dev-tools/manifests/cluster-secret-store/vault-oidc-secrets.yaml

apiVersion: external-secrets.io/v1beta1
kind: ClusterSecretStore
metadata:
  name: vault-oidc-secrets
spec:
  provider:
    vault:
      server: http://vault.dev-tools.svc.cluster.local:8200
      path: oidc-secrets
      version: v2
      auth:
        kubernetes:
          mountPath: kubernetes
          role: eso-oidc
          serviceAccountRef:
            name: external-secrets
            namespace: dev-tools