diff --git a/qa/qa/specs/features/ee/browser_ui/13_secure/enable_advanced_sast_spec.rb b/qa/qa/specs/features/ee/browser_ui/13_secure/enable_advanced_sast_spec.rb
index 4507566bea6c7f4073b2ad20aa572395b66984aa..5d7980382ba18d25462c6f66a1bfbca31d3baef4 100644
--- a/qa/qa/specs/features/ee/browser_ui/13_secure/enable_advanced_sast_spec.rb
+++ b/qa/qa/specs/features/ee/browser_ui/13_secure/enable_advanced_sast_spec.rb
@@ -48,18 +48,21 @@ module QA
 
     context 'when Advanced SAST is enabled' do
       it 'finds a vulnerability', testcase: 'https://gitlab.com/gitlab-org/gitlab/-/quality/test_cases/471561' do
-        Resource::Repository::ProjectPush.fabricate! do |push|
-          push.project = project
-          push.file_name = '.gitlab-ci.yml'
-          push.file_content = File.read(
-            File.join(
-              EE::Runtime::Path.fixtures_path, 'secure_advanced_sast_files',
-              '.gitlab-ci.yml'
-            )
-          )
-          push.commit_message = 'Commit .gitlab-ci.yml'
-          push.new_branch = false
-        end
+        create(:commit,
+          project: project,
+          branch: project.default_branch,
+          commit_message: 'Commit .gitlab-ci.yml',
+          actions: [
+            {
+              action: 'create',
+              file_path: '.gitlab-ci.yml',
+              content: File.read(
+                File.join(
+                  EE::Runtime::Path.fixtures_path, 'secure_advanced_sast_files',
+                  '.gitlab-ci.yml'
+                ))
+            }
+          ])
 
         Flow::Login.sign_in_unless_signed_in
         project.visit!
diff --git a/qa/qa/specs/features/ee/browser_ui/13_secure/enable_scanning_from_configuration_spec.rb b/qa/qa/specs/features/ee/browser_ui/13_secure/enable_scanning_from_configuration_spec.rb
index c8e60f0d1072ef66c5af73364ce13fbca6aaa18c..53c779a9e28c7e0978c92a121cfe49d3c266af83 100644
--- a/qa/qa/specs/features/ee/browser_ui/13_secure/enable_scanning_from_configuration_spec.rb
+++ b/qa/qa/specs/features/ee/browser_ui/13_secure/enable_scanning_from_configuration_spec.rb
@@ -23,13 +23,12 @@ module QA
       let(:project) { create(:project, name: 'project-with-secure', description: 'Project with Secure') }
 
       before do
-        Resource::Repository::ProjectPush.fabricate! do |project_push|
-          project_push.project = project
-          project_push.commit_message = 'Create Secure compatible application to serve premade reports'
-          project_push.directory = Pathname.new(
+        build(:commit, project: project,
+          commit_message:  'Create Secure compatible application to serve premade reports') do |commit|
+          commit.add_directory(Pathname.new(
             EE::Runtime::Path.fixture('secure_scanning_enable_from_ui_files')
-          )
-        end
+          ))
+        end.fabricate_via_api!
 
         Flow::Login.sign_in_unless_signed_in
         project.visit!
diff --git a/qa/qa/specs/features/ee/browser_ui/13_secure/on_demand_dast_spec.rb b/qa/qa/specs/features/ee/browser_ui/13_secure/on_demand_dast_spec.rb
index ab3bc11ec1e5ade8bcbcfa8fbc347eea9b1b4329..db0e0c6ed5e6343887ef1009d9a29bd0125cfe01 100644
--- a/qa/qa/specs/features/ee/browser_ui/13_secure/on_demand_dast_spec.rb
+++ b/qa/qa/specs/features/ee/browser_ui/13_secure/on_demand_dast_spec.rb
@@ -32,10 +32,16 @@ module QA
 
       before do
         webgoat.register!
-        Resource::Repository::ProjectPush.fabricate! do |push|
-          push.project = test_project
-          push.file_name = '.gitlab-ci.yml'
-          push.file_content = <<~YML
+
+        create(:commit,
+          project: test_project,
+          branch: test_project.default_branch,
+          commit_message: 'Commit .gitlab-ci.yml',
+          actions: [
+            {
+              action: 'create',
+              file_path: '.gitlab-ci.yml',
+              content: <<~YML
             stages:          # List of stages for jobs, and their order of execution
               - build
 
@@ -43,10 +49,9 @@ module QA
               stage: build
               script:
                 - echo "Compiling the code..."
-          YML
-          push.commit_message = 'Commit .gitlab-ci.yml'
-          push.new_branch = false
-        end
+              YML
+            }
+          ])
 
         # observe pipeline creation
         Flow::Login.sign_in_unless_signed_in
diff --git a/qa/qa/specs/features/ee/browser_ui/13_secure/secret_push_protection_spec.rb b/qa/qa/specs/features/ee/browser_ui/13_secure/secret_push_protection_spec.rb
index 0696cd5a7bd13f0f1f75e4cc2c7ba9ef86d8a056..79765c33a498d60c75243b5e6d500401e6a400af 100644
--- a/qa/qa/specs/features/ee/browser_ui/13_secure/secret_push_protection_spec.rb
+++ b/qa/qa/specs/features/ee/browser_ui/13_secure/secret_push_protection_spec.rb
@@ -8,6 +8,7 @@ module QA
         create(:project, :with_readme, name: 'secret-push-project', description: 'Secret Push Protection Project')
       end
 
+      # In reverse so that the test itself does not flag up a secret detection issue
       let(:reverse_token_prefix) { 'taplg' }
       let(:test_token) { '-JUST20LETTERSANDNUMB' }