Setting up hashicorp vault in production with chef docker resource

Question

I am trying to setup hashicorp vault in production with chef cookbook. This is what I have in my recipes/default.rb

directory '/vault-docker' do
  action :create
end

cookbook_file '/vault-docker/config.hcl' do
  source 'config.hcl'
  action :create
end

cookbook_file '/vault-docker/local.json' do
  source 'local.json'
  action :create
end

docker_service 'default' do
  action [:create, :start]
end

docker_image 'vault' do
  action :pull
end

docker_container 'vault' do
  user 'root'
  repo 'vault'
  host_name 'vault'
  port '8200:8200'
  cap_add 'IPC_LOCK'
  volumes [ '/vault-docker/config.hcl:/vault/config/config.hcl' ]
  action [:run]
end

# bash 'vault' do
#   user 'root'
#   code <<-EOH
#     docker run -d -v /vault-docker/config.hcl:/vault/config/config.hcl --cap-add=IPC_LOCK \
#     -e 'VAULT_LOCAL_CONFIG={"backend": {"file": {"path": "/vault/file"}}, "default_lease_ttl": "168h", "max_lease_ttl": "720h"}' \
#      -p 8200:8200 vault server
#   EOH
# end

The config file looks like this

ui = true
disable_mlock = true

listener "tcp" {
  address     = "0.0.0.0:8200"
  tls_disable = "true"
}

api_addr = "http://127.0.0.1:8200"
cluster_addr = "https://127.0.0.1:8201"

Policyfile has

name 'vault'
default_source :supermarket
cookbook 'docker', '~> 7.7.0', :supermarket
run_list 'vault::default'
cookbook 'vault', path: '.'

When I run kitchen converge, it starts vault in a dev server mode rather than in production mode. If I uncomment the bash script in the recipes/default.rb, vault start in production mode as I expect. My question how do I get vault to start in production mode using the docker_container resource as I do not want to use bash script for that.

Link to chef docker resource https://supermarket.chef.io/cookbooks/docker#docker_volume