Add E2E tests for permission based Project Secrets CRUD operations

Shabini Rajadasrequested to merge
e2e-openbao-crud-secrets into master

Issue Link: #569617 (closed)

This MR adds comprehensive end-to-end (E2E) test coverage for the Project Secrets feature in GitLab's Secrets Manager. It implements automated tests to validate CRUD (Create, Read, Update, Delete) operations with permission-based access control across Roles, Users, and Groups.

Why is this needed?

The Secrets Manager feature requires thorough testing to ensure that:

  • Secrets can be created, read, updated, and deleted correctly through the UI
  • Permission-based access control works as expected for different permission types (Role-based, User-based, and Group-based)
  • The UI interactions function properly across the entire secrets lifecycle
  • Users without appropriate permissions are properly blocked from performing unauthorized actions

Test Coverage Summary

Operation Test Case Permission Type User Role Permission Expected Result
Create 581636 Role-based Maintainer Create Secret created successfully
Create 581637 Role-based Reporter No create Permission error
Read 581639 Group-based Reporter Read Secret visible
Read 581640 Role-based Reporter No read Permission error
Update 581641 Role-based Maintainer Update Secret updated
Update 581642 Role-based Reporter No update Permission error
Delete 581643 Role-based Maintainer No delete Permission error
Delete 581644 User-based Reporter Delete Secret deleted
Edited by Shabini Rajadas

Merge request reports