CCM-13161: Use client config for TTL (#165)

* CCM-13161: Use client config for TTL

* CCM-13161: Address review comment

* CCM-13539: fix trivy scan failing because of qs

* CCM-13161: Merge main

* CCM-13161: Merge main

Author: simonlabarere

docs/package-lock.json

@@ -35,8 +35,8 @@ module "ttl_create" {
   log_subscription_role_arn = local.acct.log_subscription_role_arn
 
   lambda_env_vars = {
+    "ENVIRONMENT"                   = var.environment
     "TTL_TABLE_NAME"                = aws_dynamodb_table.ttl.name
-    "TTL_WAIT_TIME_HOURS"           = 24
     "TTL_SHARD_COUNT"               = local.ttl_shard_count
     "EVENT_PUBLISHER_EVENT_BUS_ARN" = aws_cloudwatch_event_bus.main.arn
     "EVENT_PUBLISHER_DLQ_URL"       = module.sqs_event_publisher_errors.sqs_queue_url
@@ -113,4 +113,19 @@ data "aws_iam_policy_document" "ttl_create_lambda" {
       module.sqs_event_publisher_errors.sqs_queue_arn,
     ]
   }
+
+  statement {
+    sid    = "AllowSSMParam"
+    effect = "Allow"
+
+    actions = [
+      "ssm:GetParameter",
+      "ssm:GetParameters",
+      "ssm:GetParametersByPath",
+    ]
+
+    resources = [
+      "arn:aws:ssm:${var.region}:${var.aws_account_id}:parameter/${var.component}/${var.environment}/senders/*"
+    ]
+  }
 }

infrastructure/terraform/components/dl/module_lambda_ttl_create.tf

@@ -5,8 +5,8 @@
     "axios": "1.12.0",
     "esbuild": "^0.25.9",
     "jsonwebtoken": "^9.0.2",
-    "utils": "*",
-    "qs": "^6.14.0"
+    "qs": "^6.14.1",
+    "utils": "*"
   },
   "devDependencies": {
     "@tsconfig/node22": "^22.0.2",

lambdas/refresh-apim-access-token/package.json

@@ -2,6 +2,7 @@
   "dependencies": {
     "@aws-sdk/lib-dynamodb": "^3.908.0",
     "digital-letters-events": "^0.0.1",
+    "sender-management": "^0.0.1",
     "utils": "^0.0.1"
   },
   "devDependencies": {

lambdas/ttl-create-lambda/package.json

@@ -6,7 +6,7 @@ jest.mock('infra/config', () => ({
     eventPublisherEventBusArn: 'test-arn',
     ttlShardCount: 1,
     ttlTableName: 'test-table',
-    ttlWaitTimeHours: 24,
+    environment: 'test-environment',
   })),
 }));
 
@@ -18,12 +18,17 @@ jest.mock('app/create-ttl', () => ({
   CreateTtl: jest.fn(() => ({})),
 }));
 
+jest.mock('sender-management', () => ({
+  SenderManagement: jest.fn(() => ({})),
+}));
+
 jest.mock('utils', () => ({
   EventPublisher: jest.fn(() => ({})),
   dynamoClient: {},
   eventBridgeClient: {},
   logger: {},
   sqsClient: {},
+  ParameterStoreCache: jest.fn(() => ({})),
 }));
 
 describe('container', () => {

lambdas/ttl-create-lambda/src/__tests__/container.test.ts

@@ -6,15 +6,16 @@ jest.useFakeTimers();
 
 const randomNumber = 0.42;
 const shardCount = 3;
+const ttlWaitTimeSeconds = 24 * 60 * 60;
 const expectedShard = Math.floor(randomNumber * shardCount);
 jest.spyOn(Math, 'random').mockReturnValue(randomNumber);
 
 describe('TtlRepository', () => {
   let logger: any;
   let dynamoClient: any;
+  let senderRepository: any;
   let repo: TtlRepository;
   const tableName = 'table';
-  const ttlWaitTimeHours = 24;
   const item: MESHInboxMessageDownloaded = {
     id: '550e8400-e29b-41d4-a716-446655440001',
     specversion: '1.0',
@@ -40,12 +41,17 @@ describe('TtlRepository', () => {
   beforeEach(() => {
     logger = { info: jest.fn(), error: jest.fn() };
     dynamoClient = { send: jest.fn().mockResolvedValue({}) };
+    senderRepository = {
+      getSender: jest
+        .fn()
+        .mockResolvedValue({ fallbackWaitTimeSeconds: ttlWaitTimeSeconds }),
+    };
     repo = new TtlRepository(
       tableName,
-      ttlWaitTimeHours,
       logger,
       dynamoClient,
       shardCount,
+      senderRepository,
     );
   });
 
@@ -56,7 +62,6 @@ describe('TtlRepository', () => {
   it('logs and inserts item', async () => {
     const now = new Date('2020-01-01T12:00:00').getTime();
     jest.setSystemTime(now);
-    const ttlWaitTimeSeconds = ttlWaitTimeHours * 60 * 60;
     const expectedTtlSeconds = Math.round(now / 1000) + ttlWaitTimeSeconds;
     const expectedTtlDate = new Date(expectedTtlSeconds * 1000)
       .toISOString()
@@ -71,6 +76,10 @@ describe('TtlRepository', () => {
       }),
     );
 
