diff --git a/manifests/deployment.yaml b/manifests/deployment.yaml
index 12be09b..39f264f 100644
--- a/manifests/deployment.yaml
+++ b/manifests/deployment.yaml
@@ -17,6 +17,93 @@ spec:
     spec:
       serviceAccountName: openclaw
 
+      initContainers:
+        - name: secret-injector
+          image: default-route-openshift-image-registry.apps.lab.apilab.us/openclaw/openclaw:latest
+          command: ["/bin/sh", "-c"]
+          args:
+            - |
+              set -e
+              JS=/home/node/.openclaw/openclaw.json
+              GATEWAY_TOKEN=$(cat /run/secrets/gateway-token/token)
+              HOOKS_TOKEN=$(cat /run/secrets/hooks-token/token)
+              TELEGRAM_BOT_TOKEN=$(cat /run/secrets/telegram-bot-token/token)
+
+              # Bootstrap a minimal config if none exists yet
+              if [ ! -f $JS ]; then
+                node /app/openclaw.mjs onboard --non-interactive --accept-risk \
+                  --gateway-port 18789 --gateway-bind lan \
+                  --skip-daemon --skip-channels --skip-skills --skip-health --skip-ui
+              fi
+
+              # Patch openclaw.json with tokens sourced from OCP secrets
+              node -e "
+                const fs = require('fs');
+                const gatewayToken = '$GATEWAY_TOKEN';
+                const hooksToken  = '$HOOKS_TOKEN';
+                const telegramBotToken = '$TELEGRAM_BOT_TOKEN';
+
+                const d = JSON.parse(fs.readFileSync('$JS', 'utf8'));
+
+                // Gateway token (env var)
+                d.gateway = d.gateway || {};
+                d.gateway.token = gatewayToken;
+
+                // Hooks token + mappings (idempotent)
+                if (!d.hooks || !d.hooks.token) {
+                  d.hooks = {
+                    enabled: true,
+                    path: '/hooks',
+                    token: hooksToken,
+                    allowRequestSessionKey: false,
+                    mappings: [
+                      {
+                        id: 'ocp-alerts',
+                        match: { path: '/ocp-alerts' },
+                        action: 'agent',
+                        name: 'OCP Alerts',
+                        sessionKey: 'hook:ocp-alerts',
+                        messageTemplate: 'You are an OCP cluster alert analyst for a Single Node OpenShift lab. An alert has fired. Compose a brief narrative notification and reply with ONLY the notification text — no preamble, no markdown, no tool calls.\n\nAlert details:\n- Name: {{groupLabels.alertname}}\n- Namespace: {{commonLabels.namespace}}\n- Severity: {{commonLabels.severity}}\n- Status: {{status}}\n- Summary: {{commonAnnotations.summary}}\n\nRules:\n1. If alertname contains \'Watchdog\': reply NO_REPLY and nothing else.\n2. Classify and write one of:\n  - ACTIONABLE firing: \"🔴 [pod/component] is [what\'s wrong] in [namespace]. [One sentence likely cause]. Would you like me to take action?\"\n  - RESOLVED: \"✅ Good news — [what] in [namespace] has resolved.\"\n  - INFORMATIONAL: \"ℹ️ Heads up — [brief narrative].\"\n3. Plain text only. No bullet points. No markdown. Under 3 sentences.',
+                        deliver: true,
+                        allowUnsafeExternalContent: true,
+                        channel: 'telegram',
+                        to: '6479169830',
+                        model: 'haiku',
+                        timeoutSeconds: 60
+                      }
+                    ]
+                  };
+                }
+
+                // Telegram bot token
+                d.channels = d.channels || {};
+                d.channels.telegram = d.channels.telegram || {};
+                d.channels.telegram.botToken = telegramBotToken;
+                d.channels.telegram.enabled = true;
+
+                fs.writeFileSync('$JS', JSON.stringify(d, null, 2));
+              "
+
+              echo "secret-injector: openclaw.json patched from OCP secrets"
+          volumeMounts:
+            - name: home
+              mountPath: /home/node
+          env:
+            - name: TZ
+              value: "Australia/Sydney"
+          resources:
+            requests:
+              cpu: "10m"
+              memory: "32Mi"
+            limits:
+              cpu: "100m"
+              memory: "64Mi"
+          securityContext:
+            runAsUser: 1000950000
+            runAsNonRoot: true
+            allowPrivilegeEscalation: false
+            readOnlyRootFilesystem: false
+
       containers:
         - name: openclaw
           image: default-route-openshift-image-registry.apps.lab.apilab.us/openclaw/openclaw:latest
@@ -25,13 +112,11 @@ spec:
           args:
             - |
               set -e
-              # Bootstrap if config doesn't exist
               if [ ! -f ~/.openclaw/openclaw.json ]; then
                 node /app/openclaw.mjs onboard --non-interactive --accept-risk \
                   --gateway-port 18789 --gateway-bind lan \
                   --skip-daemon --skip-channels --skip-skills --skip-health --skip-ui
               fi
-              # Run the gateway
               exec node /app/openclaw.mjs gateway --port 18789 --bind lan
           ports:
             - name: gateway
@@ -51,7 +136,10 @@ spec:
             - name: NODE_OPTIONS
               value: "--dns-result-order=ipv4first --no-network-family-autoselection --import /home/node/canvas-patch.mjs"
             - name: OPENCLAW_GATEWAY_TOKEN
-              value: 356a221b029c582ea983c21b8b01a6689fafb1e0182e8af7
+              valueFrom:
+                secretKeyRef:
+                  name: gateway-token
+                  key: token
             - name: GITHUB_TOKEN
               valueFrom:
                 secretKeyRef: