Add Vault CI test with deployed Vault with Transit

[shtripat]

This PR introduces a github workflow to deploy HashiCorp Vault with Transit enabled and execute tests.

[harshavardhana]

PTAL at the CI failure

go: downloading github.com/go-logr/stdr v1.2.2
=== RUN   TestVaultCI
    vault_ci_test.go:21: kesconf: invalid vault keystore: invalid approle config: no approle ID specified
--- FAIL: TestVaultCI (0.00s)
FAIL
FAIL	github.com/minio/kes/kesconf	0.014s
FAIL
Error: Process completed with exit code 1.

[harshavardhana]

Looks like KV List permissions are missing @shtripat

[shtripat]

Looks like KV List permissions are missing @shtripat

Somehow locally inside a ubuntu VM with below kes-policy.hcl the tests run fine

path "transit/encrypt/my-key" {
   capabilities = [ "update" ]
}
path "transit/decrypt/my-key" {
   capabilities = [ "update" ]
}
path "kv/*" {
   capabilities = [ "create", "read", "delete", "list" ]
}

root@vm-01:~/kes# go test ./kesconf -v -vault-ci.config=/root/kes/kesconf/testdata/vault/kes-config-vault.yml -run="TestVaultCI"
=== RUN   TestVaultCI
=== RUN   TestVaultCI/Create
=== RUN   TestVaultCI/Get
=== RUN   TestVaultCI/Status
--- PASS: TestVaultCI (0.05s)
    --- PASS: TestVaultCI/Create (0.01s)
    --- PASS: TestVaultCI/Get (0.03s)
    --- PASS: TestVaultCI/Status (0.00s)
PASS
ok  	github.com/minio/kes/kesconf	0.064s

do you mean to change policy as below?

path "transit/encrypt/my-key" {
   capabilities = [ "update", "list" ]
}
path "transit/decrypt/my-key" {
   capabilities = [ "update", "list" ]
}
path "kv/*" {
   capabilities = [ "create", "read", "delete", "list" ]
}

[bh4t]

@harshavardhana @aead can one of you PTAL?

[harshavardhana]

This is close to a year old, looks like this may never get merged. Closing.

[harshavardhana]

Feel free to send when its ready.