[RETRY] Infisical multienv?

README.md

@@ -6,8 +6,9 @@ The actions are used by Elysium to run CI/CD tasks and this repo will be archive
 
 The actions available are: 
 - [S3 Backup](https://gitea.dunemask.dev/elysium/elysium-actions/src/branch/s3-backup/action.yml)
-- [Oasis Deploy](https://gitea.dunemask.dev/elysium/elysium-actions/src/branch/oasis-deploy/action.yml)
+- [Oasis Auto Setup](https://gitea.dunemask.dev/elysium/elysium-actions/src/branch/oasis-setup-auto/action.yml)
 - [Infisical Env](https://gitea.dunemask.dev/elysium/elysium-actions/src/branch/infisical-env/action.yml)
+- [Oasis Advanced Setup](https://gitea.dunemask.dev/elysium/elysium-actions/src/branch/oasis-setup-advanced/action.yml)
 - [Elysium CI/CD](https://gitea.dunemask.dev/elysium/elysium-actions/src/branch/elysium-ci-cd/action.yml)
 
 ## Workflow Template

action.yml

@@ -1,46 +1,28 @@
-name: "S3 Backup Action"
+# Based on https://github.com/zerodays/action-infisical/blob/master/action.yml
-description: "Backup to S3 Bucket"
+name: 'Elysium Infisical Secrets'
+description: 'Fetch secrets from Infisical and add them to the env'
 inputs:
   infisical-token:
-    description: Infisical token for backup envars
+    description: 'Infisical API Token'
     required: true
-  infisical-project:
+  environment:
-    description: Infisical Project
+    description: 'The environment to fetch secrets for (e.g., staging, production)'
     required: true
-  s3-backup-path:
+  secret-matrix:
-    description: "Workspace to setup Oasis"
+    description: 'Secret Matrix'
+    required: true
+  api-url:
+    description: 'Infisical API URL (defaults to https://infisical.dunemask.dev/api)'
     required: false
-    default: backups/forgejo-repositories/${{ gitea.repository }}
+    default: 'https://infisical.dunemask.dev/api'
 runs:
-  using: "composite"
+  using: 'composite'
   steps:
-    # Checkout Repository
+    - name: Infisical CLI install
-    - name: Checkout Repository
+      shell: bash
-      uses: actions/checkout@v3
-      with:
-        path: repo
-    # Load Backup Envars
-    - name: Setup Backup Envars
-      uses: https://forgejo.dunemask.dev/elysium/elysium-actions@infisical-env
-      with:
-        infisical-token: ${{ inputs.infisical-token }}
-        project-id: ${{ inputs.infisical-project }}
-        secret-envs: edge
-        secret-paths: /devops/forgejo-backups
-    # Fix Envar Format
-    - name: Fix Env Format
       run: |
-        echo BACKUP_S3_ENDPOINT=${{ env.DEVOPS_FORGEJO_ELYSIUM_ORG_S3_ENDPOINT }} >> $GITHUB_ENV
+        echo ${{inputs.secret-matrix}} 
-        echo BACKUP_S3_KEY_ID=${{ env.DEVOPS_FORGEJO_ELYSIUM_ORG_S3_KEY_ID }} >> $GITHUB_ENV
+        curl -s -L https://github.com/Infisical/infisical/releases/download/infisical-cli%2Fv0.16.10/infisical_0.16.10_linux_amd64.tar.gz | tar xvz
-        echo BACKUP_S3_KEY=${{ env.DEVOPS_FORGEJO_ELYSIUM_ORG_S3_KEY }} >> $GITHUB_ENV
+        ./infisical export --domain ${{ inputs.api-url }} --token ${{ inputs.infisical-token}} --env ${{ inputs.environment }} --path / >> $GITHUB_ENV
-    # Backup Repository
+    - shell: bash
-    - name: S3 Backup
+      run: echo "Secrets added to environment!".
-      uses: https://github.com/peter-evans/s3-backup@v1
-      env:
-        STORAGE_SERVICE_URL: ${{ env.BACKUP_S3_ENDPOINT }}
-        ACCESS_KEY_ID: ${{ env.BACKUP_S3_KEY_ID }}
-        SECRET_ACCESS_KEY: ${{ env.BACKUP_S3_KEY }}
-        MIRROR_TARGET: ${{ inputs.s3-backup-path }}
-        MIRROR_SOURCE: repo
-      with:
-        args: --overwrite --remove