feat: DTOSS-8378 Add NEMS MESH retrieval function (#936)

* Added new NemsMeshRetrieval function - work in progress

* Moved new nems function into NEMSIntegrationService folder

* Added unit tests for new NemsMeshRetrieval function

* Moved new NEMS Subscription function to more suitably named folder

* Added TF for NemsMeshRetrieval function - using the same setup as RetrieveMeshFile

* Corrected mistake with comments in tfvars files

* Corrected formatting of tfvars files

* Undone last commit attempting to fix tfvars files

* removed comments from tfvars files

* Created unique app_service_plan_key for NemsMeshRetrieval

* Removed superfluous .vscode files from new function

* Added new nems mesh retrieval function to docker compose - updated config away from caasfolder name to ensure separation

* Update development.tfvars - updated NemsMeshRetrieval to max capacity of 1

* Update README.md - Changed to be more specific to NEMS

* returned NemsSubscribe tfvars to how they were before my merge mistake

* Removed trailing space from README.md

* Corrected indentation in tfvars

Author: SamAinsworth-NHS

application/CohortManager/compose.core.yaml

@@ -22,6 +22,25 @@ services:
       - MeshKeyPassphrase=${MESHKEYPASSPHRASE}
       - ASPNETCORE_URLS=http://*:7059
 
+  nems-mesh-retrieval:
+    container_name: nems-mesh-retrieval
+    image: cohort-manager-nems-mesh-retrieval
+    networks: [cohman-network]
+    build:
+      context: ./src/Functions/
+      dockerfile: NemsSubscriptionService/NemsMeshRetrieval/Dockerfile
+    profiles: [non-essential]
+    environment:
+      - AzureWebJobsStorage=${AZURITE_CONNECTION_STRING}
+      - nemsmeshfolder_STORAGE=${AZURITE_CONNECTION_STRING}
+      - MeshApiBaseUrl=https://localhost:8700/messageexchange
+      - BSSMailBox=X26ABC1
+      - MeshPassword=${MESHPASSWORD}
+      - MeshSharedKey=${MESHSHAREDKEY}
+      - MeshKeyName=meshpfx.pfx
+      - MeshKeyPassphrase=${MESHKEYPASSPHRASE}
+      - ASPNETCORE_URLS=http://*:7058
+
   receive-caas-file:
     container_name: receive-caas-file
     image: cohort-manager-receive-caas-file

application/CohortManager/src/Functions/NemsSubscriptionService/NemsMeshRetrieval/CertificateHelper.cs

@@ -0,0 +1,31 @@
+namespace NHS.CohortManager.CaasIntegrationService;
+
+using System.Security.Cryptography.X509Certificates;
+
+public static class CertificateHelper
+{
+    public static X509Certificate2Collection GetCertificatesFromString(string certificatesString)
+    {
+        X509Certificate2Collection certs = [];
+
+        X509Certificate2[] pemCerts = certificatesString
+            .Split("-----END CERTIFICATE-----", StringSplitOptions.RemoveEmptyEntries | StringSplitOptions.TrimEntries)
+            .Select(pem => pem + "\n-----END CERTIFICATE-----")
+            .Select(pem =>
+            {
+                var base64 = pem
+                    .Replace("-----BEGIN CERTIFICATE-----", "")
+                    .Replace("-----END CERTIFICATE-----", "")
+                    .Replace("\n", "")
+                    .Replace("\r", "")
+                    .Trim();
+
+                return new X509Certificate2(Convert.FromBase64String(base64));
+            })
+            .ToArray();
+        
+        certs.AddRange(pemCerts);
+        
+        return certs;
+    }
+}

application/CohortManager/src/Functions/NemsSubscriptionService/NemsMeshRetrieval/Dockerfile

