Setup presigning the URLs for opportunity attachments

[chouinar]

Summary

We want the API to presign the s3 URLs in our GET /opportunity endpoint. Presigning a URL makes it so for a period of time, a user can directly access the file.

As the paths we'll have stored in the attachments table are s3 paths, the process should roughly be:

• fetch the opportunity
• iterate over the opportunity attachment records, presign each file_location parameter (note - as a sanity check, make sure this isn't actually modifying the value in the DB)
• return the opportunity

---

We also want this to work with our tests and locally. in our tests we mock out s3, and locally we run localstack which is effectively a different mocked s3 that you can access. We want this approach to work fully locally. The s3 path returned should return a valid link that you can download from. I've tested previously that presigned urls do work locally with localstack. The primary complexity here is setting up the data, our factories should probably be setup to generate a set of static s3 paths (say 5 different files we pre-upload for tests + during the db-seed-local script) that can be randomly picked.

---

I've tested presigning the URLs before in this very hacky closed PR:
https://github.com/navapbc/simpler-grants-gov/pull/68/files

The relevant code is in the opportunity routes - ignore anything regarding redirects.

Open questions:

• How will the AWS access work exactly? Do we want to assume the ecs task role for doing this?

Acceptance criteria

• The GET /opportunity endpoint returns presigned URLs
• The factories have been modified to set the file_location to one of a set of files that a fixture will pre-upload to s3
• The db-seed-local script has been modified to upload a few files that are attached to the opportunities