#!/usr/bin/env bash
set -euo pipefail
export VAULT_ADDR="https://vault.internal:8200"
export VAULT_TOKEN="${VAULT_TOKEN:?missing VAULT_TOKEN}"
# === Vault Agent Injector: Auto-inject secrets into pods ===
apiVersion: apps/v1
kind: Deployment
metadata:
name: api-server
namespace: production