chore(minio): set pod security standards

minio/justfile

@@ -100,6 +100,10 @@ install:
         redirect_url="https://${MINIO_HOST}/oauth_callback,https://${MINIO_CONSOLE_HOST}/oauth_callback"
     just add-keycloak-minio-policy
     just create-namespace
+
+    kubectl label namespace ${MINIO_NAMESPACE} \
+        pod-security.kubernetes.io/enforce=restricted --overwrite
+
     just create-root-credentials
     just add-helm-repo
     gomplate -f minio-values.gomplate.yaml -o minio-values.yaml
@@ -229,24 +233,6 @@ create-user user='' bucket='':
 
     echo "✅ MinIO user and bucket created for ${USER}"
 
-# Get MinIO credentials from Vault
-get-user-credentials user='':
-    #!/bin/bash
-    set -euo pipefail
-    USER="{{ user }}"
-
-    while [ -z "${USER}" ]; do
-        USER=$(gum input --prompt="Username: " --width=100 --placeholder="e.g., airbyte")
-    done
-
-    if helm status external-secrets -n ${EXTERNAL_SECRETS_NAMESPACE} &>/dev/null; then
-        echo "Getting MinIO credentials for ${USER} from Vault..."
-        just vault::get ${USER}/minio
-    else
-        echo "External Secrets not available. Please check the credentials manually."
-        exit 1
-    fi
-
 # Grant policy to user for specific operations
 grant-policy user='' policy='':
     #!/bin/bash