actions/infisical-secrets-fetcher
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2 Commits 1 Branch 0 Tags
b28ca0aa7f8755c688030de69d31813e132e23cd
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE

README.md

Infisical Secrets Fetcher for Gitea Actions

This composite Gitea Action fetches secrets from a self-hosted Infisical instance and injects them into the Gitea Actions environment.

Features

  • DNS Resolution Fix: Automatically resolves the Infisical domain using Cloudflare DNS (1.1.1.1) and updates /etc/hosts to prevent DNS timeouts on runners.
  • Universal Auth: Supports Machine Identity authentication.
  • Secure Injection: Injects secrets directly into $GITEA_ENV and masks values.

Usage

jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      - name: Fetch Secrets
        uses: actions/infisical-secrets-fetcher@main
        with:
          client_id: ${{ secrets.INFISICAL_CLIENT_ID }}
          client_secret: ${{ secrets.INFISICAL_CLIENT_SECRET }}
          project_id: ${{ secrets.INFISICAL_PROJECT_ID }}
          environment: 'prod'       # Optional, default: prod
          secret_path: '/MyHelper'  # Optional, default: /
          domain: 'https://infisical.lemarechal.eu' # Optional, default provided

Inputs

Input Description Required Default
client_id Machine Identity Client ID Yes -
client_secret Machine Identity Client Secret Yes -
project_id Infisical Project ID (Workspace ID) Yes -
environment Environment slug (dev, staging, prod) No prod
secret_path Path to secrets folder No /
domain URL of the Infisical instance No https://infisical.lemarechal.eu

License

MIT

Reference in New Issue View Git Blame Copy Permalink
Description
No description provided
Readme 30 KiB