helm-prereqs/setup.sh: Temporal namespace creation silently suppresses all errors

[coderabbitai]

Summary

In helm-prereqs/setup.sh, the four temporal operator namespace create invocations for the cloud, site, flow, and per-site UUID namespaces unconditionally suppress all stderr output and exit codes via 2>/dev/null || true:

kubectl exec -n temporal deploy/temporal-admintools -- \
    sh -c "temporal operator namespace create -n cloud --retention 72h ..." 2>/dev/null || true

This pattern masks real setup faults such as TLS misconfiguration, authentication failures, and connectivity issues, breaking fail-fast behaviour and producing no actionable diagnostics. The script may proceed as if namespaces were created when they were not, causing downstream worker pods to enter a CrashLoop with Namespace '<ns>' is not found.

Affected lines

• helm-prereqs/setup.sh lines 633, 635, 638 (cloud / site / flow namespaces)
• helm-prereqs/setup.sh line 766 (per-site NICO_SITE_UUID namespace)

Expected behaviour

Namespace creation commands should:

1. Be idempotent — skip creation if the namespace already exists (via temporal operator namespace describe).
2. Propagate genuine errors (TLS, auth, connectivity) rather than suppressing them.
3. Emit a clear diagnostic message on failure, consistent with the helm-prereqs/** coding guidelines requiring idempotency and clear failure messages.

References

• PR: fix(setup.sh): set Temporal namespace retention on create #2675
• Review comment: fix(setup.sh): set Temporal namespace retention on create #2675 (comment)

Raised by @ajf.