Add secrets manager permissions UI

Mireya Andresrequested to merge
secrets/permissions-table into master

What does this MR do and why?

This adds the secrets manager permissions settings under Settings > General > Visibility, project features, permissions. For now, this sets up the UI and behavior depending on whether the user is Owner or Maintainer. We will add the actual form and queries/mutations in a future MR.

The settings should behave as follows:

  • Permissions are divided into three categories (tabs): Users, Groups, Roles. The Group table does not have a Role column.
  • Owners can view the table and add permissions.
  • Maintainers can only view the table. The Add button is hidden from them.
  • The Permissions Table (and the toggle for the Secrets Manager) is only available if the feature is licensed (on Ultimate).

Additionally, the UI for the toggle that enables/provisions the secrets manager has changed. It was hidden from Maintainers in the past; now, it is rendered but disabled unless the user is an Owner.

It might be easier to review this MR by commit:

Commit Description
5d89f4aade7da171da0fc90697bfc21fc4934d93 Move secrets manager settings from shared/permissions/components to shared/permissions/secrets_manager: The secrets manager permissions settings will have many components, so this is just to re-organize the files.
[c07e63e2c29a85c8ec6a37b41542a7ec8936e447](!190007 (c07e63e2)) Add permissions table: Adds the UI changes described above

References

Partially implements #470367 (closed).

Design: #503311 (closed)

Screenshots or screen recordings

Owner Maintainer
Screenshot_2025-05-02_at_12.36.15 Screenshot_2025-05-02_at_12.36.21
Screenshot_2025-05-02_at_14.05.15 Screenshot_2025-05-02_at_13.16.43

Screen_Recording_2025-05-02_at_14.04.19

How to set up and validate locally

Set up openbao on your gdk.

  1. Make sure you have an Ultimate license on your gdk.
  2. Go to your project settings (Settings > General) and expand Visibility, project features, permissions.
  3. Verify that the permissions table is not rendered. The toggle should be disabled for Maintainers.
  4. Turn on the Secrets Manager toggle and wait for the provisioning process to finish.
  5. Verify that the permissions table is rendered.
    • Only Owners can see the button for adding permissions.

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Mireya Andres

Merge request reports