The vault storage entry is removed before cleaning up artifactory resources

Artifactory cleanup should happen before deleting entries from vault storage.

If a resource on artifactory cannot be deleted due to well known pre-reqs not met (eg: missing role after external deletion), the role deletion should succeed.

Additionally, a force/skip option can be accepted on deletion to delete vault storage entries regardless of the outcome of the artifactory calls.

it's currently creating a token scoped to a group with given permission targets.
we should have a capability to let a token scoped to multiple groups.

this is beneficial when it comes to sharing a common group. i.e. reader group or metadata write permission.

AC:

• role accepts groups parameter which accepts existing groups
• token is created against a created group and groups

validation:

• it's possible to only pass groups but not permission targets at the time of role creation and it shouldn't error out

TBD:
non-existing group is attached to a role. it'll for sure throw out run time error at the time of token creation. should we also have a group existence check at the time of role creation?

Hi there 👋

Just wanted to say thanks for open-sourcing this secrets engine - it's working nicely for me

setting up CI

• CLA check
• test
• code coverage
• security scanning
• package build/publish

When two vault instances use this plugin pointed at the same Artifactory instance, it causes corrupt Artifactory permission targets as the UUID generated for group name is different on each, while still using the same permission target name.

By using a hash of the roleName instead of UUID, we can ensure no mixed/matched permission targets.

create tag, release and binaries for distribution purpose