Document ideal requirements for a native secrets management integration for workspaces

Background

grouppipeline security is currently exploring an MVC for GitLab-native secrets management. Meanwhile, we've been working to support cloning private repositories during the creation of a workspace which requires injecting credentials into the container.

Goal

Provide input to grouppipeline security to help shape the MVC. How would a native secrets management solution benefit workspaces? How would we expect it to work?

Outcome

TBD