DCJ-472: Migrate render-configs.sh to use GSM

[fboulnois]

Addresses

https://broadworkbench.atlassian.net/browse/DCJ-472

Summary of changes

Switches the default secret manager to GSM, using @pshapiro4broad 's existing branch as a base.

Testing Strategy

Compared Vault and GSM outputs in VScode.

[rushtong]

👍🏽

[okotsopoulos]

Thank you! Off of a freshly restarted computer, I pulled your feature branch down, ran this script with the inputs suggested in its documentation, and was successfully able to ./gradlew bootRun TDR.

Both of my suggestions can be considered optional.

[okotsopoulos]

I like leaving this backdoor to Vault for the time being. Should we also include it in the script documentation above?

Better yet, I think this script would also benefit from a usage command like you added for the DB connect script. But it would be fair to call that improvement OOS.

[fboulnois]

I initially had this in, but I think we should not encourage the use of Vault through a CLI argument, hence why I removed it. Relatedly my idea was once this change was merged and we were comfortable with GSM then I would make a separate PR that deprecates Vault completely and removes this and the other codepaths.

[fboulnois]

I created https://broadworkbench.atlassian.net/browse/DCJ-526 to address these items.

[okotsopoulos]

(Can be considered OOS -- previously existing documentation bug.)

I think this z-shell command and the one on line 13 are incorrect: for me, it works as source ~/.zshrc. If you'd like to fix these while in the neighborhood, please feel free.

[fboulnois]

I'll say this one is out-of-scope for now, but in general these instructions make some assumptions about how the developer has set up their shell (e.g. I use Bash, not ZSH) which I'm not super comfortable with. Perhaps worth reviewing when we fully deprecate the Vault codepath?