Code reviewed; Package versions updated to latest (incl. Django 6)

scripts/deploy-django-secret.sh

@@ -1,201 +0,0 @@
-#!/bin/bash
-
-# deploy-django-secret.sh
-# Script to generate a secure Django SECRET_KEY and deploy it to Kubernetes
-
-set -euo pipefail
-
-# Configuration
-NAMESPACE="${NAMESPACE:-vorgabenui}"
-SECRET_NAME="vorgabenui-secrets"
-SECRET_KEY_NAME="vorgabenui_secret"
-K8S_DIR="$(dirname "$0")/../k8s"
-SECRET_YAML="$K8S_DIR/django-secret.yaml"
-
-# Colors for output
-RED='\033[0;31m'
-GREEN='\033[0;32m'
-YELLOW='\033[1;33m'
-NC='\033[0m' # No Color
-
-# Logging functions
-log_info() {
-    echo -e "${GREEN}[INFO]${NC} $1"
-}
-
-log_warn() {
-    echo -e "${YELLOW}[WARN]${NC} $1"
-}
-
-log_error() {
-    echo -e "${RED}[ERROR]${NC} $1"
-}
-
-# Function to generate a secure Django SECRET_KEY
-generate_secret_key() {
-    # Generate a 50-character secret key using Python (same as Django's default)
-    python3 -c "
-import secrets
-import string
-
-# Django-style secret key generation
-chars = string.ascii_letters + string.digits + '!@#$%^&*(-_=+)'
-print(''.join(secrets.choice(chars) for _ in range(50)))
-"
-}
-
-# Function to check if kubectl is available
-check_kubectl() {
-    if ! command -v kubectl &> /dev/null; then
-        log_error "kubectl is not installed or not in PATH"
-        exit 1
-    fi
-}
-
-# Function to check if Python3 is available
-check_python() {
-    if ! command -v python3 &> /dev/null; then
-        log_error "python3 is not installed or not in PATH"
-        exit 1
-    fi
-}
-
-# Function to create the secret
-create_secret() {
-    local secret_key="$1"
-    local encoded_key
-    
-    # Base64 encode the secret key
-    encoded_key=$(echo -n "$secret_key" | base64 -w 0)
-    
-    log_info "Creating Kubernetes secret '$SECRET_NAME' in namespace '$NAMESPACE'..."
-    
-    # Create the secret directly with kubectl
-    kubectl create secret generic "$SECRET_NAME" \
-        --from-literal="$SECRET_KEY_NAME=$secret_key" \
-        --namespace="$NAMESPACE" \
-        --dry-run=client -o yaml | kubectl apply -f -
-    
-    if [ $? -eq 0 ]; then
-        log_info "Successfully created/updated secret '$SECRET_NAME'"
-    else
-        log_error "Failed to create/update secret '$SECRET_NAME'"
-        exit 1
-    fi
-}
-
-# Function to verify the secret
-verify_secret() {
-    log_info "Verifying secret deployment..."
-    
-    if kubectl get secret "$SECRET_NAME" --namespace="$NAMESPACE" &> /dev/null; then
-        log_info "Secret '$SECRET_NAME' exists in namespace '$NAMESPACE'"
-        
-        # Show secret (without revealing the actual key)
-        kubectl describe secret "$SECRET_NAME" --namespace="$NAMESPACE"
-        return 0
-    else
-        log_error "Secret '$SECRET_NAME' not found in namespace '$NAMESPACE'"
-        return 1
-    fi
-}
-
-# Function to show usage
-show_usage() {
-    echo "Usage: $0 [OPTIONS]"
-    echo ""
-    echo "Options:"
-    echo "  -n, --namespace NAMESPACE    Kubernetes namespace (default: vorgabenui)"
-    echo "  -s, --secret-name NAME       Secret name (default: django-secrets)"
-    echo "  -k, --key-name NAME          Secret key name (default: django-secret-key)"
-    echo "  -h, --help                   Show this help message"
-    echo ""
-    echo "Environment variables:"
-    echo "  NAMESPACE                    Override default namespace"
-    echo ""
-    echo "Examples:"
-    echo "  $0                           # Deploy to vorgabenui namespace"
-    echo "  $0 -n production             # Deploy to production namespace"
-    echo "  NAMESPACE=staging $0         # Deploy to staging namespace"
-}
-
-# Parse command line arguments
-while [[ $# -gt 0 ]]; do
-    case $1 in
-        -n|--namespace)
-            NAMESPACE="$2"
-            shift 2
-            ;;
-        -s|--secret-name)
-            SECRET_NAME="$2"
-            shift 2
-            ;;
-        -k|--key-name)
-            SECRET_KEY_NAME="$2"
-            shift 2
-            ;;
-        -h|--help)
-            show_usage
-            exit 0
-            ;;
-        *)
-            log_error "Unknown option: $1"
-            show_usage
-            exit 1
-            ;;
-    esac
-done
-
-# Main execution
-main() {
-    log_info "Django SECRET_KEY Deployment Script"
-    log_info "==================================="
-    log_info "Namespace: $NAMESPACE"
-    log_info "Secret Name: $SECRET_NAME"
-    log_info "Secret Key Name: $SECRET_KEY_NAME"
-    echo ""
-    
-    # Perform checks
-    check_kubectl
-    check_python
-    
-    # Generate new secret key
-    log_info "Generating new Django SECRET_KEY..."
-    SECRET_KEY=$(generate_secret_key)
-    
-    if [ -z "$SECRET_KEY" ]; then
-        log_error "Failed to generate secret key"
-        exit 1
-    fi
-    
-    log_info "Generated secret key (first 10 chars): ${SECRET_KEY:0:10}..."
-    
-    # Create namespace if it doesn't exist
-    if ! kubectl get namespace "$NAMESPACE" &> /dev/null; then
-        log_warn "Namespace '$NAMESPACE' does not exist, creating..."
-        kubectl create namespace "$NAMESPACE"
-    fi
-    
-    # Create the secret
-    create_secret "$SECRET_KEY"
-    
-    # Verify deployment
-    verify_secret
-    
-    echo ""
-    log_info "Deployment completed successfully!"
-    log_info "To use this secret in your Django deployment, add the following to your pod spec:"
-    echo ""
-    echo "    env:"
-    echo "    - name: VORGABENUI_SECRET"
-    echo "      valueFrom:"
-    echo "        secretKeyRef:"
-    echo "          name: $SECRET_NAME"
-    echo "          key: $SECRET_KEY_NAME"
-    echo ""
-    log_warn "The old secret key in settings.py has been replaced with environment variable lookup."
-    log_warn "Make sure your Django deployment uses the environment variable before deploying."
-}
-
-# Run main function
-main

scripts/deploy_secret.sh

@@ -3,7 +3,7 @@
 
 NAMESPACE="vorgabenui"
 SECRET_NAME="django-secret"
-SECRET_FILE="argocd/secret.yaml"
+SECRET_FILE="templates/secret.yaml"
 
 # Check if secret file exists
 if [ ! -f "$SECRET_FILE" ]; then