Test new job

manifests/cluster-secret-store/cicd/bootstrap-job.yaml

@@ -33,7 +33,8 @@ spec:
             allowPrivilegeEscalation: false
             readOnlyRootFilesystem: true
             capabilities:
-              drop: ["ALL"]
+              drop:
+                - ALL
           env:
             - name: VAULT_ADDR
               value: "http://vault.dev-tools.svc.cluster.local:8200"
@@ -42,7 +43,9 @@ spec:
                 secretKeyRef:
                   name: vault-admin-token
                   key: token
-          command: ["/bin/sh","-c"]
+          command:
+            - /bin/sh
+            - -c
           args:
             - |
               set -e
@@ -58,12 +61,11 @@ spec:
                 sleep 2
               done
 
-              # vault secrets enable -version=2 -path=cicd kv 2>/dev/null || true
-
               cat >/tmp/policy.hcl <<'EOF'
-path "cicd/metadata/*" { capabilities = ["list"] }
+              path "cicd/metadata/*" { capabilities = ["list"] }
-path "cicd/data/*"     { capabilities = ["read"] }
+              path "cicd/data/*"     { capabilities = ["read"] }
-EOF
+              EOF
+
               vault policy write eso-cicd-read /tmp/policy.hcl || true
 
               vault write auth/kubernetes/role/eso-cicd \