@@ -0,0 +1,28 @@
+FROM mcr.microsoft.com/dotnet/sdk:8.0 AS base
+
+COPY ./Shared /Shared
+WORKDIR /Shared
+
+RUN mkdir -p /home/site/wwwroot && \
+    dotnet publish ./Common/Common.csproj --output /home/site/wwwroot && \
+    dotnet publish ./Model/Model.csproj --output /home/site/wwwroot && \
+    dotnet publish ./Data/Data.csproj --output /home/site/wwwroot && \
+    dotnet publish ./Utilities/Utilities.csproj --output /home/site/wwwroot && \
+    dotnet publish ./DataServices.Client/DataServices.Client.csproj --output /home/site/wwwroot && \
+    dotnet publish ./DataServices.Core/DataServices.Core.csproj --output /home/site/wwwroot && \
+    dotnet publish ./DataServices.Database/DataServices.Database.csproj --output /home/site/wwwroot
+
+FROM base AS function
+
+COPY ./CaasIntegration/RetrieveMeshFile /src/dotnet-function-app
+WORKDIR /src/dotnet-function-app
+
+RUN dotnet publish *.csproj --output /home/site/wwwroot
+
+# To enable ssh & remote debugging on app service change the base image to the one below
+# FROM mcr.microsoft.com/azure-functions/dotnet-isolated:4-dotnet-isolated8.0-appservice
+FROM mcr.microsoft.com/azure-functions/dotnet-isolated:4-dotnet-isolated8.0
+ENV AzureWebJobsScriptRoot=/home/site/wwwroot \
+    AzureFunctionsJobHost__Logging__Console__IsEnabled=true
+
+COPY --from=function ["/home/site/wwwroot", "/home/site/wwwroot"]

application/CohortManager/src/Functions/NemsSubscriptionService/NemsMeshRetrieval/HealthCheckFunction.cs

@@ -0,0 +1,24 @@
+namespace NHS.Screening.RetrieveMeshFile;
+
+using Microsoft.Azure.Functions.Worker;
+using Microsoft.Azure.Functions.Worker.Http;
+using Microsoft.Extensions.Diagnostics.HealthChecks;
+using System.Net;
+using System.Threading.Tasks;
+using HealthChecks.Extensions;
+
+public class HealthCheckFunction
+{
+    private readonly HealthCheckService _healthCheckService;
+
+    public HealthCheckFunction(HealthCheckService healthCheckService)
+    {
+        _healthCheckService = healthCheckService;
+    }
+
+    [Function("health")]
+    public async Task<HttpResponseData> Run([HttpTrigger(AuthorizationLevel.Anonymous, "get")] HttpRequestData req)
+    {
+        return await HealthCheckServiceExtensions.CreateHealthCheckResponseAsync(req, _healthCheckService);
+    }
+}

application/CohortManager/src/Functions/NemsSubscriptionService/NemsMeshRetrieval/NemsMeshRetrieval.cs

