Add the ability to optionally deploy the vault-agent container with the new K8s sidecar config

[bcarlock-mycarrier]

Preflight Checklist

• [X] I have searched the issue tracker for an issue that matches the one I want to file, without success.
• [X] I agree to follow the Code of Conduct.

Problem Description

The current method of deploying the vault agent container causes a race condition in some situations where the workload container must restart a few times while the vault-agent container pulls secrets. Specifically, in our case, we're starting dotnet core applications that read from a generated secrets file that is maintained by vault-agent. When the vault agent is slow to start the application container throws sigterm and must restart.

Proposed Solution

If you add the option to start the agent container using the Kubernetes native sidecar config (introduced in K8s 1.28) we would be able to avoid these restarts.

Alternatives Considered

Currently we just let the application container crash repeatedly until vault agent is ready.

Additional Information

No response

[github-actions[bot]]

Thank you for your contribution! This issue has been automatically marked as stale because it has no recent activity in the last 60 days. It will be closed in 20 days, if no further activity occurs. If this issue is still relevant, please leave a comment to let us know, and the stale label will be automatically removed.

[github-actions[bot]]

This issue has been marked stale for 20 days, and is now closed due to inactivity. If the issue is still relevant, please re-open this issue or file a new one. Thank you!