Move the SENSITIVE_SERVICE variable to be part of the DB

[jzbahrai]

Description

We can't store the SENSITIVE_SERVICE in the .env file anymore:

notification-manifests git:(task/add-sens) make encrypt-production
cd env/production &&\
    zip .env.zip .env &&\
    aws kms encrypt --key-id e9461cc1-4524-4b50-b6e6-583013da2904 --plaintext fileb://.env.zip --output text --query CiphertextBlob --region ca-central-1 | base64 --decode > .env.zip.enc.aws
updating: .env (deflated 47%)

An error occurred (ValidationException) when calling the Encrypt operation: 1 validation error detected: Value at 'plaintext' failed to satisfy constraint: Member must have length less than or equal to 4096

need to move it to the DB

Documentation and Artifacts

Good docs, figma mockups, ADRs, screenshots etc.

Acceptance Criteria

Given some context, when (X) action occurs, then (Y) outcome is achieved

• [ ] Cypress UI tests if needed.

• [ ] Generate appropriate log messages so that executions of this feature can be tracked

• [ ] Can misuse of this feature cause harm? If yes, create an alert

• [ ] Update the status of related findings, insights, and hypotheses on the Research Airtable

• [ ] Once change/fix/feature is implemented, link relevant Airtable records to design artifacts (Figma)

• [ ] Does the feature change our Information Architecture? If so, update the Sitemap in En/Fr

• A11y

• Bilingualism

• Privacy considerations

• Security controls in place

• Measuring success and metrics

Related Research Airtable records

• (find stuff yourself)

QA Steps

• [ ] Tested in a realistic production scenario

[yaelberger-commits]

Most of the code done, would like @andrewleith to review

[yaelberger-commits]

Issue related to bug with reply-to and CSV files

[yaelberger-commits]

Merged code in Staging and tested Will go out in Prod today

[yaelberger-commits]

Need another PR to get rid of configs in production

[yaelberger-commits]

In prod now, removed from manifest repo, should go out with today's deploy