Remove Hashicorp Support

Closes keycloak#9144

quarkus/config-api/src/main/java/org/keycloak/config/VaultOptions.java

@@ -1,13 +1,11 @@
 package org.keycloak.config;
 
 import java.io.File;
-import java.util.Map;
 
 public class VaultOptions {
 
     public enum Provider {
-        file,
-        hashicorp;
+        file;
     }
 
     public static final Option VAULT = new OptionBuilder<>("vault", Provider.class)
@@ -21,23 +19,4 @@ public enum Provider {
             .description("If set, secrets can be obtained by reading the content of files within the given directory.")
             .build();
 
-    public static final Option VAULT_UNMAPPED = new OptionBuilder<>("vault-", String.class)
-            .category(OptionCategory.VAULT)
-            .description("Maps any vault option to their corresponding properties in quarkus-vault extension.")
-            .hidden()
-            .buildTime(true)
-            .build();
-
-    public static final Option VAULT_URL = new OptionBuilder<>("vault-url", String.class)
-            .category(OptionCategory.VAULT)
-            .description("The vault server url.")
-            .hidden()
-            .buildTime(true)
-            .build();
-
-    public static final Option VAULT_KV_PATHS = new OptionBuilder("vault-kv-paths", Map.class, String.class)
-            .category(OptionCategory.VAULT)
-            .description("A set of one or more key/value paths that should be used when looking up secrets.")
-            .hidden()
-            .build();
 }

quarkus/deployment/pom.xml

@@ -101,11 +101,6 @@
             <artifactId>rest-assured</artifactId>
             <scope>test</scope>
         </dependency>
-        <dependency>
-            <groupId>io.quarkiverse.vault</groupId>
-            <artifactId>quarkus-vault-deployment</artifactId>
-            <version>${io.quarkiverse.vault.version}</version>
-        </dependency>
     </dependencies>
 
     <build>

quarkus/pom.xml

@@ -47,11 +47,6 @@
         <sun.saaj-impl.version>1.4.1.SP1</sun.saaj-impl.version>
         <org.jvnet.staxex.version>1.8.3</org.jvnet.staxex.version>
 
-        <!--
-            Quarkiverse dependency versions
-         -->
-        <io.quarkiverse.vault.version>2.0.0</io.quarkiverse.vault.version>
-
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
         <maven.compiler.plugin.version>3.8.1</maven.compiler.plugin.version>
         <maven.compiler.release>11</maven.compiler.release>

quarkus/runtime/pom.xml

@@ -96,11 +96,6 @@
             <groupId>org.wildfly.security</groupId>
             <artifactId>wildfly-elytron</artifactId>
         </dependency>
-        <dependency>
-            <groupId>io.quarkiverse.vault</groupId>
-            <artifactId>quarkus-vault</artifactId>
-            <version>${io.quarkiverse.vault.version}</version>
-        </dependency>
 
         <!-- CLI -->
         <dependency>

quarkus/runtime/src/main/java/org/keycloak/quarkus/runtime/configuration/mappers/VaultPropertyMappers.java

@@ -17,17 +17,6 @@ public static PropertyMapper[] getVaultPropertyMappers() {
                 fromOption(VaultOptions.VAULT_DIR)
                         .to("kc.spi-vault-file-dir")
                         .paramLabel("dir")
-                        .build(),
-                fromOption(VaultOptions.VAULT_UNMAPPED)
-                        .to("quarkus.vault.")
-                        .build(),
-                fromOption(VaultOptions.VAULT_URL)
-                        .to("quarkus.vault.url")
-                        .paramLabel("paths")
-                        .build(),
-                fromOption(VaultOptions.VAULT_KV_PATHS)
-                        .to("kc.spi-vault-hashicorp-paths")
-                        .paramLabel("paths")
                         .build()
         };
     }

quarkus/runtime/src/main/resources/META-INF/services/org.keycloak.vault.VaultProviderFactory

@@ -1,2 +1 @@
 org.keycloak.quarkus.runtime.vault.FilesPlainTextVaultProviderFactory
-org.keycloak.quarkus.runtime.vault.QuarkusVaultProviderFactory

quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testBuildHelp.unix.approved.txt

@@ -78,7 +78,7 @@ Metrics:
 
 Vault:
 
---vault <provider>   Enables a vault provider. Possible values are: file, hashicorp.
+--vault <provider>   Enables a vault provider. Possible values are: file.
 
 Examples:
 

quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testBuildHelp.windows.approved.txt

@@ -43,24 +43,25 @@ Transaction:
 
 Feature:
 
