Support project secrets

Secrets are project-scoped and can be managed (created/updated/deleted) only by project admins. Regular users can then reference the secrets in run configurations via ${{ secrets.NAME }}. Project-level secrets allow centralized credential management and such.