[FEATURE] Infisical Env Action

action.yml

@@ -0,0 +1,32 @@
+# Based on https://github.com/zerodays/action-infisical/blob/master/action.yml
+name: 'Elysium Infisical Secrets'
+description: 'Fetch secrets from Infisical and add them to the env'
+inputs:
+  infisical-token:
+    description: 'Infisical API Token'
+    required: true
+  workspace-id:
+    description: 'Infisical Workspace ID'
+    required: true
+  environment:
+    description: 'The environment to fetch secrets for (e.g., staging, production)'
+    required: true
+  secret-path:
+    description: 'Secret path (defaults to /)'
+    required: false
+    default: '/'
+  api-url:
+    description: 'Infisical API URL (defaults to https://infisical.dunemask.dev)'
+    required: false
+    default: 'https://infisical.dunemask.dev'
+runs:
+  using: 'composite'
+  steps:
+    - name: Fetch secrets from Infisical and add them to the environment
+      shell: bash
+      run: |
+        curl "${{ inputs.api-url }}/api/v3/secrets/raw?environment=${{ inputs.environment }}&secretPath=${{ inputs.secret-path }}&workspaceId=${{ inputs.workspace-id }}" \
+        --header "Authorization: Bearer ${{ inputs.infisical-token }}" \
+        | jq -r '.secrets[] | "\(.secretKey)=\(.secretValue)"' > $GITHUB_ENV
+    - shell: bash
+      run: echo "Secrets added to environment!".