CI/CD variables lack audit-ability

Problem

From https://gitlab.com/gitlab-org/gitlab/-/issues/212732

Lack of audit-ability and approval/ownership the same way code can be managed

#30857 (closed) should help with this in part.