Merge pull request #5855 from nhsuk/pentest_environment_setup

Setup the pentest environment

Author: TheOneFromNorway

.github/workflows/deploy-application.yml

@@ -17,6 +17,7 @@ on:
           - sandbox-alpha
           - sandbox-beta
           - performance
+          - pentest
       server_types:
         description: Server types to deploy
         required: true

.github/workflows/deploy.yml

@@ -34,6 +34,7 @@ on:
           - sandbox-alpha
           - sandbox-beta
           - performance
+          - pentest
       server_types:
         description: Server types to deploy
         required: true

terraform/app/env/pentest-backend.hcl

@@ -0,0 +1,2 @@
+bucket         = "nhse-mavis-terraform-state"
+key            = "terraform-pentest.tfstate"

terraform/app/env/pentest.tfvars

@@ -0,0 +1,24 @@
+environment            = "pentest"
+rails_master_key_path  = "/copilot/mavis/secrets/STAGING_RAILS_MASTER_KEY"
+mise_sops_age_key_path = "/copilot/mavis/secrets/STAGING_MISE_SOPS_AGE_KEY"
+dns_certificate_arn    = null
+resource_name = {
+  rds_security_group       = "mavis-pentest-rds-sg"
+  loadbalancer             = "mavis-pentest-alb"
+  lb_security_group        = "mavis-pentest-alb-sg"
+  cloudwatch_vpc_log_group = "mavis-pentest-FlowLogs"
+}
+
+http_hosts = {
+  MAVIS__HOST                        = "pentest.mavistesting.com"
+  MAVIS__GIVE_OR_REFUSE_CONSENT_HOST = "pentest.mavistesting.com"
+}
+
+max_aurora_capacity_units = 64
+container_insights        = "enhanced"
+
+enable_enhanced_db_monitoring = true
+enable_backup_to_vault        = true
+
+minimum_reporting_replicas = 2
+maximum_reporting_replicas = 4

terraform/app/variables.tf

@@ -11,7 +11,7 @@ variable "environment" {
 
   validation {
     condition = contains([
-      "sandbox-alpha", "sandbox-beta", "qa", "performance", "test", "training", "preview", "production"
+      "sandbox-alpha", "sandbox-beta", "qa", "performance", "test", "training", "preview", "pentest", "production"
     ], var.environment)
     error_message = "Valid values for environment: sandbox-alpha, sandbox-beta, qa, performance, test, training, preview, production."
   }