Platform/bill/16144

[wcutshall]

This PR contains coding changes for user story 16144.

Test Steps:

1. POST a message through Postman (or equivalent) and observe the log files.

Changes

• Modified FHIRTranslator and associated tests.
  • Added new ITEM_TRANSLATE azure event in translate function.
  • Check for matching file digest SHAs.

Checklist

Testing

• Tested locally?
• Ran ./prime test or ./gradlew testSmoke against local Docker ReportStream container?
• [N/A] (For Changes to /frontend-react/...) Ran npm run lint:write?
• Added tests?

Process

• Are there licensing issues with any new dependencies introduced? N/A
• Includes a summary of what a code reviewer should test/verify?
• Updated the release notes? N/A
• Database changes are submitted as a separate PR? N/A
• DevOps team has been notified if PR requires ops support? N/A

Linked Issues

• N/A

To Be Done

• N/A

Specific Security-related subjects a reviewer should pay specific attention to

• Does this PR introduce new endpoints? No
• Does this PR include changes in authentication and/or authorization of existing endpoints? No
• Does this change introduce new dependencies that need vetting? No
• Does this change require changes to our infrastructure? No
• Does logging contain sensitive data? No
• Does this PR include or remove any sensitive information itself? No

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package	Version	Score	Details

Scanned Manifest Files

[github-actions]

Test Results

1 248 tests  +1   1 244 ✅ +1   7m 43s ⏱️ +4s
  162 suites ±0       4 💤 ±0 
  162 files   ±0       0 ❌ ±0 

Results for commit 97b21ad. ± Comparison against base commit 9258b5d.

♻️ This comment has been updated with latest results.

[github-actions]

Integration Test Results

 54 files  ±0   54 suites  ±0   28m 36s ⏱️ +43s
414 tests ±0  404 ✅ ±0  10 💤 ±0  0 ❌ ±0 
417 runs  ±0  407 ✅ ±0  10 💤 ±0  0 ❌ ±0 

Results for commit 97b21ad. ± Comparison against base commit 9258b5d.

♻️ This comment has been updated with latest results.

[arnejduranovic]

This seems wrong to me. The digest value in the message I believe would be the digest of the blob associated with the passed in report (so the report that is downloaded in sendTranslated). Here, you are downloading the ROOT report, which would have a different digest.

[wcutshall]

So, if I'm understanding correctly, we should be comparing message.digest with blobInfo.digest (after the file is uploaded)?

[arnejduranovic]

message.digest is already used in sendTranslated and that's the only place it should be used. Here, you are downloading the root report, so you need to to compare the downloaded root report to the root report's digest (which is stored in the DB report_file table)

[wcutshall]

Latest changes should address this.

[arnejduranovic]

We should prefer the style that is shown in FHIRDestinationFilter where we pass in the builder directly to sendItemEvent (so we remain consistent):

reportEventService.sendItemEvent(
            eventName = ReportStreamEventName.ITEM_ROUTED,
            childReport = report,
            pipelineStepName = TaskAction.destination_filter
        ) {
            parentReportId(queueMessage.reportId)
            params(
                mapOf(
                ReportStreamEventProperties.RECEIVER_NAME to receiver.fullName,
                ReportStreamEventProperties.BUNDLE_DIGEST
                    to bundleDigestExtractor.generateDigest(bundle)
            )
            )
            trackingId(bundle)
        }

[wcutshall]

Should be in there now.

[arnejduranovic]

nit: Have we considered updating this to use BlobAccess.downloadBlob(...) which will do the digest check for us?

[wcutshall]

Made the change.

[sonarcloud]

Quality Gate passed

Issues
2 New issues
0 Accepted issues

Measures
0 Security Hotspots
97.1% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[arnejduranovic]

great work!