Vault agent injector 1.6.0 ignoring security context user groups

[alishab02]

Good afternoon,
When deploying Vault Agent Injector v1.6.0 (via helm chart 0.29.1), the sidecar does not respect the pods security context when using the vault.hashicorp.com/agent-inject-token: true annotation, preventing the pod from picking up the token.

The previous deployed version of Vault Agent Injector v1.2.1 (via helm chart 0.25.0) presented no such issue and created the token file with the following permissions:
-rw-r----- 1 100 nonroot 95 Dec 11 13:44 /vault/secrets/token

Whereas version v1.6.0 presented the following permissions:
-rw-r----- 1 100 1000 95 Dec 10:53 /vault/secrets/token

To Reproduce

1. Deploy vault agent injector 1.6.0 via helm chart 0.29.1
2. Shell into the pod
3. cat /vault/secrets/token
4. permission denied / Error: no vault token set on Client (in-pod logs)

Expected behavior
The pod should use the permissions set in the securityContext and be able to view /vault/secrets/token

Environment

• Kubernetes version: v1.26.5+k3s1
• vault-k8s version: 1.6.0

[cmeury]

We're also affected by this. What would be useful is a way to control the mode parameter of the auto-auth file sinks for the tokens an annotation like:

vault.hashicorp.com/agent-auto-auth-file-sink-mode: 644

Or:

vault.hashicorp.com/agent-inject-token-file-mode: 644