Fetch secrets in a CI job (basic rules)

In this issue, we implement the syntactic improvements to the secrets keyword.

For native GitLab secrets, there are variables that don't need to be defined by the user and the key should be simpler compared to the current Vault integration.

The ideal config should look like:

job-with-secrets:
  secrets:
    MY_SECRET_ON_OPENBAO:
      key: DB_PASS # Translates to something like `<kv-v2 engine path for the project>/ci/DB_PASS`, field `data`

In this issue, we don't need to enforce branch or environment scoping yet.

We should enforce and take into consideration the following:

current user role's permission if they can access secrets
secret's expiration date
check if secret is disabled

Edited Jul 02, 2024 by Erick Bajao