HashiCorp has announced a new Kubernetes integration that enables applications with no native HashiCorp Vault logic built-in to leverage static and dynamic secrets sourced from Vault. This is made possible by a new tool called vault-k8s, which leverages the Kubernetes Mutating Admission Webhook to intercept and augment specifically annotated pod configuration for secrets injection using Init and Sidecar containers. With this integration, applications only need to find a secret at a filesystem path, rather than managing tokens or connecting to an external API for direct interaction with Vault. The tool supports various use-cases such as pre-populating secrets before an application starts, keeping secrets fresh by periodically checking in a sidecar container, and using Kubernetes Service Accounts tied to a Vault Policy for fine-grained control of secret injection without compromising security. The integration also includes flexible output formatting options using the Vault Agent template functionality, which can be used to format secret data into desired formats such as database connection strings. To get started with vault-k8s, users can install the latest Vault Helm Chart, which supports the new feature, and apply specific annotations to their pod configuration to enable secrets injection. The integration is designed to expand Kubernetes support for HashiCorp Vault and provide a variety of options for securely introducing secrets into workflows.