@@ -0,0 +1,163 @@
+namespace NHS.Screening.NemsMeshRetrieval;
+
+using System;
+using System.Diagnostics.CodeAnalysis;
+using System.Globalization;
+using System.Text;
+using System.Text.Json;
+using System.Threading.Tasks;
+using Common;
+using Microsoft.Azure.Functions.Worker;
+using Microsoft.Extensions.Logging;
+using Microsoft.Extensions.Options;
+using Model;
+using NHS.MESH.Client.Models;
+
+
+public class NemsMeshRetrieval
+{
+    private readonly ILogger<NemsMeshRetrieval> _logger;
+
+    private readonly IMeshToBlobTransferHandler _meshToBlobTransferHandler;
+    private readonly string _mailboxId;
+    private readonly string _blobConnectionString;
+    private readonly IBlobStorageHelper _blobStorageHelper;
+    private readonly NemsMeshRetrievalConfig _config;
+    private const string NextHandShakeTimeConfigKey = "NextHandShakeTime";
+    private const string ConfigFileName = "MeshState.json";
+
+    public NemsMeshRetrieval(ILogger<NemsMeshRetrieval> logger, IMeshToBlobTransferHandler meshToBlobTransferHandler, IBlobStorageHelper blobStorageHelper, IOptions<NemsMeshRetrievalConfig> options)
+    {
+        _logger = logger;
+        _meshToBlobTransferHandler = meshToBlobTransferHandler;
+        _blobStorageHelper = blobStorageHelper;
+        _mailboxId = options.Value.BSSMailBox;
+        _config = options.Value;
+        _blobConnectionString = _config.nemsmeshfolder_STORAGE;
+    }
+    /// <summary>
+    /// This function polls the MESH Mailbox every 5 minutes, if there is a file posted to the mailbox.
+    /// If there is a file in there will move the file to the Cohort Manager Blob Storage where it will be picked up by the ReceiveCaasFile Function.
+    /// </summary>
+    [Function("RetrieveMeshFile")]
+    public async Task RunAsync([TimerTrigger("0 */5 * * * *")] TimerInfo myTimer)
+    {
+        _logger.LogInformation("C# Timer trigger function executed at: ,{datetime}", DateTime.Now);
+
+        static bool messageFilter(MessageMetaData i) => true; // No current filter defined there might be business rules here
+
+        static string fileNameFunction(MessageMetaData i) => string.Concat(i.MessageId, "_-_", i.WorkflowID, ".parquet");
+
+        try
+        {
+            var shouldExecuteHandShake = await ShouldExecuteHandShake();
+            var result = await _meshToBlobTransferHandler.MoveFilesFromMeshToBlob(messageFilter, fileNameFunction, _mailboxId, _blobConnectionString, "inbound", shouldExecuteHandShake);
+
+            if (!result)
+            {
+                _logger.LogError("An error was encountered while moving files from Mesh to Blob");
+            }
+        }
+        catch (Exception ex)
+        {
+            _logger.LogError(ex, "An error encountered while moving files from Mesh to Blob");
+        }
+
+        if (myTimer.ScheduleStatus is not null)
+        {
+            _logger.LogInformation("Next timer schedule at: {scheduleStatus}", myTimer.ScheduleStatus.Next);
+        }
+    }
+
+    private async Task<bool> ShouldExecuteHandShake()
+    {
+
+        Dictionary<string, string> configValues;
+        TimeSpan handShakeInterval = new TimeSpan(0, 23, 54, 0);
+        var meshState = await _blobStorageHelper.GetFileFromBlobStorage(_blobConnectionString, "config", ConfigFileName);
+        if (meshState == null)
+        {
+
+            _logger.LogInformation("MeshState File did not exist, Creating new MeshState File in blob Storage");
+            configValues = new Dictionary<string, string>
+            {
+                { NextHandShakeTimeConfigKey, DateTime.UtcNow.Add(handShakeInterval).ToString() }
+            };
+            await SetConfigState(configValues);
+
+            return true;
+
+        }
+        using (StreamReader reader = new StreamReader(meshState.Data))
+        {
+            meshState.Data.Seek(0, SeekOrigin.Begin);
+            string jsonData = await reader.ReadToEndAsync();
+            configValues = JsonSerializer.Deserialize<Dictionary<string, string>>(jsonData);
+        }
+
+        string nextHandShakeDateString;
+        //config value doenst exist
+        if (!configValues.TryGetValue(NextHandShakeTimeConfigKey, out nextHandShakeDateString))
+        {
+            _logger.LogInformation("NextHandShakeTime config item does not exist, creating new config item");
+            configValues.Add(NextHandShakeTimeConfigKey, DateTime.UtcNow.Add(handShakeInterval).ToString());
+            await SetConfigState(configValues);
+            return true;
+
+
+        }
+        DateTime nextHandShakeDateTime;
+        //date cannot be parsed
+        if (!DateTime.TryParse(nextHandShakeDateString, CultureInfo.InvariantCulture, out nextHandShakeDateTime))
+        {
+            _logger.LogInformation("Unable to Parse NextHandShakeTime, Updating config value");
+            configValues[NextHandShakeTimeConfigKey] = DateTime.UtcNow.Add(handShakeInterval).ToString();
+            SetConfigState(configValues);
+            return true;
+        }
+
+        if (DateTime.Compare(nextHandShakeDateTime, DateTime.UtcNow) <= 0)
+        {
+            _logger.LogInformation("Next HandShakeTime was in the past, will execute handshake");
+            var NextHandShakeTimeConfig = DateTime.UtcNow.Add(handShakeInterval).ToString();
+
+            configValues[NextHandShakeTimeConfigKey] = NextHandShakeTimeConfig;
+            _logger.LogInformation("Next Handshake scheduled for {NextHandShakeTimeConfig}", NextHandShakeTimeConfig);
+
+            return true;
+
+        }
+        _logger.LogInformation("Next handshake scheduled for {nextHandShakeDateTime}", nextHandShakeDateTime);
+        return false;
+    }
+
+
+    private async Task<bool> SetConfigState(Dictionary<string, string> state)
+    {
+        try
+        {
+            string jsonString = JsonSerializer.Serialize(state);
+            using (var stream = GenerateStreamFromString(jsonString))
+            {
+                var blobFile = new BlobFile(stream, ConfigFileName);
+                var result = await _blobStorageHelper.UploadFileToBlobStorage(_blobConnectionString, "config", blobFile, true);
+                return result;
+            }
+        }
+        catch (Exception ex)
+        {
+            _logger.LogError(ex, "Unable To set Config State");
+            return false;
+        }
+    }
+
+    public static Stream GenerateStreamFromString(string s)
+    {
+        var stream = new MemoryStream();
+        var writer = new StreamWriter(stream);
+        writer.Write(s);
+        writer.Flush();
+        stream.Position = 0;
+        return stream;
+    }
+}

application/CohortManager/src/Functions/NemsSubscriptionService/NemsMeshRetrieval/NemsMeshRetrieval.csproj

