Remove forms-api task from review apps

stephencdaly · stephencdaly · commit fd67a02abe0a · 2025-09-25T17:39:29.000+01:00
Forms-runner now makes requests to forms-admin rather than forms-api
to get forms. Update the review apps so that the forms-api container
is no longer created and forms-runner makes requests to forms-admin
rather than forms-api.
diff --git a/.review_apps/README.md b/.review_apps/README.md
@@ -5,7 +5,6 @@ The Terraform code in this directory is used to deploy a review copy of `forms-r
 It constructs a minimal, ephemeral version of a GOV.UK Forms environment in AWS ECS that can be used for reviews, then freely destroyed. This includes: 
 
 * a copy of `forms-runner` at the commit in question
-* a copy of the version of `forms-api` currently in production
 * a copy of the version of `forms-admin` currently in production
 * a local PostgreSQL database with seed data for both `forms-api` and `forms-admin`
 * a local Redis instance of session storage
diff --git a/.review_apps/ecs_task_definition.tf b/.review_apps/ecs_task_definition.tf
@@ -9,6 +9,7 @@ locals {
   # Subject Alternative Names on certificates can only contain one wildcard,
   # and the wildcard can only match a single label (i.e. "y." but not "x.y.")
   admin_app_hostname = "pr-${var.pull_request_number}-admin.submit.review.forms.service.gov.uk"
+  admin_app_internal_hostname = "pr-${var.pull_request_number}-admin-internal.submit.review.forms.service.gov.uk"
 
   forms_runner_env_vars = [
     { name = "DATABASE_URL", value = "postgres://postgres:postgres@127.0.0.1:5432/forms-runner" },
@@ -22,7 +23,7 @@ locals {
     { name = "SETTINGS__ANALYTICS_ENABLED", value = "false" },
     { name = "SETTINGS__CLOUDWATCH_METRICS_ENABLED", value = "false" },
     { name = "SETTINGS__FORMS_ADMIN__BASE_URL", value = "https://${local.admin_app_hostname}" },
-    { name = "SETTINGS__FORMS_API__BASE_URL", value = "http://localhost:9292" },
+    { name = "SETTINGS__FORMS_API__BASE_URL", value = "https://${local.admin_app_internal_hostname}" },
     { name = "SETTINGS__FORMS_ENV", value = "review" },
 
     ##
@@ -33,15 +34,6 @@ locals {
     ##
   ]
 
-  forms_api_env_vars = [
-    { name = "DATABASE_URL", value = "postgres://postgres:postgres@127.0.0.1:5432" },
-    { name = "EMAIL", value = "review-app-submissions@review.forms.service.gov.uk" },
-    { name = "RAILS_DEVELOPMENT_HOSTS", value = "localhost:9292" },
-    { name = "RAILS_ENV", value = "production" },
-    { name = "SECRET_KEY_BASE", value = "unsecured_secret_key_material" },
-    { name = "SETTINGS__FORMS_ENV", value = "review" },
-  ]
-
   forms_admin_env_vars = [
     { name = "DATABASE_URL", value = "postgres://postgres:postgres@127.0.0.1:5432" },
     { name = "GOVUK_APP_DOMAIN", value = "publishing.service.gov.uk" },
@@ -52,8 +44,6 @@ locals {
     { name = "SECRET_KEY_BASE", value = "unsecured_secret_key_material" },
     { name = "SETTINGS__ACT_AS_USER_ENABLED", value = "true" },
     { name = "SETTINGS__AUTH_PROVIDER", value = "developer" },
-    { name = "SETTINGS__FORMS_API__AUTH_KEY", value = "unsecured_api_key_for_review_apps_only" },
-    { name = "SETTINGS__FORMS_API__BASE_URL", value = "http://localhost:9292" },
     { name = "SETTINGS__FORMS_ENV", value = "review" },
     { name = "SETTINGS__FORMS_RUNNER__URL", value = "https://${local.runner_review_app_hostname}" },
   ]
@@ -138,45 +128,6 @@ resource "aws_ecs_task_definition" "task" {
       ]
     },
 
-    # forms-api
-    {
-      name                   = "forms-api"
-      image                  = "711966560482.dkr.ecr.eu-west-2.amazonaws.com/forms-api-deploy:latest"
-      command                = []
-      essential              = true
-      environment            = local.forms_api_env_vars
-      readonlyRootFilesystem = true
-
-      portMappings = [{ containerPort = 9292 }]
-
-      logConfiguration = {
-        logDriver = "awslogs"
-        options = {
-          awslogs-group         = data.terraform_remote_state.review.outputs.review_apps_log_group_name
-          awslogs-region        = "eu-west-2"
-          awslogs-stream-prefix = "${local.logs_stream_prefix}/forms-api"
-        }
-      }
-
-      healthCheck = {
-        command     = ["CMD-SHELL", "wget -O - 'http://localhost:9292/up' || exit 1"]
-        interval    = 30
-        retries     = 5
-        startPeriod = 180
-      }
-
-      dependsOn = [
-        {
-          containerName = "postgres"
-          condition     = "HEALTHY"
-        },
-        {
-          containerName = "forms-api-seeding",
-          condition     = "SUCCESS"
-        }
-      ]
-    },
-
     # forms-admin
     {
       name                   = "forms-admin"
@@ -195,6 +146,12 @@ resource "aws_ecs_task_definition" "task" {
 
         "traefik.http.services.forms-runner-pr-${var.pull_request_number}-admin-app.loadbalancer.server.port" : "3000",
         "traefik.http.services.forms-runner-pr-${var.pull_request_number}-admin-app.loadbalancer.healthcheck.path" : "/up",
+
+        "traefik.http.middlewares.forms-runner-pr-${var.pull_request_number}-admin-app-internal.ipallowlist.sourcerange": "127.0.0.1/32",
+        "traefik.http.routers.forms-runner-pr-${var.pull_request_number}-admin-app-internal.rule" : "Host(`${local.admin_app_internal_hostname}`)",
+        "traefik.http.routers.forms-runner-pr-${var.pull_request_number}-admin-app-internal.service": "forms-runner-pr-${var.pull_request_number}-admin-app",
+        "traefik.http.routers.forms-runner-pr-${var.pull_request_number}-admin-app-internal.middlewares": "forms-runner-pr-${var.pull_request_number}-admin-app-internal@ecs"
+
         "traefik.enable" : "true",
       },
 
@@ -315,32 +272,6 @@ resource "aws_ecs_task_definition" "task" {
       ]
     },
 
-    # forms-api-seeding
-    {
-      name                   = "forms-api-seeding"
-      image                  = "711966560482.dkr.ecr.eu-west-2.amazonaws.com/forms-api-deploy:latest"
-      command                = ["rake", "db:setup"]
-      essential              = false
-      environment            = local.forms_api_env_vars
-      readonlyRootFilesystem = true
-
-      logConfiguration = {
-        logDriver = "awslogs"
-        options = {
-          awslogs-group         = data.terraform_remote_state.review.outputs.review_apps_log_group_name
-          awslogs-region        = "eu-west-2"
-          awslogs-stream-prefix = "${local.logs_stream_prefix}/forms-api-seeding"
-        }
-      }
-
-      dependsOn = [
-        {
-          containerName = "postgres"
-          condition     = "HEALTHY"
-        }
-      ]
-    },
-
     # forms-admin-seeding
     {
       name                   = "forms-admin-seeding"
