From 89ce4681e10ba6ab126bd6500b6c0b13eefa494f Mon Sep 17 00:00:00 2001 From: aydent Date: Sat, 24 Jan 2026 23:33:55 +0100 Subject: [PATCH] chore: Configure Infisical workflow to run in a specified container and remove the manual DNS resolution step. --- .gitea/workflows/infisical-secrets.yml | 13 +++---------- 1 file changed, 3 insertions(+), 10 deletions(-) diff --git a/.gitea/workflows/infisical-secrets.yml b/.gitea/workflows/infisical-secrets.yml index 7e690d6..e970016 100644 --- a/.gitea/workflows/infisical-secrets.yml +++ b/.gitea/workflows/infisical-secrets.yml @@ -8,15 +8,10 @@ on: jobs: list-secrets: runs-on: ubuntu-latest + container: + image: docker.gitea.com/runner-images:ubuntu-latest + options: --network host steps: - - name: Force DNS resolution - run: | - # Dynamically fetch the public IP to handle dynamic DNS - # We query Cloudflare DNS (1.1.1.1) to ignore local/Tailscale records - PUBLIC_IP=$(dig +short @1.1.1.1 infisical.lemarechal.eu | tail -n1) - echo "Public IP found: $PUBLIC_IP" - echo "$PUBLIC_IP infisical.lemarechal.eu" | sudo tee -a /etc/hosts - - name: Fetch Secrets from Infisical uses: https://github.com/Infisical/secrets-action@v1.0.7 with: @@ -30,6 +25,4 @@ jobs: - name: Display Secrets run: | echo "Secrets fetched and injected as environment variables." - # Note: Gitea/GitHub will mask the values of these secrets in the logs. - # To see which keys were fetched, we can list the environment variables. env | grep -v "GITHUB_" | grep -v "GITEA_" | sort