@@ -0,0 +1,41 @@
+<Project Sdk="Microsoft.NET.Sdk">
+    <PropertyGroup>
+        <TargetFramework>net8.0</TargetFramework>
+        <AzureFunctionsVersion>v4</AzureFunctionsVersion>
+        <OutputType>Exe</OutputType>
+        <ImplicitUsings>enable</ImplicitUsings>
+        <Nullable>enable</Nullable>
+    </PropertyGroup>
+    <ItemGroup>
+        <PackageReference Include="Azure.Security.KeyVault.Certificates" Version="4.6.0" />
+        <PackageReference Include="Microsoft.Azure.Functions.Worker" Version="1.20.1" />
+        <PackageReference Include="Microsoft.Azure.Functions.Worker.Extensions.Http" Version="3.1.0" />
+        <PackageReference Include="Microsoft.Azure.Functions.Worker.Extensions.Http.AspNetCore" Version="1.2.0" />
+        <PackageReference Include="Microsoft.Azure.Functions.Worker.Extensions.Timer" Version="4.1.0" />
+        <PackageReference Include="Microsoft.Azure.Functions.Worker.Sdk" Version="1.16.4" />
+        <PackageReference Include="Microsoft.ApplicationInsights.WorkerService" Version="2.21.0" />
+        <PackageReference Include="Microsoft.Azure.Functions.Worker.ApplicationInsights" Version="1.1.0" />
+    </ItemGroup>
+    <ItemGroup>
+        <None Update="host.json">
+            <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
+        </None>
+        <None Update="meshpfx.pfx">
+            <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
+        </None>
+        <None Update="meshServerSideCerts.crt">
+            <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
+        </None>
+        <None Update="local.settings.json">
+            <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
+            <CopyToPublishDirectory>Never</CopyToPublishDirectory>
+        </None>
+    </ItemGroup>
+    <ItemGroup>
+        <Using Include="System.Threading.ExecutionContext" Alias="ExecutionContext" />
+    </ItemGroup>
+    <ItemGroup>
+        <ProjectReference Include="..\..\Shared\Common\Common.csproj" />
+        <ProjectReference Include="..\..\Shared\HealthChecks\HealthChecks.csproj" />
+    </ItemGroup>
+</Project>

application/CohortManager/src/Functions/NemsSubscriptionService/NemsMeshRetrieval/NemsMeshRetrieval.sln

@@ -0,0 +1,24 @@
+Microsoft Visual Studio Solution File, Format Version 12.00
+# Visual Studio Version 17
+VisualStudioVersion = 17.5.2.0
+MinimumVisualStudioVersion = 10.0.40219.1
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "NemsMeshRetrieval", "NemsMeshRetrieval.csproj", "{F1E9566B-AA7E-8866-C03C-CD0ECA0DDBA0}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|Any CPU = Debug|Any CPU
+		Release|Any CPU = Release|Any CPU
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{F1E9566B-AA7E-8866-C03C-CD0ECA0DDBA0}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{F1E9566B-AA7E-8866-C03C-CD0ECA0DDBA0}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{F1E9566B-AA7E-8866-C03C-CD0ECA0DDBA0}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{F1E9566B-AA7E-8866-C03C-CD0ECA0DDBA0}.Release|Any CPU.Build.0 = Release|Any CPU
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+	GlobalSection(ExtensibilityGlobals) = postSolution
+		SolutionGuid = {F51834F7-DFAB-493A-A66D-55B77976EA94}
+	EndGlobalSection
+EndGlobal

application/CohortManager/src/Functions/NemsSubscriptionService/NemsMeshRetrieval/NemsMeshRetrievalConfig.cs

@@ -0,0 +1,22 @@
+namespace NHS.Screening.NemsMeshRetrieval;
+
+using System.ComponentModel.DataAnnotations;
+
+public class NemsMeshRetrievalConfig
+{
+    public string MeshApiBaseUrl { get; set; }
+    [Required]
+    public string BSSMailBox { get; set; }
+    [Required]
+    public string MeshPassword { get; set; }
+    [Required]
+    public string MeshSharedKey {get; set;}
+    public string MeshKeyPassphrase {get; set;}
+    public string MeshKeyName {get; set;}
+    public string KeyVaultConnectionString {get; set;}
+    [Required]
+    public string nemsmeshfolder_STORAGE {get; set;}
+    public string ServerSideCerts { get; set; }
+    public string MeshCertName { get; set; }
+    public bool? BypassServerCertificateValidation {get;set;}
+}