-
Notifications
You must be signed in to change notification settings - Fork 1
/
index.js
67 lines (61 loc) · 2.05 KB
/
index.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
import core from "@actions/core";
import { UALogin, getRawSecrets } from "./infisical.js";
import fs from "fs/promises";
try {
const UAClientId = core.getInput("client-id");
const UAClientSecret = core.getInput("client-secret");
const domain = core.getInput("domain");
const envSlug = core.getInput("env-slug");
const projectSlug = core.getInput("project-slug");
const secretPath = core.getInput("secret-path");
const exportType = core.getInput("export-type");
const fileOutputPath = core.getInput("file-output-path");
const shouldIncludeImports = core.getBooleanInput("include-imports");
const shouldRecurse = core.getBooleanInput("recursive");
// get infisical token using UA credentials
const infisicalToken = await UALogin({
domain,
clientId: UAClientId,
clientSecret: UAClientSecret,
});
// get secrets from Infisical using input params
const keyValueSecrets = await getRawSecrets({
domain,
envSlug,
infisicalToken,
projectSlug,
secretPath,
shouldIncludeImports,
shouldRecurse,
});
core.debug(
`Exporting the following envs", ${JSON.stringify(
Object.keys(keyValueSecrets)
)}`
);
// export fetched secrets
if (exportType === "env") {
// Write the secrets to action ENV
Object.entries(keyValueSecrets).forEach(([key, value]) => {
core.setSecret(value);
core.exportVariable(key, value);
});
core.info("Injected secrets as environment variables");
} else if (exportType === "file") {
// Write the secrets to a file at the specified path
const fileContent = Object.keys(keyValueSecrets)
.map((key) => `${key}='${keyValueSecrets[key]}'`)
.join("\n");
try {
const filePath = `${process.env.GITHUB_WORKSPACE}${fileOutputPath}`;
core.info(`Exporting secrets to ${filePath}`);
await fs.writeFile(filePath, fileContent);
} catch (err) {
core.error(`Error writing file: ${err.message}`);
throw err;
}
core.info("Successfully exported secrets to file");
}
} catch (error) {
core.setFailed(error.message);
}