Ensure Vault dependencies are same as Vault version used

[johanbrandhorst]

Is your feature request related to a problem? Please describe. Vault is a certified piece of software, and we should ensure that our issuer uses the same version on dependencies as the version of their API client that we're using does, to be as compliant as possible with their certification.

Describe the solution you'd like Something like what is proposed in https://gophers.slack.com/archives/C9BMAAFFB/p1551785876101400, e.g. merge a temporarily created go.mod with our own to maintain the same version requirements.

[johanbrandhorst]

See also https://github.com/golang/go/wiki/Modules#i-have-a-problem-with-a-complex-dependency-that-has-not-opted-in-to-modules-can-i-use-information-from-its-current-dependency-manager