Refactor secrets manager with context config

Mireya Andresrequested to merge
refactor-secrets-manager into master

What does this MR do and why?

The secrets manager is currently only scoped to projects. Work is underway to allow users to manage secrets on the group level as well. On the frontend side, the UX for both project and group secrets are largely the same, so the same Vue components will be reused. However, some refactoring still needs to be done to allow for the current secrets manager code to manage both project and group secrets.

This MR introduces a context configuration file (ee/app/assets/javascripts/ci/secrets/context_config.js) that lists the different GraphQL queries, mutations, and event tracking options depending on if context === 'project' or context === 'group'. This allows us to easily swap these around while keeping the frontend behavior the same. The context config also allows us to easily see the differences between contexts, and what features have been implemented (or need implementation) in both.

The refactoring effort will be split into several MRs to make it easier to review. For this step, we will refactor the code to use the context config only for GraphQL queries. This includes the following:

  • fetching the secrets manager status
  • fetching the list of secrets
  • fetching list of secrets that need rotation (for the rotation alert message)
  • fetching secret details (for one secret) secrets list
  • group and project environments (for the dropdown in the secrets form)

Implementation Plan

MR Description
👈 You are here! Create a context config that will house the project and group GraphQL queries and mutations and use it for queries
TBA Use the context config for GraphQL mutations (create/update/delete secrets)
TBA Rename GraphQL files and prepend with Project to differentiate them from Group queries (e.g. getProjectSecrets vs getGroupSecrets)

References

Partially implements the refactor plan from #577464.

Screenshots or screen recordings

Pipeline should pass. There are no feature changes.

How to set up and validate locally

  1. Upload a Premium license (or above).
  2. Set up openbao and enable the secrets manager on your gdk.
  3. Enable the secrets_manager_group feature flag.
  4. Go to your project/group settings (Settings > General) and expand Visibility, project features, permissions or Permissions and group features and enable the group secrets manager.
  5. Go to /path-to-group/-/secrets and verify that the secrets still load.

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Merge request reports