Define Consul version to test against in one place, and let it be overriden by environment.  Exception: some tests that verify interoperability with older Consul versions still specify a version explicitly. (#8901)

* add aws auth metadata changes to upgrade guide

- This is needed for building the final release.

The chart defines the `backend` stanza, so the `path` list should
just be path strings. More typos: `tls.hosts` is a list, not a
string.

* [auth/gcp] Add missing permission to documentation
Signed-off-by: Yong Wen Chua <lawliet89@users.noreply.github.com>

* Clarified group aliases

Move `iam_alias` and `gce_alias` to config instead of role

* database/mongodb: revert to old retry behavior

* add a default case for non-EOF errors

Ensure that the .vault-token file writen by `vault login` always has the correct permissions and ownership. (#8867)

* Handle request errors during raft snapshot

* add aliasmetadata sdk helper and add to aws auth

* split into ec2_metadata and iam_metadata fields

* fix tests

* strip pointer

* add test of default metadata

* more test <3

* switch from interface to custom marshallers

* add tests for marshalling

* store nil when selected fields are default

* separate loop into pieces

* separate acc test into multiple

* Update builtin/credential/aws/path_login.go
Co-Authored-By: Jim Kalafut <jkalafut@hashicorp.com>

* changes from feedback

* update aws test

* refactor to also populate auth metadata

* update how jsonification is tested

* only add populated metadata values

* add auth_type to ec2 logins
Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>

* token: disallow periods on custom token IDs

* docs: update token API docs