Implementation of Openbao updates to rails code (!189706) · Merge requests · GitLab.org / GitLab

What does this MR do and why?

The aim of the MR was to update the rails code with the new changes from Openbao. Openbao's release:https://lists.lfedge.org/g/openbao-announce/topic/openbao_v2_2_1/112408076. Openbao-internal repo has also been updated to the new release version. MR link: gitlab-org/govern/secrets-management/openbao-internal!14 (merged)

The code change modifies how environment and branch names are encoded in the secrets management system. Instead of using Base64 URL-safe encoding, the code now uses hexadecimal encoding (via unpack1('H*')). The templates have been updated to use the new hex filter instead of base64, and additional nil checks have been added to prevent errors when environment values are missing.
The service that provisions project secrets managers now ensures the project ID is converted to a string when setting bound claims.
Finally, the code improves the efficiency of listing secrets by using a "detailed-metadata" endpoint instead of making separate requests for each secret's metadata, eliminating an N+1 query issue that was previously noted as temporary.

References

Screenshots or screen recordings

Before	After

How to set up and validate locally

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Implementation of Openbao updates to rails code

What does this MR do and why?

References

Screenshots or screen recordings

How to set up and validate locally

MR acceptance checklist

Merge request reports