Use infisical cli directly, if available

Add support for INFISICAL_CLI_DOCKER_INSTALL_DIR for passing project-dir to docker compose
Add support for passing Infisical environment variables
2025-06-01 23:35:31 +02:00 · 2025-06-01 23:22:29 +02:00 · 2025-06-01 23:20:54 +02:00
2 changed files with 28 additions and 8 deletions
--- a/bin/infisical
+++ b/bin/infisical
@@ -2,7 +2,22 @@
 set -e

 main() {
-    docker compose run --rm --workdir "${PWD}" --volume "${PWD}:${PWD}" -t cli infisical "${@}"
+    declare -a args=("--rm" "--workdir" "${PWD}" "--volume" "${PWD}:${PWD}" "-t")
+
+    if [ -n "${INFISICAL_TOKEN}" ]; then
+        args+=("--env" "INFISICAL_TOKEN=${INFISICAL_TOKEN}")
+    fi
+
+    if [ -n "${INFISICAL_API_URL:-}" ]; then
+        args+=("--env" "INFISICAL_API_URL=${INFISICAL_API_URL}")
+    fi
+
+    if [ -n "${INFISICAL_CLI_DOCKER_INSTALL_DIR:-}" ]; then
+        docker compose --project-directory="${INFISICAL_CLI_DOCKER_INSTALL_DIR}" run "${args[@]}" cli infisical "${@}"
+        return
+    fi
+
+    docker compose run "${args[@]}" cli infisical "${@}"
 }

 main "${@}"
--- a/dist/scripts/src/fetch-secrets.sh
+++ b/dist/scripts/src/fetch-secrets.sh
@@ -5,9 +5,14 @@ fetch_secret() {
    local env="${2:?Environment is required}"
    local output_file="${3:?}"

-    script -q /dev/null \
-        -c "docker compose run --rm -t cli infisical secrets --plain get ""${target_secret}"" --env ""${env}""" \
-        >"${output_file}"
+    if command -v infisical &>/dev/null; then
+        # If infisical CLI command is available, use it directly
+        infisical secrets --plain get "${target_secret}" --env "${env}" >"${output_file}"
+    else
+        script -q /dev/null \
+            -c "docker compose run --rm -t cli infisical secrets --plain get ""${target_secret}"" --env ""${env}""" \
+            >"${output_file}"
+    fi

    # Check if file is empty
    if [[ ! -s ${output_file} ]]; then
@@ -19,12 +24,12 @@ main() {
    local config_file="${1:-./secrets.json}"
    local secrets_dir="${2:-./secrets}"

-    if ! command -v jq &> /dev/null; then
+    if ! command -v jq &>/dev/null; then
        printf "Error: jq is required but not installed\n" >&2
        return 1
    fi

-    if [[ ! -f "${config_file}" ]]; then
+    if [[ ! -f ${config_file} ]]; then
        printf "Error: Config file %s not found\n" "${config_file}" >&2
        return 1
    fi
@@ -45,11 +50,11 @@ main() {
        output_file="${secrets_dir}/${output_file}"

        # If filename is specified in json, use it; otherwise, use the local_secret as the filename
-        if [[ -n "${filename}" && "${filename}" != "null" ]]; then
+        if [[ -n ${filename} && ${filename} != "null" ]]; then
            output_file="${secrets_dir}/${filename}"
        fi

-        if [[ -z "${env}" ]]; then
+        if [[ -z ${env} ]]; then
            printf "Warning: Environment not specified for secret %s, assuming 'prod'\n" "${local_secret}" >&2
        fi
Author	SHA1	Message	Date
xZero707	19fd9f4d83	Use infisical cli directly, if available	2025-06-01 23:35:31 +02:00
xZero707	489b3dcf62	Add support for INFISICAL_CLI_DOCKER_INSTALL_DIR for passing project-dir to docker compose	2025-06-01 23:22:29 +02:00
xZero707	1e72c98f9c	Add support for passing Infisical environment variables	2025-06-01 23:20:54 +02:00