vault update to 0.31.0-bb.9

Package Merge Request

Package Changes

https://repo1.dso.mil/big-bang/product/packages/vault/-/blob/0.31.0-bb.9/CHANGELOG.md

Package MR

big-bang/product/packages/vault!283 (merged)

For Issue

Closes big-bang/product/packages/vault#187 (closed)

Upgrade Notices

Vault is now leveraging our bb-common integration for network policies and all istio-related resources. Please refer to this blog post for additional information on the integration.

Vault now has a new definition called kms which is intended to allow egress access to the KMS service it is using. Please note that some of the network policies that were previously in place were too lenient resulting in KMS traffic working even when it should not have. For that reason it is recommended to start using this new definition instead of the original networkPolicies.vpcCidr as that value will eventually be deprecated, however, it will continue to work for the time being if specified. For more details on this please refer to our documentation on setting up KMS access for Vault.

Additionally, the tls section no longer exists under the istio section. If you are using the Values.addons.vault.ingress.cert and Values.addons.vault.ingress.key values from the umbrella chart, then this change should have no impact as it is still being mapped from that location. However, if you are using those package values directly please make sure they are updated to allow TLS termination to continue functioning as expected.