc2a077553 Mon Sep 17 00:00:00 2001 From: arcogabbo Date: Thu, 11 Jul 2024 10:03:01 +0200 Subject: [PATCH 2/4] changed variable name --- src/domains/citizen-auth-app/04_function_lollipop.tf | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/domains/citizen-auth-app/04_function_lollipop.tf b/src/domains/citizen-auth-app/04_function_lollipop.tf index a7a7ae797..ed4342f74 100644 --- a/src/domains/citizen-auth-app/04_function_lollipop.tf +++ b/src/domains/citizen-auth-app/04_function_lollipop.tf @@ -48,8 +48,7 @@ locals { FIRST_LC_ASSERTION_CLIENT_SUBSCRIPTION_KEY = data.azurerm_key_vault_secret.first_lollipop_consumer_subscription_key.value # APPINSIGHTS - APPINSIGHTS_CONNECTION_STRING = data.azurerm_application_insights.application_insights.connection_string - + APPLICATIONINSIGHTS_CONNECTION_STRING = data.azurerm_application_insights.application_insights.connection_string } # Scaling strategy From 888fb955d400dd41cd5f7bd45bb9ff47aed65845 Mon Sep 17 00:00:00 2001 From: arcogabbo Date: Thu, 11 Jul 2024 10:34:54 +0200 Subject: [PATCH 3/4] added APPINSIGHTS_CLOUD_ROLE_NAME to stickysettings --- src/domains/citizen-auth-app/04_function_lollipop.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/domains/citizen-auth-app/04_function_lollipop.tf b/src/domains/citizen-auth-app/04_function_lollipop.tf index ed4342f74..ff1955318 100644 --- a/src/domains/citizen-auth-app/04_function_lollipop.tf +++ b/src/domains/citizen-auth-app/04_function_lollipop.tf @@ -193,7 +193,7 @@ module "function_lollipop_itn" { APPINSIGHTS_CLOUD_ROLE_NAME = local.function_name }, ) - sticky_app_setting_names = ["AzureWebJobs.HandlePubKeyRevoke.Disabled"] + sticky_app_setting_names = ["AzureWebJobs.HandlePubKeyRevoke.Disabled", "APPINSIGHTS_CLOUD_ROLE_NAME"] internal_storage = { "enable" = true, From 8af0668c06128a5634c04f563382e9bd08a2a7a7 Mon Sep 17 00:00:00 2001 From: arcogabbo Date: Fri, 12 Jul 2024 12:32:14 +0200 Subject: [PATCH 4/4] added note --- src/domains/citizen-auth-app/04_function_lollipop.tf | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/src/domains/citizen-auth-app/04_function_lollipop.tf b/src/domains/citizen-auth-app/04_function_lollipop.tf index ff1955318..eaa2925a0 100644 --- a/src/domains/citizen-auth-app/04_function_lollipop.tf +++ b/src/domains/citizen-auth-app/04_function_lollipop.tf @@ -49,6 +49,13 @@ locals { # APPINSIGHTS APPLICATIONINSIGHTS_CONNECTION_STRING = data.azurerm_application_insights.application_insights.connection_string + // NOTE: the following variable ensures that the applicationinsights + // nodejs sdk doesn't include additional headers towards requests on all + // type of storage accounts. without the following, all requests would + // fail for an unexpected signature from the storage account. to support + // the storage-account calls, a migration from `azure-storage` to + // `@azure/...` sdks is needed (see https://www.npmjs.com/package/diagnostic-channel-publishers/v/1.0.8#currently-supported-modules) + APPINSIGHTS_EXCLUDED_DOMAINS = "queue.core.windows.net,blob.core.windows.net,table.core.windows.net,file.core.windows.net" } # Scaling strategy