+    expect(senderRepository.getSender).toHaveBeenCalledWith({
+      senderId: item.data.senderId,
+    });
+
     const putCommand: PutCommand = dynamoClient.send.mock.calls[0][0];
     expect(putCommand.input).toStrictEqual({
       TableName: tableName,
@@ -109,4 +118,16 @@ describe('TtlRepository', () => {
 
     expect(gsiPk).toMatch(/^\d{4}-\d{2}-\d{2}#\d{1,2}$/);
   });
+
+  it('throws and logs error when sender not found', async () => {
+    senderRepository.getSender.mockResolvedValue(null);
+
+    await expect(repo.insertTtlRecord(item)).rejects.toThrow(
+      `Sender not found for sender ID ${item.data.senderId}`,
+    );
+
+    expect(logger.error).toHaveBeenCalledWith({
+      description: `Sender not found for sender ID ${item.data.senderId}`,
+    });
+  });
 });

lambdas/ttl-create-lambda/src/__tests__/infra/ttl-repository.test.ts

@@ -1,5 +1,6 @@
 import {
   EventPublisher,
+  ParameterStoreCache,
   dynamoClient,
   eventBridgeClient,
   logger,
@@ -8,22 +9,30 @@ import {
 import { loadConfig } from 'infra/config';
 import { TtlRepository } from 'infra/ttl-repository';
 import { CreateTtl } from 'app/create-ttl';
+import { SenderManagement } from 'sender-management';
 
 export const createContainer = () => {
   const {
+    environment,
     eventPublisherDlqUrl,
     eventPublisherEventBusArn,
     ttlShardCount,
     ttlTableName,
-    ttlWaitTimeHours,
   } = loadConfig();
 
+  const parameterStore = new ParameterStoreCache();
+
+  const senderRepository = SenderManagement({
+    configOverrides: { environment },
+    parameterStore,
+  });
+
   const requestTtlRepository = new TtlRepository(
     ttlTableName,
-    ttlWaitTimeHours,
     logger,
     dynamoClient,
     ttlShardCount,
+    senderRepository,
   );
 
   const createTtl = new CreateTtl(requestTtlRepository, logger);

lambdas/ttl-create-lambda/src/container.ts

@@ -1,17 +1,17 @@
 import { defaultConfigReader } from 'utils';
 
 export type TtlCreateConfig = {
+  environment: string;
   ttlTableName: string;
-  ttlWaitTimeHours: number;
   ttlShardCount: number;
   eventPublisherEventBusArn: string;
   eventPublisherDlqUrl: string;
 };
 
 export function loadConfig(): TtlCreateConfig {
   return {
+    environment: defaultConfigReader.getValue('ENVIRONMENT'),
     ttlTableName: defaultConfigReader.getValue('TTL_TABLE_NAME'),
-    ttlWaitTimeHours: defaultConfigReader.getInt('TTL_WAIT_TIME_HOURS'),
     ttlShardCount: defaultConfigReader.getInt('TTL_SHARD_COUNT'),
     eventPublisherEventBusArn: defaultConfigReader.getValue(
       'EVENT_PUBLISHER_EVENT_BUS_ARN',

lambdas/ttl-create-lambda/src/infra/config.ts

@@ -1,26 +1,34 @@
 import { PutCommand, PutCommandOutput } from '@aws-sdk/lib-dynamodb';
 import { MESHInboxMessageDownloaded } from 'digital-letters-events';
+import { ISenderManagement } from 'sender-management';
 import { Logger } from 'utils';
 
 interface IDynamoCaller {
   send: (updateCommand: PutCommand) => Promise<PutCommandOutput>;
 }
 
 export class TtlRepository {
-  private readonly ttlWaitTimeSeconds;
-
   constructor(
     private readonly tableName: string,
-    ttlWaitTimeHours: number,
     private readonly logger: Logger,
     private readonly dynamoClient: IDynamoCaller,
     private readonly shardCount: number,
-  ) {
-    this.ttlWaitTimeSeconds = ttlWaitTimeHours * 60 * 60;
-  }
+    private readonly senderRepository: ISenderManagement,
+  ) {}
 
   public async insertTtlRecord(item: MESHInboxMessageDownloaded) {
-    const ttlTime = Math.round(Date.now() / 1000) + this.ttlWaitTimeSeconds;
+    const sender = await this.senderRepository.getSender({
+      senderId: item.data.senderId,
+    });
+    if (!sender) {
+      this.logger.error({
+        description: `Sender not found for sender ID ${item.data.senderId}`,
+      });
+      throw new Error(`Sender not found for sender ID ${item.data.senderId}`);
+    }
+
+    const ttlTime =
+      Math.round(Date.now() / 1000) + sender.fallbackWaitTimeSeconds;
 
     this.logger.info({
       description: 'Inserting item into TTL table',