Injecting vault secrets into SonarQube Pod Environment variable

I’m trying to install Sonarqube 8.2 in Kubernetes environment which needs PostgresSQL I’m using an external Postgres instance and I have the credentials kv secret set in Vault
Sonarqube helm chart creates an Environment variable in the container which takes the username and password for Postgres
How can I inject the secret from my Vault to environment variable of sonarqube pod running on Kubernetes?

Creating a Kubernetes secret and using the secret in the helm chart works, but we are managing all secrets on Vault and need Vault secrets to be injected into pods. I was inclined to use “Spec annotations” to have the Vault secrets injected, but this only creates a file under ‘/vault/secrets/’ on the Sonarqube pod but I’m not able to create an environment variable injection

Pleas help! Thanks