Use infisical cli directly, if available

dist/scripts/src/fetch-secrets.sh

@@ -5,9 +5,14 @@ fetch_secret() {
     local env="${2:?Environment is required}"
     local output_file="${3:?}"
 
-    script -q /dev/null \
+    if command -v infisical &>/dev/null; then
-        -c "docker compose run --rm -t cli infisical secrets --plain get ""${target_secret}"" --env ""${env}""" \
+        # If infisical CLI command is available, use it directly
-        >"${output_file}"
+        infisical secrets --plain get "${target_secret}" --env "${env}" >"${output_file}"
+    else
+        script -q /dev/null \
+            -c "docker compose run --rm -t cli infisical secrets --plain get ""${target_secret}"" --env ""${env}""" \
+            >"${output_file}"
+    fi
 
     # Check if file is empty
     if [[ ! -s ${output_file} ]]; then
@@ -19,12 +24,12 @@ main() {
     local config_file="${1:-./secrets.json}"
     local secrets_dir="${2:-./secrets}"
 
-    if ! command -v jq &> /dev/null; then
+    if ! command -v jq &>/dev/null; then
         printf "Error: jq is required but not installed\n" >&2
         return 1
     fi
 
-    if [[ ! -f "${config_file}" ]]; then
+    if [[ ! -f ${config_file} ]]; then
         printf "Error: Config file %s not found\n" "${config_file}" >&2
         return 1
     fi
@@ -45,11 +50,11 @@ main() {
         output_file="${secrets_dir}/${output_file}"
 
         # If filename is specified in json, use it; otherwise, use the local_secret as the filename
-        if [[ -n "${filename}" && "${filename}" != "null" ]]; then
+        if [[ -n ${filename} && ${filename} != "null" ]]; then
             output_file="${secrets_dir}/${filename}"
         fi
 
-        if [[ -z "${env}" ]]; then
+        if [[ -z ${env} ]]; then
             printf "Warning: Environment not specified for secret %s, assuming 'prod'\n" "${local_secret}" >&2
         fi