Add support for http observability on vault_cluster resource

[jaireddjawed]

🛠️ Description

Note: This PR is an updated version of an old PR because an acceptance test failed during a release attempt. Changes were made in another PR to allow the test to pass. This PR adds custom HTTP endpoints as an option for observability providers on HCP Vault clusters. I tested this change by adding a unit test that verifies that all required params that are a part of this provider are defined (located in internal/provider/resource_vault_cluster_config_test.go and performed a manual test of these changes.

Manual Test

Requirements

• Terraform v1.6.2

Steps

• Ran make dev in the main directory of this repository
• Created the following terraform script in another folder

terraform {
  required_providers {
    hcp = {
      source  = "localhost/providers/hcp"
      version = "0.0.1"
    }
  }
}

provider "hcp" {
  client_id = "CLIENT_ID"
  client_secret = "CLIENT_SECRET"
  project_id = "PROJECT_ID"
}

provider "aws" {
  region="us-west-2"
}

// Create a HashiCorp Virtual Network (HVN):
resource "hcp_hvn" "terraform-hvn" {
  hvn_id         = "test-hvn"
  cloud_provider = "aws"
  region         = "us-west-2"
  cidr_block     = "172.25.16.0/20"
}

// Create HCPV cluster on AWS:
resource "hcp_vault_cluster" "tf-vault-cluster" {
  depends_on      = [hcp_hvn.terraform-hvn]
  hvn_id          = hcp_hvn.terraform-hvn.hvn_id
  cluster_id      = "test-vault-cluster"
  tier            = "standard_small"
  public_endpoint = true
  proxy_endpoint = "ENABLED"
  lifecycle {
    prevent_destroy = true
  }
  audit_log_config {
    http_uri="https://webhook.site/3eceb6c7-1007-4ce8-900a-fc41d1a400c9"
    http_codec="JSON"
    http_method="POST"
    http_headers = {
      "key1": "value1",
      "key2": "value2",
      "key3": "value3"
    }
    http_bearer_token = "111234567"
  }
}

• Ran the script above by running terraform init and terraform apply in the directory of the terraform script
• Verified that the script worked by looking at the created vault cluster within the portal and viewing that its audit logs provider is the http endpoint specified in the terraform script.

• Checked to see if audit log http requests are the type of request specified in the terraform script (POST), that the headers and bearer token are seen in the http request

Verified that http observability information appears in /etc/vector.d/vector.json

Check to see if errors are valid

• Verified that an error occurs when http_basic_user is given, but http_basic_password is not specified

audit_log_config {
    http_uri="https://webhook.site/3eceb6c7-1007-4ce8-900a-fc41d1a400c9"
    http_codec="JSON"
    http_method="POST"
    http_headers = {
      "key1": "value1",
      "key2": "value2",
      "key3": "value3"
    }
    http_basic_user = "user"
}

• Verified that an error occurs when http_bearer_token and http_basic_user are specified

audit_log_config {
    http_uri="https://webhook.site/3eceb6c7-1007-4ce8-900a-fc41d1a400c9"
    http_codec="JSON"
    http_method="POST"
    http_headers = {
      "key1": "value1",
      "key2": "value2",
      "key3": "value3"
    }
    http_bearer_token = "1231223"
    http_basic_user = "user"
  }

🏗️ Acceptance tests

• Are there any feature flags that are required to use this functionality?
• Have you added an acceptance test for the functionality being added?
• Have you run the acceptance tests on this branch?

Output from acceptance testing:

$ make testacc TESTARGS='-run=TestAccXXX'

...

[helenfufu]

lgtm, holding off on stamp until the public client changes are in

[helenfufu]

Let's merge on Monday next week!