feat(formsg): clone repo on webhook trigger from forms

[seaerchin]

Problem

See here

Solution

1. add an endpoint at /formsg/clone-repo
2. add handler to clone at that endpoint based on the form's reply. The form has validation build in (email domain must be .open.gov.sg and must verify email + repo is a required field)

New env vars

• SITE_CLONE_FORM_KEY: used to decrypt the form sg submissions (already added to 1PW on both staging and prod env vars; not yet added to staging EB yet)

Notes

this was tested locally through updating the EFS_VOL_PATH + originUrl (use https instead of ssh as i was facing auth issues) and found working

[harishv7]

should we just allow whitelisted emails?

our admin email perhaps?

[seaerchin]

To be clear, you want to stricten from allowing @open.gov.sg to only [email protected]? I don't see too much of an issue here but what's the extra benefit ah cos this only prevents against internal attacks

[harishv7]

just suggesting least privilege principle. Not too much issue, since this is all internal, will let it up to you to decide

[seaerchin]

^not doing, the experience of having prod ops enter their own email then receive a rejection email saying it must be [email protected] seems less than ideal given that this is all internal users anyway (validation of @open.gov.sg domain)

[kishore03109]

This PR has quite a number of infra moving parts -
eg.

1. formsg
2. efs
3. be

Could we do a quick sanity check testing on stg before release?
since this is internal use using post deploy testing is also fine, thoughts?

[seaerchin]

This PR has quite a number of infra moving parts - eg.

1. formsg
2. efs
3. be

Could we do a quick sanity check testing on stg before release? since this is internal use using post deploy testing is also fine, thoughts?

tbh, i think the only difference between testing on staging vs not, is that the clone step takes place in a different environment (with all of the annoyances that entails); i think i'll just do post-deploy cos it's not open to public anyway.