Allow masking secrets for base component

What does this MR do and why?

Moves secrets to base component so other components can utilise mask_secrets when doing docker#run. Additionally hides the two test signing keys used by the AiGateway component. Although these keys are safe to be shared, they have caused confusion (SIRT incident raised) when they were detected in the logs.

• Before: https://gitlab.com/gitlab-org/gitlab/-/jobs/7485746302#L364
• After: https://gitlab.com/gitlab-org/gitlab/-/jobs/7588730343#L362

How to set up and validate

GitLab test MR using this branch -> gitlab!162801 (closed)

Keys not being printed to logs: https://gitlab.com/gitlab-org/gitlab/-/jobs/7588730343#L362 (AIGW_SELF_SIGNED_JWT__VALIDATION_KEY and AIGW_SELF_SIGNED_JWT__SIGNING_KEY)

Regression checks: GITLAB_QA_USER_AGENT \ QA_EE_ACTIVATION_CODE: https://gitlab.com/gitlab-org/gitlab/-/jobs/7588730343#L379 / https://gitlab.com/gitlab-org/gitlab/-/jobs/7588730295#L375

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

• Commits include Changelog: trailer
• I have evaluated the MR acceptance checklist for this MR.

added QA Quality labels

assigned to @jay_mccure

Reviewer roulette

Changes that require review have been detected! A merge request is normally reviewed by both a reviewer and a maintainer in its primary category and by a maintainer in all other categories.

To spread load more evenly across eligible reviewers, Danger has picked a candidate for each review slot. Feel free to override these selections if you think someone else would be better-suited or use the GitLab Review Workload Dashboard to find other available reviewers.

To read more on how to use the reviewer roulette, please take a look at the Engineering workflow and code review guidelines. Please consider assigning a reviewer or maintainer who is a domain expert in the area of the merge request.

Once you've decided who will review this merge request, mention them as you normally would! Danger does not automatically notify them for you.

Reviewer	Maintainer
@john.mcdonnell (UTC+1, 9 hours behind @jay_mccure)	@mlapierre (UTC+10, same timezone as @jay_mccure)

If needed, you can retry the danger-review job that generated this comment.

Generated by Danger

added 1 commit

• 0d710780 - Hide secrets for base component

Compare with previous version

Proper labels assigned to this merge request. Please ignore me.

@jay_mccure - please see the following guidance and update this merge request.

	1 Error
	Please add typebug typefeature, or typemaintenance label to this merge request.

marked the checklist item Commits include Changelog: trailer as completed

added maintenancerefactor label

resolved all threads

added typemaintenance label

changed the description

resolved all threads

added teamTest Engineering label

resolved all threads

added 1 commit

• 151292e5 - Apply 1 suggestion(s) to 1 file(s)

Compare with previous version

marked this merge request as ready

changed the description

changed the description

changed milestone to %17.4

changed title from Hide secrets for base component to Allow masking secrets for base component

Hiya @john.mcdonnell Would you mind reviewing this change to gitlab-qa ? Thanks!

requested review from @john.mcdonnell

approved this merge request

requested review from @mlapierre and removed review request for @john.mcdonnell

resolved all threads

merged

mentioned in commit 35c9c19b

mentioned in merge request gitlab-org/charts/gitlab!3907 (merged)

mentioned in issue gitlab-com/www-gitlab-com#14364 (closed)