Remove hardcoded PostgreSQL password from setup script

johnmathews · claude · johnmathews · commit f05eccdaae5d · 2026-03-30T16:29:28.000+02:00
Read PG_PASSWORD from environment variable instead of hardcoding
in the script. The script now fails with a clear error if the
variable is not set. The old password was exposed in git history
on a public repo and should be rotated.

Co-Authored-By: Claude Opus 4.6 (1M context) &lt;noreply@anthropic.com&gt;
diff --git a/infra/setup.sh b/infra/setup.sh
@@ -11,8 +11,10 @@
 # Prerequisites:
 #   - az cli logged in
 #   - Sufficient quota (4 vCPU in westeurope)
+#   - PG_PASSWORD environment variable set
 #
 # Usage:
+#   export PG_PASSWORD="your-secure-password"
 #   ./infra/setup.sh
 
 set -euo pipefail
@@ -23,7 +25,7 @@ ACR_NAME="acrdocumentstream"
 AKS_NAME="DocumentStreamManagedCluster"
 PG_NAME="documentstream-pg"
 PG_ADMIN="documentstream"
-PG_PASSWORD="REDACTED"
+PG_PASSWORD="${PG_PASSWORD:?Set PG_PASSWORD environment variable before running this script}"
 STORAGE_NAME="documentstreamstorage"
 BLOB_CONTAINER="documents"
 
