HashiCorp changed their license, and it's no longer free/libre software.
One of the highest priorities of this project is to minimize
the usage of non-free software as much as possible, so I don't really
want to keep Vault, especially considering the next point.
Vault is fairly complex to maintain properly. This project only uses
Vault for two things: basic key-value secret store and its API to
create and manage secrets dynamically. With the new Kubernetes secret
provider in External Secrets, both features can be replaced with
Kubernetes's built-in secrets and API server.
A related goal of using Vault as an identity provider for SSO will be
discarded, and we'll use Authelia instead, which has a beta identity
provider feature (or use another alternative).