Enable OpenBao integration testing in GitLab Chart pipelines

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

• Close this issue

Problem to solve

GitLab Chart currently does not test OpenBao Chart integration in its pipelines. This creates a significant gap in our testing coverage for GitLab Secrets Manager functionality.

Current state:

• Unit tests template the chart and compare rendered manifests, but don't deploy OpenBao
• Deployment tests (like trigger-eks133) deploy GitLab without OpenBao
• The trigger-chart-test job from CNG MR pipelines doesn't validate OpenBao integration

Impact:

• Broken gitlab-openbao CNG images could be used in production without detection
• Changes to GitLab Chart that break OpenBao integration won't be caught
• No automated validation that the OpenBao Chart deploys successfully with GitLab Chart

This was surfaced in [Discuss] Automated tests for gitlab-openbao CN... (#579781 - closed).

Please note that E2E test on CNG are not in scope as they are covered by #573410.

Proposal

Add OpenBao integration tests to GitLab Chart.

Implementation Plan

(generated, to be refined)

1. Update default test values in autodevops.sh to configure OpenBao deployment

   • Enable the OpenBao subchart in test configurations
   • Configure necessary values for OpenBao to deploy successfully

2. Add basic deployment validation that:

   • Deploys the OpenBao Chart alongside GitLab
   • Validates that OpenBao pods come up healthy
   • Ensures the integration doesn't break GitLab Chart deployments

3. (Optional) Update CNG developer documentation

   • Provide guidance on when to trigger trigger-chart-test to test OpenBao integration
   • Consider automatically triggering when the gitlab-openbao directory changes in CNG