feat: allow vault secret to handle write operation

[loispostula]

Allow hashicorp vault secret to use write operation

Checklist

• When introducing a new scaler, I agree with the scaling governance policy
• I have verified that my change is according to the deprecations & breaking changes policy
• Tests have been added
• Changelog has been updated and is aligned with our changelog requirements
• A PR is opened to update our Helm chart (repo) (if applicable, ie. when deployment manifests are modified)
• A PR is opened to update the documentation on (repo) (if applicable)
• Commits are signed with Developer Certificate of Origin (DCO - learn more)

Fixes #5067

Relates to kedacore/charts#547 and kedacore/keda-docs#1242

[github-actions]

Thank you for your contribution! 🙏 We will review your PR as soon as possible.

While you are waiting, make sure to:

• Add an entry in our changelog in alphabetical order and link related issue
• Update the documentation, if needed
• Add unit & e2e tests for your changes
• GitHub checks are passing
• Is the DCO check failing? Here is how you can fix DCO issues

Learn more about:

• Our contribution guide

[zroubalik]

Looking good!

@loispostula do you think you can add unit test for this? hashicorpvault_handler.go is missing test coverage, so we should work on improving this 🙏

[loispostula]

@zroubalik I'm working on adding a e2e test as well, and while adding it I discover an issue, so I'll update my commit with all that

[loispostula]

@zroubalik I've changed the approach for the PR.

I've added support for different vault secret backend. The default behaviour remains the same, if no type is probided, the secret is handled as either a v1 or v2 secret (to keep behaviour of #4152). This allows me to conduct specific pki related unmarshalling as not all keys are string for that one. This would allow to specified additional type in the future if needs be.

Regarding testing, I've move the secret fetching inside of the HashicorpVaultHandler struct, this allows me to make it easier to test the functionalities of it.

I've also made another notable change which is to bundle the call to the vault api by path. This is the default behaviour of consul-template and is especially useful in dynamic secret, as you only want to fetch the secret once and access the different keys

[zroubalik]

Thanks a lot for the great contribution! I like the general direction, I love the tests! I have just a few nits.

[zroubalik]

/run-e2e hashicorp
Update: You can check the progress here

[zroubalik]

/run-e2e hashicorp Update: You can check the progress here

@loispostula what I can see in the test logs logs:

Execution of tests/secret-providers/hashicorp_vault/hashicorp_vault_test.go, has failed after "three" attempts

***0***3-***0-***T***3:36:05Z	ERROR	failed to ensure HPA is correctly created for ScaledObject	***"controller": "scaledobject", "controllerGroup": "keda.sh", "controllerKind": "ScaledObject", "ScaledObject": ***"name":"hashicorp-vault-test-so","namespace":"hashicorp-vault-test-ns"***, "namespace": "hashicorp-vault-test-ns", "name": "hashicorp-vault-test-so", "reconcileID": "30b589***a-88d0-4dfa-b***5d-df9adfd0dd86", "error": "error par sing prometheus metadata: no cert given"***

[loispostula]

/run-e2e hashicorp Update: You can check the progress here

@loispostula what I can see in the test logs logs:

Execution of tests/secret-providers/hashicorp_vault/hashicorp_vault_test.go, has failed after "three" attempts

***0***3-***0-***T***3:36:05Z	ERROR	failed to ensure HPA is correctly created for ScaledObject	***"controller": "scaledobject", "controllerGroup": "keda.sh", "controllerKind": "ScaledObject", "ScaledObject": ***"name":"hashicorp-vault-test-so","namespace":"hashicorp-vault-test-ns"***, "namespace": "hashicorp-vault-test-ns", "name": "hashicorp-vault-test-so", "reconcileID": "30b589***a-88d0-4dfa-b***5d-df9adfd0dd86", "error": "error par sing prometheus metadata: no cert given"***

Thanks a lot, I've replicated locally, and I had not update the e2e test to use the camelCase, retriggering a local test then I'll push

[zroubalik]

/run-e2e hashicorp
Update: You can check the progress here

[zroubalik]

LGTM, great job! Thanks a lot for this great contribution. 🚀

Please just resolve the last few things on the docs PR and we can go ahead and merge this!

🙏

[loispostula]

@zroubalik Thanks, doc pr updated :D Thanks for all the feedback