From dfd631fa3c9a348585f34d1bd05863064a6c22a3 Mon Sep 17 00:00:00 2001
From: dvirlabs <114520947+dvirlabs@users.noreply.github.com>
Date: Sun, 28 Sep 2025 22:26:34 +0300
Subject: [PATCH] Test new job

---
 .../cluster-secret-store/cicd/bootstrap-job.yaml | 16 +++++++++-------
 1 file changed, 9 insertions(+), 7 deletions(-)

diff --git a/manifests/cluster-secret-store/cicd/bootstrap-job.yaml b/manifests/cluster-secret-store/cicd/bootstrap-job.yaml
index a659ceb..28c96fa 100644
--- a/manifests/cluster-secret-store/cicd/bootstrap-job.yaml
+++ b/manifests/cluster-secret-store/cicd/bootstrap-job.yaml
@@ -33,7 +33,8 @@ spec:
             allowPrivilegeEscalation: false
             readOnlyRootFilesystem: true
             capabilities:
-              drop: ["ALL"]
+              drop:
+                - ALL
           env:
             - name: VAULT_ADDR
               value: "http://vault.dev-tools.svc.cluster.local:8200"
@@ -42,7 +43,9 @@ spec:
                 secretKeyRef:
                   name: vault-admin-token
                   key: token
-          command: ["/bin/sh","-c"]
+          command:
+            - /bin/sh
+            - -c
           args:
             - |
               set -e
@@ -58,12 +61,11 @@ spec:
                 sleep 2
               done
 
-              # vault secrets enable -version=2 -path=cicd kv 2>/dev/null || true
-
               cat >/tmp/policy.hcl <<'EOF'
-path "cicd/metadata/*" { capabilities = ["list"] }
-path "cicd/data/*"     { capabilities = ["read"] }
-EOF
+              path "cicd/metadata/*" { capabilities = ["list"] }
+              path "cicd/data/*"     { capabilities = ["read"] }
+              EOF
+
               vault policy write eso-cicd-read /tmp/policy.hcl || true
 
               vault write auth/kubernetes/role/eso-cicd \