Support for custom K8s authentication path

[dttung2905]

Hi team,

It's really really fantastic to see this project being active again.

Goal

We would like to support custom Authentication path for Vault K8s authentication, rather than the default one v1/auth/kubernetes/login as specified in official doc

Problem

• The current way is relying on the default value when calling loginByKubernetes() method
  

  secret-provider/secret-provider/src/main/scala/io/lenses/connect/secrets/providers/VaultHelper.scala

  Lines 81 to 87 in 7523823

  	case VaultAuthMethod.KUBERNETES =>
  	settings.k8s
  	.map(k8s =>
  	vault
  	.auth()
  	.loginByKubernetes(k8s.role, k8s.jwt.value())
  	.getAuthClientToken,

  where the path is hardcoded to (source)

    public AuthResponse loginByJwt(final String provider, final String role, final String jwt)
            throws VaultException {
        return retry(attempt -> {
            // HTTP request to Vault
            final String requestJson = Json.object().add("role", role).add("jwt", jwt)
                    .toString();
            final RestResponse restResponse = new Rest()
                    .url(config.getAddress() + "/v1/auth/" + provider + "/login")

• However the repo vault-java-driver has not been maintaiend in a few years with the reply from the original author (link)

My proposed solution

• For the secret-provider side, I did a rough sketch a while ago add option to provide custom auth path dttung2905/secret-provider#1. Of course there are a few things to take care as well. For example, how to fallback when user does not provide any authentication path
• For vault-java-driver, the author has mentioned a few approaches in his post. I think the least disruptive would be switching to a community fork https://github.com/jopenlibs/vault-java-driver, which was very actively developed. I could submit another PR to add that feature on their side as well.

Please let me know what you think David Sloan (@davidsloan). Sorry for directly tagging you as your recent activity in this repo is the only reason that motivate me to write this lengthy issue 😄

[davidsloan]

Hi Dao Thanh Tung (@dttung2905) . We at Lenses are happy to be back working on our open source projects!

Thanks for the detailed write-up of the issue.

The reliance the unmaintained vault lib is indeed an issue and we are looking into ways of addressing this. Switching to the new fork is definitely an option we are evaluating, and as you say the least disruptive.

Please feel free to submit a PR to address your needs 🥇 . Let me know if you need any support. Thank you!

[dttung2905]

Hi David Sloan (@davidsloan),

Thanks so much for the support !. Let me find some time submit the changes on the fork of the Vault library first https://github.com/jopenlibs/vault-java-driver first, before making another changes on this repo 🙏