Aydent/frielith_discord_bot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chore: Enhance Infisical secret fetching debug step to perform full login and secret fetch, removing basic secret presence verification.
Some checks failed
List Infisical Secrets / list-secrets (push) Failing after 14s
Details

Browse Source
This commit is contained in:
aydent
2026-01-25 00:12:19 +01:00
parent 1d26d6bc30
commit d5d243aa39
1 changed files with 20 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
.gitea/workflows/infisical-secrets.yml
View File

@@ -20,26 +20,32 @@ jobs:
echo "Public IP found: $PUBLIC_IP" echo "Public IP found: $PUBLIC_IP"
echo "$PUBLIC_IP infisical.lemarechal.eu" | sudo tee -a /etc/hosts echo "$PUBLIC_IP infisical.lemarechal.eu" | sudo tee -a /etc/hosts
- name: Verify Secret Presence - name: Debug Secret Fetch (curl)
env: env:
CLIENT_ID: ${{ secrets.INFISICAL_CLIENT_ID }} CLIENT_ID: ${{ secrets.INFISICAL_CLIENT_ID }}
CLIENT_SECRET: ${{ secrets.INFISICAL_CLIENT_SECRET }} CLIENT_SECRET: ${{ secrets.INFISICAL_CLIENT_SECRET }}
PROJECT_ID: ${{ secrets.INFISICAL_PROJECT_ID }}
run: | run: |
echo "Checking secrets length (to avoid revealing them)..." echo "Logging in..."
if [ -z "$CLIENT_ID" ]; then echo "❌ CLIENT_ID is EMPTY"; else echo "✅ CLIENT_ID length: ${#CLIENT_ID}"; fi LOGIN_RES=$(curl -s -X POST https://infisical.lemarechal.eu/api/v1/auth/universal-auth/login \
if [ -z "$CLIENT_SECRET" ]; then echo "❌ CLIENT_SECRET is EMPTY"; else echo "✅ CLIENT_SECRET length: ${#CLIENT_SECRET}"; fi
- name: Debug Authentication (curl)
env:
CLIENT_ID: ${{ secrets.INFISICAL_CLIENT_ID }}
CLIENT_SECRET: ${{ secrets.INFISICAL_CLIENT_SECRET }}
run: |
echo "Testing authentication endpoint..."
# Use -s to be silent and -S to show errors, then pipe to cat to see the body
RESPONSE=$(curl -s -S -X POST https://infisical.lemarechal.eu/api/v1/auth/universal-auth/login \
-H "Content-Type: application/json" \ -H "Content-Type: application/json" \
-d "{\"clientId\": \"$CLIENT_ID\", \"clientSecret\": \"$CLIENT_SECRET\"}") -d "{\"clientId\": \"$CLIENT_ID\", \"clientSecret\": \"$CLIENT_SECRET\"}")
echo "API Response: $RESPONSE"
TOKEN=$(echo $LOGIN_RES | jq -r .accessToken)
if [ "$TOKEN" == "null" ] || [ -z "$TOKEN" ]; then
echo "❌ Login failed: $LOGIN_RES"
exit 1
fi
echo "✅ Login successful. Fetching secrets..."
# Attempt to fetch secrets to see the 400 error message
# Note: workspaceId is the Project ID
FETCH_RES=$(curl -s -X GET "https://infisical.lemarechal.eu/api/v3/secrets/raw?workspaceId=$PROJECT_ID&environment=prod&secretPath=%2FDiscord_bot" \
-H "Authorization: Bearer $TOKEN")
echo "Secrets API Response: $FETCH_RES"
- name: Fetch Secrets from Infisical - name: Fetch Secrets from Infisical
uses: https://github.com/Infisical/secrets-action@v1.0.7 uses: https://github.com/Infisical/secrets-action@v1.0.7