[StackOverflow/kubernetes] Vault Agent Injector: How to render secrets to a path without overwriting existing files there?

### ROOT CAUSE The Vault Agent Injector's `WriteFile` function does not check for existing files before writing secrets. This causes existing files to be overwritten during secret injection, which may be undesirable if the files are managed by other processes or contain critical data. ### CODE FIX Modify the `WriteFile` function in the Vault agent to check for existing files and skip writing if they exist. Here's the fix: ```go func WriteFile(path string, data []byte) error { // Check if the file exists if _, err := os.Stat(path); err == nil { log.Printf("File %s already exists, skipping write", path) return nil } // ... rest of the code to write the file ... } ``` This change ensures that the injector only writes secrets to paths where no existing files are present, preventing unintended overwrites. However, note that this may break scenarios where secret updates require file overwrites. In such cases, consider using a different secret injection path or implementing a custom file management strategy.