Skip to content

feat: [PIDM-590] Introducing RE event persistence #136

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 17 commits into from
Aug 4, 2025
Merged

feat: [PIDM-590] Introducing RE event persistence #136

merged 17 commits into from
Aug 4, 2025

Conversation

andrea-deri
Copy link
Contributor

@andrea-deri andrea-deri commented Jul 31, 2025
edited
Loading

This PR contains the inclusion of RE event save strategy on FdR-Fase3 app. This strategy permits to store RE events in MongoDB container in order to track FdR flow lifecycle handled by this application. The container used is the same where FdR-Fase1 application is storing its events.
The RE event storing process is optional and can be disabled by setting the excluded operation in a specific parameter.

List of Changes

  • Including storage operation for RE events
  • Including strategy for dynamically excluding endpoints from RE store
  • Upgrading inclusion of required information on MDC context
  • Using sanitised strings on logs

Motivation and Context

These changes are required in order to activate RE event storage for FdR3 context

How Has This Been Tested?

  • Tested in local environment
  • Tested in DEV environment
  • Tested in UAT environment

Screenshots (if appropriate):

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as
    expected)

Checklist:

  • My change requires a change to the documentation.
  • I have updated the documentation accordingly.

@andrea-deri andrea-deri self-assigned this Jul 31, 2025
@andrea-deri andrea-deri requested a review from a team as a code owner July 31, 2025 10:53
@github-actions GitHub Actions
Copy link
Contributor

The default action is to increase the PATCH number of SEMVER. Set IGNORE-FOR-RELEASE if you want to skip SEMVER bump. BREAKING-CHANGE and NEW-RELEASE must be run from GH Actions section manually.

@github-actions GitHub Actions
Copy link
Contributor

This pull request does not contain a valid label. Please add one of the following labels: [major, minor, patch, patch, skip]

@github-actions GitHub Actions
Copy link
Contributor

The default action is to increase the PATCH number of SEMVER. Set IGNORE-FOR-RELEASE if you want to skip SEMVER bump. BREAKING-CHANGE and NEW-RELEASE must be run from GH Actions section manually.

github-advanced-security[bot]
github-advanced-security bot found potential problems Jul 31, 2025
View reviewed changes
src/main/java/it/gov/pagopa/fdr/service/FlowService.java
args.getPublishedGt(),
args.getFlowDate(),
(int) pageNumber,
(int) pageSize);

Check failure

Code scanning / CodeQL

User-controlled data in numeric cast Critical

This cast to a narrower type depends on a
user-provided value
Loading
, potentially causing truncation.

Copilot Autofix

AI 3 months ago

To fix the problem, we need to ensure that before casting pageSize and pageNumber from long to int, their values are validated to be within the valid range for an int (i.e., between Integer.MIN_VALUE and Integer.MAX_VALUE). If the values are out of range, the method should throw an exception (e.g., IllegalArgumentException or a custom application exception) to prevent truncation and potential misuse. The best place to add this check is immediately before the cast in FlowService.getPaginatedPublishedFlowsForCI (and similarly in getPaginatedPublishedFlowsForPSP if it also casts user-controlled values). This preserves existing functionality and ensures safety.

No new imports are needed, as Integer.MIN_VALUE and Integer.MAX_VALUE are part of the standard library.

Suggested changeset 1
src/main/java/it/gov/pagopa/fdr/service/FlowService.java

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/src/main/java/it/gov/pagopa/fdr/service/FlowService.java b/src/main/java/it/gov/pagopa/fdr/service/FlowService.java
--- a/src/main/java/it/gov/pagopa/fdr/service/FlowService.java
+++ b/src/main/java/it/gov/pagopa/fdr/service/FlowService.java
@@ -75,2 +75,10 @@
 
+    // Validate that pageNumber and pageSize are within int range
+    if (pageNumber < Integer.MIN_VALUE || pageNumber > Integer.MAX_VALUE) {
+      throw new IllegalArgumentException("pageNumber is out of int range: " + pageNumber);
+    }
+    if (pageSize < Integer.MIN_VALUE || pageSize > Integer.MAX_VALUE) {
+      throw new IllegalArgumentException("pageSize is out of int range: " + pageSize);
+    }
+
     log.debugf(
@@ -108,2 +116,10 @@
 
+    // Validate that pageNumber and pageSize are within int range
+    if (pageNumber < Integer.MIN_VALUE || pageNumber > Integer.MAX_VALUE) {
+      throw new IllegalArgumentException("pageNumber is out of int range: " + pageNumber);
+    }
+    if (pageSize < Integer.MIN_VALUE || pageSize > Integer.MAX_VALUE) {
+      throw new IllegalArgumentException("pageSize is out of int range: " + pageSize);
+    }
+
     log.debugf(
EOF
@@ -75,2 +75,10 @@

// Validate that pageNumber and pageSize are within int range
if (pageNumber < Integer.MIN_VALUE || pageNumber > Integer.MAX_VALUE) {
throw new IllegalArgumentException("pageNumber is out of int range: " + pageNumber);
}
if (pageSize < Integer.MIN_VALUE || pageSize > Integer.MAX_VALUE) {
throw new IllegalArgumentException("pageSize is out of int range: " + pageSize);
}

log.debugf(
@@ -108,2 +116,10 @@

// Validate that pageNumber and pageSize are within int range
if (pageNumber < Integer.MIN_VALUE || pageNumber > Integer.MAX_VALUE) {
throw new IllegalArgumentException("pageNumber is out of int range: " + pageNumber);
}
if (pageSize < Integer.MIN_VALUE || pageSize > Integer.MAX_VALUE) {
throw new IllegalArgumentException("pageSize is out of int range: " + pageSize);
}

log.debugf(
Copilot is powered by AI and may make mistakes. Always verify output.
github-advanced-security[bot]
github-advanced-security bot found potential problems Aug 1, 2025
View reviewed changes
github-advanced-security[bot]
github-advanced-security bot found potential problems Aug 1, 2025
View reviewed changes
github-advanced-security[bot]
github-advanced-security bot found potential problems Aug 1, 2025
View reviewed changes
@sonarqubecloud SonarQubeCloud
Copy link

sonarqubecloud bot commented Aug 1, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
85.6% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Aug 1, 2025

This PR exceeds the recommended size of 400 lines. Please make sure you are NOT addressing multiple issues with one PR. Note this PR might be rejected due to its size.

aomegax
aomegax approved these changes Aug 4, 2025
View reviewed changes
Copy link
Contributor

@aomegax aomegax left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍

pasqualespica
pasqualespica approved these changes Aug 4, 2025
View reviewed changes
Copy link
Contributor

@pasqualespica pasqualespica left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

great work 🚀

@andrea-deri andrea-deri merged commit 22d3d99 into main Aug 4, 2025
5 of 6 checks passed
@andrea-deri andrea-deri deleted the PIDM-590 branch August 4, 2025 13:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@aomegax aomegax aomegax approved these changes

@pasqualespica pasqualespica pasqualespica approved these changes

Assignees

@andrea-deri andrea-deri

Labels

patch size/large

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@andrea-deri @aomegax @pasqualespica @pagopa-github-bot