fix: update MySQL To use GitHub secrets

Author: Pipatq

k8s-gcp/database/password-change-job.yaml

@@ -2,10 +2,10 @@
 # DATABASE CREDENTIALS SECRET
 # ============================================
 # Contains MySQL root password, database name, user, and password
-# NOTE: In production, use proper secret management (Sealed Secrets, External Secrets Operator, etc.)
+# Values are injected from GitHub Secrets and encoded to base64 during deployment
 # 
-# To update values:
-# echo -n 'your-value' | base64
+# GitHub Secrets should store PLAIN TEXT values, not base64
+# The workflow will encode them using: echo -n 'value' | base64
 apiVersion: v1
 kind: Secret
 metadata:
@@ -15,12 +15,9 @@ metadata:
     app: apartment-system
     component: database
 type: Opaque
-data:
-  # Default values (base64 encoded):
-  # root-password: from GitHub Secret MYSQL_ROOT_PASSWORD
-  # database: from GitHub Secret MYSQL_DATABASE
-  # username: from GitHub Secret MYSQL_USERNAME
-  # password: from GitHub Secret MYSQL_PASSWORD
+stringData:
+  # Using stringData instead of data - Kubernetes will auto-encode to base64
+  # GitHub Secrets should contain plain text values
   root-password: ${MYSQL_ROOT_PASSWORD}
   database: ${MYSQL_DATABASE}
   username: ${MYSQL_USERNAME}