ut-code
diff --git a/‎.dockerignore‎
Lines changed: 0 additions & 1 deletion b/‎.dockerignore‎
Lines changed: 0 additions & 1 deletion
diff --git a/‎CLAUDE.md‎
Lines changed: 4 additions & 0 deletions b/‎CLAUDE.md‎
Lines changed: 4 additions & 0 deletions
diff --git a/‎Dockerfile‎
Lines changed: 4 additions & 2 deletions b/‎Dockerfile‎
Lines changed: 4 additions & 2 deletions
diff --git a/‎scripts/docker-build.sh‎
Lines changed: 10 additions & 0 deletions b/‎scripts/docker-build.sh‎
Lines changed: 10 additions & 0 deletions
diff --git a/‎src/routes/(site)/+page.server.ts‎
Lines changed: 0 additions & 2 deletions b/‎src/routes/(site)/+page.server.ts‎
Lines changed: 0 additions & 2 deletions
diff --git a/‎src/routes/(site)/about/+page.ts‎
Lines changed: 0 additions & 1 deletion b/‎src/routes/(site)/about/+page.ts‎
Lines changed: 0 additions & 1 deletion
diff --git a/‎src/routes/(site)/about/faq/+page.ts‎
Lines changed: 0 additions & 1 deletion b/‎src/routes/(site)/about/faq/+page.ts‎
Lines changed: 0 additions & 1 deletion
diff --git a/‎src/routes/(site)/activities/+page.ts‎
Lines changed: 0 additions & 1 deletion b/‎src/routes/(site)/activities/+page.ts‎
Lines changed: 0 additions & 1 deletion
diff --git a/‎src/routes/(site)/donation/+page.ts‎
Lines changed: 0 additions & 1 deletion b/‎src/routes/(site)/donation/+page.ts‎
Lines changed: 0 additions & 1 deletion
diff --git a/‎src/routes/(site)/join/+page.ts‎
Lines changed: 0 additions & 1 deletion b/‎src/routes/(site)/join/+page.ts‎
Lines changed: 0 additions & 1 deletion
@@ -7,6 +7,5 @@ build
 .env.*
 !.env.sample
 .sops-age-key.txt
-secrets.dev.yaml
 *.db
 .git
@@ -132,3 +132,7 @@ run `bun tidy` after you finish your work. i.e. before commit
   ```
 
 For detailed coding standards (import order, async patterns, naming conventions), see `docs/knowledges/coding-standards.md`.
+
+# Requirements
+
+do NOT read sops secrets. do NOT read .env.
@@ -22,16 +22,18 @@ RUN bun run prepare
 
 # Build with sops secrets
 ARG SOPS_AGE_KEY
+ARG SECRETS_FILE=secrets.prod.yaml
 ENV SOPS_AGE_KEY=${SOPS_AGE_KEY}
-RUN sops exec-env secrets.prod.yaml 'bun run build'
+RUN sops exec-env ${SECRETS_FILE} 'bun run build'
 
 FROM base AS executor
 WORKDIR /app
+ARG SECRETS_FILE=secrets.prod.yaml
 
 # Copy built application
 COPY --from=builder /app/build ./build
 COPY --from=builder /app/package.json ./
-COPY secrets.prod.yaml ./secrets.yaml
+COPY ${SECRETS_FILE} ./secrets.yaml
 
 # Copy drizzle migration files and config
 COPY --from=builder /app/drizzle ./drizzle
 
@@ -0,0 +1,10 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+SECRETS_FILE="${1:-secrets.dev.yaml}"
+
+SOPS_AGE_KEY=$(cat .sops-age-key.txt)
+docker build \
+  --build-arg SOPS_AGE_KEY="$SOPS_AGE_KEY" \
+  --build-arg SECRETS_FILE="$SECRETS_FILE" \
+  .
@@ -13,5 +13,3 @@ export const load: PageServerLoad = async () => {
     allProjects,
   };
 };
-
-export const prerender = true;