diff --git a/infrastructure/stacks/api-layer/api_gateway.tf b/infrastructure/stacks/api-layer/api_gateway.tf index 74e07df61..519dc9b02 100644 --- a/infrastructure/stacks/api-layer/api_gateway.tf +++ b/infrastructure/stacks/api-layer/api_gateway.tf @@ -14,12 +14,24 @@ resource "aws_api_gateway_resource" "patient_check" { path_part = "patient-check" } +resource "aws_api_gateway_resource" "patient_check_perf" { + rest_api_id = module.eligibility_signposting_api_gateway.rest_api_id + parent_id = aws_api_gateway_resource.patient_check.id + path_part = "_perf" +} + resource "aws_api_gateway_resource" "patient" { rest_api_id = module.eligibility_signposting_api_gateway.rest_api_id parent_id = aws_api_gateway_resource.patient_check.id path_part = "{id}" } +resource "aws_api_gateway_resource" "patient_perf" { + rest_api_id = module.eligibility_signposting_api_gateway.rest_api_id + parent_id = aws_api_gateway_resource.patient_check_perf.id + path_part = "{id}" +} + resource "aws_api_gateway_resource" "patient_check_status" { rest_api_id = module.eligibility_signposting_api_gateway.rest_api_id parent_id = aws_api_gateway_resource.patient_check.id @@ -34,7 +46,8 @@ resource "aws_api_gateway_deployment" "eligibility_signposting_api" { triggers = { redeployment = sha1(jsonencode([ aws_api_gateway_integration.get_patient_check.id, - aws_api_gateway_integration.get_patient_check_status.id + aws_api_gateway_integration.get_patient_check_status.id, + aws_api_gateway_integration.get_patient_check_perf.id ])) } diff --git a/infrastructure/stacks/api-layer/patient_check.tf b/infrastructure/stacks/api-layer/patient_check.tf index 14903cc5e..979eba337 100644 --- a/infrastructure/stacks/api-layer/patient_check.tf +++ b/infrastructure/stacks/api-layer/patient_check.tf @@ -38,6 +38,40 @@ resource "aws_api_gateway_integration" "get_patient_check" { ] } +resource "aws_api_gateway_method" "get_patient_check_perf" { + #checkov:skip=CKV_AWS_59: API is secured via Apigee proxy with mTLS, API keys are not used + rest_api_id = module.eligibility_signposting_api_gateway.rest_api_id + resource_id = aws_api_gateway_resource.patient_perf.id + http_method = "GET" + authorization = "NONE" + api_key_required = false + + request_validator_id = aws_api_gateway_request_validator.patient_check_validator.id + + request_parameters = { + "method.request.path.id" = true + } + + depends_on = [ + aws_api_gateway_resource.patient_check_perf, + aws_api_gateway_resource.patient_perf, + aws_api_gateway_resource.patient_check, + ] +} + +resource "aws_api_gateway_integration" "get_patient_check_perf" { + rest_api_id = module.eligibility_signposting_api_gateway.rest_api_id + resource_id = aws_api_gateway_resource.patient_perf.id + http_method = aws_api_gateway_method.get_patient_check_perf.http_method + integration_http_method = "POST" + type = "AWS_PROXY" + uri = module.eligibility_signposting_lambda_function.aws_lambda_invoke_arn + + depends_on = [ + aws_api_gateway_method.get_patient_check_perf + ] +} + resource "aws_api_gateway_method" "get_patient_check_status" { #checkov:skip=CKV_AWS_59: API is secured via Apigee proxy with mTLS, API keys are not used #checkov:skip=CKV2_AWS_53: No request parameters to validate for static healthcheck endpoint diff --git a/src/eligibility_signposting_api/views/eligibility.py b/src/eligibility_signposting_api/views/eligibility.py index b935678f6..2a5dde324 100644 --- a/src/eligibility_signposting_api/views/eligibility.py +++ b/src/eligibility_signposting_api/views/eligibility.py @@ -6,6 +6,7 @@ from typing import Any from flask import Blueprint, make_response, request +from aws_xray_sdk.core import xray_recorder from flask.typing import ResponseReturnValue from wireup import Injected @@ -45,10 +46,15 @@ def api_status() -> ResponseReturnValue: @eligibility_blueprint.get("/", defaults={"nhs_number": ""}) @eligibility_blueprint.get("/") +@eligibility_blueprint.get("/_perf/") @validate_request_params() def check_eligibility( nhs_number: NHSNumber, eligibility_service: Injected[EligibilityService], audit_service: Injected[AuditService] ) -> ResponseReturnValue: + + if request.path.startswith(f"/{URL_PREFIX}/_perf"): + xray_recorder.put_annotation("perf_test", True) + logger.info("checking nhs_number %r in %r", nhs_number, eligibility_service, extra={"nhs_number": nhs_number}) query_params = _get_or_default_query_params()