---features <feature> Enables a set of one or more features. Possible values are: authorization,
-                       account2, account-api, admin-fine-grained-authz, admin2, docker,
-                       impersonation, openshift-integration, scripts, token-exchange, web-authn,
-                       client-policies, ciba, map-storage, par, declarative-user-profile,
-                       dynamic-scopes, client-secret-rotation, step-up-authentication,
-                       recovery-codes, update-email, js-adapter, preview.
+--features <feature> Enables a set of one or more features. Possible values are: account-api,
+                       account2, admin, admin-api, admin-fine-grained-authz, admin2, authorization,
+                       ciba, client-policies, client-secret-rotation, declarative-user-profile,
+                       docker, dynamic-scopes, impersonation, js-adapter, map-storage,
+                       openshift-integration, par, preview, recovery-codes, scripts,
+                       step-up-authentication, token-exchange, update-email, web-authn.
 --features-disabled <feature>
-                     Disables a set of one or more features. Possible values are: authorization,
-                       account2, account-api, admin-fine-grained-authz, admin2, docker,
-                       impersonation, openshift-integration, scripts, token-exchange, web-authn,
-                       client-policies, ciba, map-storage, par, declarative-user-profile,
-                       dynamic-scopes, client-secret-rotation, step-up-authentication,
-                       recovery-codes, update-email, js-adapter, preview.
+                     Disables a set of one or more features. Possible values are: account-api,
+                       account2, admin, admin-api, admin-fine-grained-authz, admin2, authorization,
+                       ciba, client-policies, client-secret-rotation, declarative-user-profile,
+                       docker, dynamic-scopes, impersonation, js-adapter, map-storage,
+                       openshift-integration, par, preview, recovery-codes, scripts,
+                       step-up-authentication, token-exchange, update-email, web-authn.
 
 HTTP/TLS:
 
 --http-relative-path <path>
-                     Set the path relative to '/' for serving resources. Default: /.
+                     Set the path relative to '/' for serving resources. The path must start with a
+                       '/'. Default: /.
 
 Health:
 
@@ -77,7 +78,7 @@ Metrics:
 
 Vault:
 
---vault <provider>   Enables a vault provider. Possible values are: file, hashicorp.
+--vault <provider>   Enables a vault provider. Possible values are: file.
 
 Examples:
 

quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartDevHelp.unix.approved.txt

@@ -164,7 +164,7 @@ Proxy:
 
 Vault:
 
---vault <provider>   Enables a vault provider. Possible values are: file, hashicorp.
+--vault <provider>   Enables a vault provider. Possible values are: file.
 --vault-dir <dir>    If set, secrets can be obtained by reading the content of files within the
                        given directory.
 
@@ -221,4 +221,4 @@ Logging:
 Do NOT start the server using this command when deploying to production.
 
 Use 'kc.sh start-dev --help-all' to list all available options, including build
-options.
+options.

quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartDevHelp.windows.approved.txt

@@ -66,19 +66,19 @@ Transaction:
 
 Feature:
 
---features <feature> Enables a set of one or more features. Possible values are: authorization,
-                       account2, account-api, admin-fine-grained-authz, admin2, docker,
-                       impersonation, openshift-integration, scripts, token-exchange, web-authn,
-                       client-policies, ciba, map-storage, par, declarative-user-profile,
-                       dynamic-scopes, client-secret-rotation, step-up-authentication,
-                       recovery-codes, update-email, js-adapter, preview.
+--features <feature> Enables a set of one or more features. Possible values are: account-api,
+                       account2, admin, admin-api, admin-fine-grained-authz, admin2, authorization,
+                       ciba, client-policies, client-secret-rotation, declarative-user-profile,
+                       docker, dynamic-scopes, impersonation, js-adapter, map-storage,
+                       openshift-integration, par, preview, recovery-codes, scripts,
+                       step-up-authentication, token-exchange, update-email, web-authn.
 --features-disabled <feature>
-                     Disables a set of one or more features. Possible values are: authorization,
-                       account2, account-api, admin-fine-grained-authz, admin2, docker,
-                       impersonation, openshift-integration, scripts, token-exchange, web-authn,
-                       client-policies, ciba, map-storage, par, declarative-user-profile,
-                       dynamic-scopes, client-secret-rotation, step-up-authentication,
-                       recovery-codes, update-email, js-adapter, preview.
+                     Disables a set of one or more features. Possible values are: account-api,
+                       account2, admin, admin-api, admin-fine-grained-authz, admin2, authorization,
+                       ciba, client-policies, client-secret-rotation, declarative-user-profile,
+                       docker, dynamic-scopes, impersonation, js-adapter, map-storage,
+                       openshift-integration, par, preview, recovery-codes, scripts,
+                       step-up-authentication, token-exchange, update-email, web-authn.
 
 Hostname:
 
@@ -113,7 +113,8 @@ HTTP/TLS:
 --http-host <host>   The used HTTP Host. Default: 0.0.0.0.
 --http-port <port>   The used HTTP port. Default: 8080.
 --http-relative-path <path>
-                     Set the path relative to '/' for serving resources. Default: /.
+                     Set the path relative to '/' for serving resources. The path must start with a
+                       '/'. Default: /.
 --https-certificate-file <file>
                      The file path to a server certificate or certificate chain in PEM format.
 --https-certificate-key-file <file>
@@ -163,7 +164,7 @@ Proxy:
 
 Vault:
 
---vault <provider>   Enables a vault provider. Possible values are: file, hashicorp.
+--vault <provider>   Enables a vault provider. Possible values are: file.
 --vault-dir <dir>    If set, secrets can be obtained by reading the content of files within the
                        given directory.
 

quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartDevHelpAll.unix.approved.txt

@@ -222,7 +222,7 @@ Proxy:
 
 Vault:
 
---vault <provider>   Enables a vault provider. Possible values are: file, hashicorp.
+--vault <provider>   Enables a vault provider. Possible values are: file.
 --vault-dir <dir>    If set, secrets can be obtained by reading the content of files within the
                        given directory.
 
@@ -285,4 +285,4 @@ Security (Experimental):
 Do NOT start the server using this command when deploying to production.
 
 Use 'kc.sh start-dev --help-all' to list all available options, including build
-options.
+options.