[CHORE] Adjust Action Logging

README.md

@@ -6,8 +6,9 @@ The actions are used by Elysium to run CI/CD tasks and this repo will be archive
 
 The actions available are: 
 - [S3 Backup](https://gitea.dunemask.dev/elysium/elysium-actions/src/branch/s3-backup/action.yml)
-- [Oasis Deploy](https://gitea.dunemask.dev/elysium/elysium-actions/src/branch/oasis-deploy/action.yml)
+- [Oasis Auto Setup](https://gitea.dunemask.dev/elysium/elysium-actions/src/branch/oasis-setup-auto/action.yml)
 - [Infisical Env](https://gitea.dunemask.dev/elysium/elysium-actions/src/branch/infisical-env/action.yml)
+- [Oasis Advanced Setup](https://gitea.dunemask.dev/elysium/elysium-actions/src/branch/oasis-setup-advanced/action.yml)
 - [Elysium CI/CD](https://gitea.dunemask.dev/elysium/elysium-actions/src/branch/elysium-ci-cd/action.yml)
 
 ## Workflow Template

action.yml

@@ -0,0 +1,65 @@
+name: "Elysium Infisical Secrets"
+description: "Fetch secrets from Infisical and add them to the env"
+inputs:
+  infisical-token:
+    description: "Infisical API Token"
+    required: true
+  project-id:
+    description: "Project to retrieve secrets from using token"
+    required: true
+  secret-envs:
+    description: "The environments to fetch secrets for (Example: ci or ci,prod,edge )"
+    required: true
+  secret-paths:
+    description: "Secret paths for the secrets (Must match the order of envs! Example: /main or /main,/alt-main)"
+    required: true
+  api-url:
+    description: "Infisical API URL (defaults to https://infisical.dunemask.dev/api)"
+    required: false
+    default: "https://infisical.dunemask.dev/api"
+runs:
+  using: "composite"
+  steps:
+    - name: Infisical CLI install
+      shell: bash
+      run: |
+        [ -z "${{ inputs.project-id }}" ] && echo "ProjectID was not supplied!" && exit 1
+        [ -z "${{ inputs.infisical-token }}" ] && echo "Inficial token was not supplied!" && exit 1
+
+        # Install Infisical Binary
+        echo "Installing Infisical!"
+        curl -s -L https://github.com/Infisical/infisical/releases/download/infisical-cli%2Fv0.28.5/infisical_0.28.5_linux_amd64.tar.gz | tar xvzf - infisical
+
+        # Install yq
+        echo "Installing yq"
+        curl -s -L https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64 >> yq
+        chmod +x yq
+
+        # Get paths and envs into list
+        paths="${{ inputs.secret-paths }}"
+        envs="${{ inputs.secret-envs }}"
+
+        path_list=( $(echo $paths | sed "s/,/ /g") )
+        env_list=( $(echo $envs | sed "s/,/ /g") )
+        path_len=${#path_list[@]}
+        env_len=${#env_list[@]} 
+
+        # Ensure lengths match
+        if [ "$path_len" != "$env_len" ];
+        then
+          echo "Each path must specify it's environment!"
+          exit 1;
+        fi
+
+        echo "Will execute ./infisical export --domain ${{ inputs.api-url }} --projectId ${{ inputs.project-id }} --token TOKEN --env ENV --path PATH"
+
+        # For each environment
+        for i in "${!path_list[@]}";
+        do echo "Getting secrets from path '${path_list[i]}' from '${env_list[i]}'"
+          ./infisical export --domain ${{ inputs.api-url }} --projectId ${{ inputs.project-id }} --token ${{ inputs.infisical-token }} --env "${env_list[i]}" --path "${path_list[i]}" --format yaml | tee >(./yq -r 'to_entries[] | .key + "=" +.value' >> $GITHUB_ENV) | ./yq -r 'to_entries[] | "echo ::add-mask::\"" + .value + "\""' >> mask.sh
+          chmod +x mask.sh
+          ./mask.sh
+          rm mask.sh
+        done
+    - shell: bash
+      run: echo "Secrets added to environment!"