For background, see here.

If a container in a Pod fails, and the Pod is configured with a restartPolicy other than Never – which is the case for imageset and deprovision – then the container (not the pod) is restarted. This means that the file system configuration is preserved between runs. Since we project cred/cert Secrets onto directories as part of the provision/deprovision process, such a restart can result in a fast failure when we attempt to rewrite such a file when it already exists.

So when we run that code that projects the Secret(s) to the directory, we should delete any pre-existing incarnations of the files we encounter.