feat: add scripts/create-secrets.sh for bootstrapping k8s secrets

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-28 23:11:40 +01:00
parent 3278ef63b3
commit 92a8026bef
1 changed files with 20 additions and 0 deletions
--- a/scripts/create-secrets.sh
+++ b/scripts/create-secrets.sh
@@ -0,0 +1,20 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+NAMESPACE="shorefront"
+
+# --- Validate required env vars ---
+: "${POSTGRES_PASSWORD:?POSTGRES_PASSWORD is required}"
+: "${JWT_SECRET_KEY:?JWT_SECRET_KEY is required}"
+
+echo "Creating namespace '${NAMESPACE}' if it does not exist..."
+kubectl create namespace "${NAMESPACE}" --dry-run=client -o yaml | kubectl apply -f -
+
+echo "Creating/updating secret 'shorefront-secret' in namespace '${NAMESPACE}'..."
+kubectl create secret generic shorefront-secret \
+  --namespace "${NAMESPACE}" \
+  --from-literal="POSTGRES_PASSWORD=${POSTGRES_PASSWORD}" \
+  --from-literal="JWT_SECRET_KEY=${JWT_SECRET_KEY}" \
+  --dry-run=client -o yaml | kubectl apply -f -
+
+echo "Done. Secret 'shorefront-secret' is ready in namespace '${NAMESPACE}'."