purgeUnmanagedConfig does not function as documented

[BrandonS05]

Describe the bug:
This is a followup to https://github.com/banzaicloud/bank-vaults/issues/605. The functionality of purgeUnmanagedConfig does not function as documented (https://banzaicloud.com/docs/bank-vaults/external-configuration/purge-unmanaged-configuration). The documentation claims that purgeUnmanagedConfig gives you "full control" by removing any unmanaged configuration, and once enabled "any changes not in Bank-Vaults configuration will be removed (including manual changes)." When I add a line in externalConfig to create a k8s role, then later remove it, the role is not cleaned up. The same is true when adding and removing an ldap group. The only way I'm able to clean up auth configuration via external config is by deleting all auth config to disable the auth engine, then adding the auth config back in again.

Expected behaviour:
If I remove a single authentication role, group, etc. from my externalConfig, purgeUnmanagedConfig should clean it up.

Steps to reproduce the bug:
Add an auth role in externalConfig with purgeUnmanagedConfig enabled, reapply the vault cr with the line removed, and observe the role is not cleaned up on Vault.

Environment details:
bank-vaults version: 1.15.2
Install method: helm
Logs from the misbehaving component: no error logs; bank-vaults logs claim the configuration is successful.

/kind bug

[AndersBennedsgaard]

I agree, the documentation could be improved with regards to the garbage collection.

The reason for this discrepancy with roles not being removed, is that https://github.com/banzaicloud/bank-vaults/pull/1513 only introduced garbage collection of the unmanaged auth methods with purgeUnmanagedConfig, and not the underlying roles.
I believe a solution could be as simple as adding a removeUnmanagedRoleMethods, similar to internal/vault/auth_methods.go#L471, which just loops over each existing auth method, and checks for the existence of each declared role.

[github-actions]

Thank you for your contribution! This issue has been automatically marked as stale because it has no recent activity in the last 60 days. It will be closed in 20 days, if no further activity occurs. If this issue is still relevant, please leave a comment to let us know, and the stale label will be automatically removed.

[github-actions]

Thank you for your contribution! This issue has been automatically marked as stale because it has no recent activity in the last 60 days. It will be closed in 20 days, if no further activity occurs. If this issue is still relevant, please leave a comment to let us know, and the stale label will be automatically removed.