elysium-actions/action.yml

# Based on https://github.com/zerodays/action-infisical/blob/master/action.yml
name: 'Elysium Infisical Secrets'
description: 'Fetch secrets from Infisical and add them to the env'
inputs:
  infisical-token:
    description: 'Infisical API Token'
    required: true
  workspace-id:
    description: 'Infisical Workspace ID'
    required: true
  environment:
    description: 'The environment to fetch secrets for (e.g., staging, production)'
    required: true
  secret-path:
    description: 'Secret path (defaults to /)'
    required: false
    default: '/'
  api-url:
    description: 'Infisical API URL (defaults to https://infisical.dunemask.dev)'
    required: false
    default: 'https://infisical.dunemask.dev'
runs:
  using: 'composite'
  steps:
    - name: Fetch secrets from Infisical and add them to the environment
      shell: bash
      run: |
        curl "${{ inputs.api-url }}/api/v3/secrets/raw?environment=${{ inputs.environment }}&secretPath=${{ inputs.secret-path }}&workspaceId=${{ inputs.workspace-id }}" \
        --header "Authorization: Bearer ${{ inputs.infisical-token }}" \
        | jq -r '.secrets[] | "\(.secretKey)=\(.secretValue)"' > $GITHUB_ENV
    - shell: bash
      run: echo "Secrets added to environment!".
[FEATURE] Infisical Env Action 2024-02-13 23:37:58 -07:00			`# Based on https://github.com/zerodays/action-infisical/blob/master/action.yml`
			`name: 'Elysium Infisical Secrets'`
			`description: 'Fetch secrets from Infisical and add them to the env'`
			`inputs:`
			`infisical-token:`
			`description: 'Infisical API Token'`
			`required: true`
			`workspace-id:`
			`description: 'Infisical Workspace ID'`
			`required: true`
			`environment:`
			`description: 'The environment to fetch secrets for (e.g., staging, production)'`
			`required: true`
			`secret-path:`
			`description: 'Secret path (defaults to /)'`
			`required: false`
			`default: '/'`
			`api-url:`
			`description: 'Infisical API URL (defaults to https://infisical.dunemask.dev)'`
			`required: false`
			`default: 'https://infisical.dunemask.dev'`
			`runs:`
			`using: 'composite'`
			`steps:`
			`- name: Fetch secrets from Infisical and add them to the environment`
			`shell: bash`
			`run: \|`
			`curl "${{ inputs.api-url }}/api/v3/secrets/raw?environment=${{ inputs.environment }}&secretPath=${{ inputs.secret-path }}&workspaceId=${{ inputs.workspace-id }}" \`
			`--header "Authorization: Bearer ${{ inputs.infisical-token }}" \`
			`\| jq -r '.secrets[] \| "\(.secretKey)=\(.secretValue)"' > $GITHUB_ENV`
			`- shell: bash`
			`run: echo "Secrets added to environment!".`