Comment 3 for bug 1895185

A closer look at the code shows that Brad is 100% correct. The vault charm completely ignores the secrets relation binding and is checking either or both access and external extra bindings.

See [0] which originally introduced the external extra binding.

Triage:

1) Update vault-kv interface to stop verifying the binding. The charm not the interface should be responsible for this.
2) Revamp vault.get_vip
3) Revamp the handler for send_vault_url_and_ca
Priority in this order:
* External binding
* Check the secrets relation binding
* Check access binding

Keep the original goal of [0] in mind. Enabling publishing an external access vip.

[0] https://github.com/openstack/charm-vault/commit/c7e2c531ec9038c0f9b4b8405b76624a6c271558