Vault CLI and the connector up to 1.4 support providing a path to a CA
certificate file. Introduce support for providing PEM encoded content
directly which might be convenient in container environments to provide
a certificate e.g. from secrets without mounting it to some path.
The interface has some methods to read database credentials from
specific mountpoints like "mysql". While ann database mounts share
the same credential endpoints, the mount point itself can have any
name. Let's clean up some methods of low benefit and deprecate the
convenience methods.
Trivial replacement is `getDbCredentials()` with explicit mount point,
if it's actually mounted on that path.
App-ID is deprecated since Vault 0.6 and was removed in 1.12.
Our compatibility methods are deprecated since Connector 0.4. It's time
to drop it for good.
The Java HTTP client implements AutoCloseable since JDK 21. Closing the
client ensures that asynchronous operations and streams are properly
terminated.
As we support Java 11, we add any old school "finally" wrapper and
conditionally close the client when running on a modern platform.
Converting the payload using toString() is not an appropriate way to
feed a JSON parser. We now use JSON roundtrip for type mapping and
introduce shortcuts of the type already matches the target type.
Timestamps have been stored with their String representation from the
API with convenience methods to convert them into ZonedDateTime.
We now use the Jackson JavaTimeModule to parse them directly and swap
the real and convenience getters.
