From 086f6a026339e91cfbeaf4a59d10af3b9e5d359f Mon Sep 17 00:00:00 2001
From: Theron Voran <tvoran@users.noreply.github.com>
Date: Mon, 15 Apr 2024 12:22:04 -0700
Subject: [PATCH 1/3] agent: allow setting auto-auth and vault.namespace
 separately

The new vault.namespace config option seems to always be overridden by
the auto-auth namespace, so add an extra check to allow them to be set
separately.
---
 command/agent.go | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/command/agent.go b/command/agent.go
index cc86bc051c62..7bab660ce313 100644
--- a/command/agent.go
+++ b/command/agent.go
@@ -328,6 +328,9 @@ func (c *AgentCommand) Run(args []string) int {
 			client.SetNamespace(config.AutoAuth.Method.Namespace)
 		}
 		templateNamespace = client.Namespace()
+		if !namespaceSetByEnvironmentVariable && config.Vault != nil && config.Vault.Namespace != "" {
+			templateNamespace = config.Vault.Namespace
+		}
 
 		sinkClient, err := client.CloneWithHeaders()
 		if err != nil {

From 8bec57025f9813cd68aec7b8af4524c7e7c105be Mon Sep 17 00:00:00 2001
From: Theron Voran <tvoran@users.noreply.github.com>
Date: Mon, 15 Apr 2024 12:26:42 -0700
Subject: [PATCH 2/3] changelog++

---
 changelog/26427.txt | 3 +++
 1 file changed, 3 insertions(+)
 create mode 100644 changelog/26427.txt

diff --git a/changelog/26427.txt b/changelog/26427.txt
new file mode 100644
index 000000000000..9e6877cbaf34
--- /dev/null
+++ b/changelog/26427.txt
@@ -0,0 +1,3 @@
+```release-note:bug
+agent: allow setting auto-auth and vault.namespace separately
+```

From debae7b9183fecc55ea747b330bb4a488cf994b7 Mon Sep 17 00:00:00 2001
From: Theron Voran <tvoran@users.noreply.github.com>
Date: Mon, 15 Apr 2024 13:47:05 -0700
Subject: [PATCH 3/3] Update changelog/26427.txt

Co-authored-by: Violet Hynes <violet.hynes@hashicorp.com>
---
 changelog/26427.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/changelog/26427.txt b/changelog/26427.txt
index 9e6877cbaf34..615e9e15f06a 100644
--- a/changelog/26427.txt
+++ b/changelog/26427.txt
@@ -1,3 +1,3 @@
 ```release-note:bug
-agent: allow setting auto-auth and vault.namespace separately
+agent: `vault.namespace` no longer gets incorrectly overridden by `auto_auth.namespace`, if set
 ```