upstream/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2026-02-18 18:38:08 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions 5

docs/vault-k8s: updates for the Vault Agent Injector v1.7.0 release (#31144)

Browse source
This commit is contained in:
Theron Voran 2025-07-14 12:04:56 -07:00 committed by GitHub
parent c3ee0a26ff
commit c925ab9c00
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 6 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
website/content/docs/deploy/kubernetes/injector/annotations.mdx
View file

@ -28,7 +28,7 @@ them, optional commands to run, etc.
- `vault.hashicorp.com/agent-image` - name of the Vault docker image to use. This
value overrides the default image configured in the injector and is usually
not needed. Defaults to `hashicorp/vault:1.18.5`.
not needed. Defaults to `hashicorp/vault:1.19.5`.
- `vault.hashicorp.com/agent-init-first` - configures the pod to run the Vault Agent
init container first if `true` (last if `false`). This is useful when other init
@ -129,6 +129,11 @@ them, optional commands to run, etc.
active, and idle states. See [Vault Agent Template Config](/vault/docs/agent-and-proxy/agent/template#global-configurations)
for more details.
- `vault.hashicorp.com/template-lease-renewal-threshold` - If specified, configures how long Vault Agent's template
engine should wait to refresh dynamic, non-renewable leases, measured as a fraction of the lease
duration (e.g. `0.9`). See [Vault Agent Template Config](/vault/docs/agent-and-proxy/agent/template#global-configurations)
for more details.
- `vault.hashicorp.com/agent-extra-secret` - mounts Kubernetes secret as a volume at
`/vault/custom` in the sidecar/init containers. Useful for custom Agent configs with
auto-auth methods such as approle that require paths to secrets be present.