feat: change vault to use package install (#264)

- vault 18.2 rpm produced by rpmbuilder repo
- ensure the /etc/vault directory is managed
- ensure service file is managed by puppet
- ensure package comes from unkin repo (not hashicorp)
- disable_mlock as unprivileged containers cannot use mlock

Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/264

hieradata/common.yaml

@@ -175,6 +175,13 @@ consul::install_method: 'package'
 consul::manage_repo: false
 consul::bin_dir: /usr/bin
 
+vault::install_method: 'repo'
+vault::manage_repo: false
+vault::bin_dir: /usr/bin
+vault::manage_service_file: true
+vault::manage_config_dir: true
+vault::disable_mlock: true
+
 profiles::dns::master::basedir: '/var/named/sources'
 profiles::dns::base::ns_role: 'roles::infra::dns::resolver'
 profiles::dns::base::use_ns: 'region'

site/profiles/manifests/vault/server.pp

@@ -6,10 +6,6 @@ class profiles::vault::server (
     Undef
   ]         $members_role   = undef,
   Array     $vault_servers  = [],
-  Enum[
-    'archive',
-    'repo'
-  ]         $install_method = 'archive',
   Boolean       $tls_disable        = false,
   Stdlib::Port  $client_port        = 8200,
   Stdlib::Port  $cluster_port       = 8201,
@@ -56,7 +52,6 @@ class profiles::vault::server (
 
     class { 'vault':
       manage_service     => false,
-      install_method     => $install_method,
       manage_storage_dir => $manage_storage_dir,
       enable_ui          => true,
       storage            => {