NIFI-8732: Adding a HashiCorp Vault K/V Stateless Param Provider

[gresockj]

Thank you for submitting a contribution to Apache NiFi.

Please provide a short description of the PR here:

Description of PR

HashiCorpVaultParameterValueProvider

This provider reads parameter values from HashiCorp Vault, and expects secrets to exist in
the Key/Value (unversioned) Secrets Engine. The connection to a Vault server can be configured
via the ./conf/bootstrap-hashicorp-vault.conf file, which comes with NiFi.

An example of creating a single secret in the correct format is:

vault kv put "nifi-kv/Context/param" value=my-vault-value

In this example, nifi-kv would be supplied by the vault.kv.path property in the bootstrap-hashicorp-vault.conf file,
Context is the name of a Parameter Context, and param is the name of the parameter whose value should be retrieved from the Vault server.

This Parameter Provider requires the following properties:

Property Name	Description	Example Value
nifi.stateless.parameter.provider.<key>.properties.vault-configuration-file	The filename of a configuration file specifying the Vault settings	./conf/bootstrap-hashicorp-vault.conf

An example of configuring this provider in the dataflow configuration file is:

nifi.stateless.parameter.provider.Vault.name=HashiCorp Vault Provider
nifi.stateless.parameter.provider.Vault.type=org.apache.nifi.stateless.parameter.HashiCorpVaultParameterValueProvider
nifi.stateless.parameter.provider.Vault.properties.vault-configuration-file=./conf/bootstrap-hashicorp-vault.conf

In order to streamline the review of the contribution we ask you
to ensure the following steps have been taken:

For all changes:

• Is there a JIRA ticket associated with this PR? Is it referenced
  in the commit message?

• Does your PR title start with NIFI-XXXX where XXXX is the JIRA number you are trying to resolve? Pay particular attention to the hyphen "-" character.

• Has your PR been rebased against the latest commit within the target branch (typically main)?

• Is your initial contribution a single, squashed commit? Additional commits in response to PR reviewer feedback should be made on this branch and pushed to allow change tracking. Do not squash or use --force when pushing to allow for clean monitoring of changes.

For code changes:

• Have you ensured that the full suite of tests is executed via mvn -Pcontrib-check clean install at the root nifi folder?
• Have you written or updated unit tests to verify your changes?
• Have you verified that the full build is successful on JDK 8?
• Have you verified that the full build is successful on JDK 11?
• If adding new dependencies to the code, are these dependencies licensed in a way that is compatible for inclusion under ASF 2.0?
• If applicable, have you updated the LICENSE file, including the main LICENSE file under nifi-assembly?
• If applicable, have you updated the NOTICE file, including the main NOTICE file found under nifi-assembly?
• If adding new Properties, have you added .displayName in addition to .name (programmatic access) for each of the new properties?

For documentation related changes:

• Have you ensured that format looks appropriate for the output in which it is rendered?

Note:

Please ensure that once the PR is submitted, you check GitHub Actions CI for build issues and submit an update to your PR as soon as possible.

[exceptionfactory]

The jcl-over-slf4j dependency should be used in place of commons-logging to maintain SLF4J as the standard logger throughout the system.

[exceptionfactory]

What do you think of naming this to something more specific? It seems like there could be other libraries for interacting with HashiCorp Vault, so including parameter-value-provider in the name would be helpful.

[gresockj]

My thought was that this nar would also contain jars for a hashicorp-vault-parameter-provider and a hashicorp-vault-controller-service. In light of that, I was considering this more analogous to the nifi-aws-nar. What do you think?

[exceptionfactory]

Thanks for the reply, that seems reasonable, and it could always separated later if needed.

[exceptionfactory]

Thanks for the contribution @gresockj, verified parameter resolution in a stateless flow using HashiCorp Vault server, nice work! +1 Merging.