I am very new to kubernetes and vault and am just now learning about vault-k8s. After reading the blog post about it I have a hopefully simple question. If I have an app that needs a dynamic secret and I choose to use vault-k8s to provide that secret, does that mean that the secret is written to disk on the app’s container? If so, isn’t that a security concern? I thought the best place to store a secret was temporarily in memory? I feel that I am missing something because to me it seems like if an attacker could get access to the file system, then they could potentially get access to sensitive credentials.