Feature request: add --password-file-reload flag to pick up refreshed tokens

[vaibhavdesai137]

• We have been using the --password-file flag to read a token generated by vault injector. This has been working great
• Going forward, we'll switch to Vault Dynamic Engine which mints short lived tokens and are automatically rotated
• Current behavior of --password-file is to read the token once, store in-memory and keep reusing for all subsequent calls. This will no longer work with dynamic engine because the token would have changed
• Requesting the addition of --password-file-reload boolean flag which when set will always read the token from file system during each sync cycle. Default value will be false so the change will be backward compatibility

I am already working on the change. Will open a PR soon. Thanks.

[vaibhavdesai137]

Open to suggestions for a different flag name. I chose --password-file-reload because it groups lexically with existing flag --password-file :)

[thockin]

We have --askpass-url which (I think?) is a pretty standard way for git to do dynamic credentials.

Do you think we should piggy-back on that? e.g. tell users to run a tiny webserver which serves the password in the usual form? That feels heavy.

Will look at your PR