Add initial project files including LICENSE, README, example Docker Compose, and infisical-init script

LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 Infisical Painless Integration Contributors
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

README.md

@@ -0,0 +1,87 @@
+# Infisical Painless Integration
+
+This repository provides a simple script to integrate Infisical secrets management into your existing Docker Swarm or Docker Compose services without modifying your application code.
+
+## Overview
+
+The `infisical-init` script automatically installs the Infisical CLI, authenticates with your Infisical instance, and either exports secrets to a file or runs your application command with secrets injected as environment variables.
+
+## Prerequisites
+
+- An Infisical account and project
+- Docker and Docker Compose installed
+- Required environment variables set (see below)
+
+## Environment Variables
+
+The following environment variables must be set:
+
+- `INFISICAL_API_URL`: URL of your Infisical API instance
+- `INFISICAL_CLIENT_ID`: Client ID for authentication
+- `INFISICAL_CLIENT_SECRET`: Client secret for authentication
+- `INFISICAL_PROJECT_ID`: ID of your Infisical project
+- `INFISICAL_ENVIRONMENT`: Environment name (e.g., "dev", "prod")
+
+## Usage
+
+1. Update your stack file to match the example in `compose.example.yml`
+2. Set the required environment variables
+3. Mount the `infisical-init` script as a volume
+4. Configure your service's entrypoint to run the script
+
+### Example Docker Compose
+
+```yaml
+services:
+  your-app:
+    image: your-image
+    volumes:
+      - ./infisical-init:/infisical-init.sh
+    environment:
+      INFISICAL_CLIENT_ID: ${INFISICAL_CLIENT_ID}
+      INFISICAL_CLIENT_SECRET: ${INFISICAL_CLIENT_SECRET}
+      INFISICAL_API_URL: ${INFISICAL_API_URL}
+      INFISICAL_ENVIRONMENT: ${INFISICAL_ENVIRONMENT}
+      INFISICAL_PROJECT_ID: ${INFISICAL_PROJECT_ID}
+    entrypoint:
+      - sh
+      - -c
+      - |
+        chmod +x /infisical-init.sh
+        /infisical-init.sh run "your-command-here"
+```
+
+### Script Modes
+
+The script supports two modes:
+
+- `file <path>`: Exports secrets to a file at the specified path
+- `run <command>`: Runs the specified command with secrets injected as environment variables
+
+### Supported Images
+
+The script automatically detects the package manager and installs Infisical CLI:
+
+- Alpine-based images (uses `apk`)
+- Debian/Ubuntu-based images (uses `apt-get`)
+
+## How It Works
+
+1. Detects the package manager and installs Infisical CLI if not present
+2. Validates all required environment variables
+3. Authenticates with Infisical using universal auth
+4. Either exports secrets or runs your command with secrets available
+
+## Security Notes
+
+- Ensure environment variables are set securely (e.g., via `.env` files or secret management)
+- The script handles authentication automatically and securely
+- Secrets are not persisted in the container after execution
+
+## Contributing
+
+Feel free to submit issues and pull requests to improve this integration script.
+
+## License
+
+This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.

compose.example.yml

@@ -0,0 +1,38 @@
+services:
+  app-debian:
+    image: debian:stable-slim
+    volumes:
+      - ./infisical-init:/infisical-init.sh
+    environment:
+      INFISICAL_CLIENT_ID: ${INFISICAL_CLIENT_ID}
+      INFISICAL_CLIENT_SECRET: ${INFISICAL_CLIENT_SECRET}
+      INFISICAL_API_URL: ${INFISICAL_API_URL}
+      INFISICAL_ENVIRONMENT: ${INFISICAL_ENVIRONMENT}
+      INFISICAL_PROJECT_ID: ${INFISICAL_PROJECT_ID}
+    entrypoint:
+      - sh
+      - -c
+      - |
+        chmod +x /infisical-init.sh
+        /infisical-init.sh run "env" # Using with command
+        /infisical-init.sh file /tmp/.env # Using with file
+        cat /tmp/.env
+  app-alpine:
+    image: alpine:latest
+    volumes:
+      - ./infisical-init:/infisical-init.sh
+    environment:
+      INFISICAL_CLIENT_ID: ${INFISICAL_CLIENT_ID}
+      INFISICAL_CLIENT_SECRET: ${INFISICAL_CLIENT_SECRET}
+      INFISICAL_API_URL: ${INFISICAL_API_URL}
+      INFISICAL_ENVIRONMENT: ${INFISICAL_ENVIRONMENT}
+      INFISICAL_PROJECT_ID: ${INFISICAL_PROJECT_ID}
+    entrypoint:
+      - sh
+      - -c
+      - |
+        chmod +x /infisical-init.sh
+        /infisical-init.sh run "env" # Using with command
+        /infisical-init.sh file /tmp/.env # Using with file
+        cat /tmp/.env
+

infisical-init

@@ -0,0 +1,37 @@
+if [ -n "$(which apk)" ]; then
+    if [ -z "$(which infisical)" ]; then
+        apk update
+        apk add bash curl
+            curl -1sLf 'https://dl.cloudsmith.io/public/infisical/infisical-cli/setup.alpine.sh' | bash
+        apk add infisical
+    fi;
+elif [ -n "$(which apt-get)" ]; then
+    if [ -z "$(which infisical)" ]; then
+        apt-get update && apt-get install -y curl
+        curl -1sLf 'https://artifacts-cli.infisical.com/setup.deb.sh' | bash
+        apt-get install infisical -y
+    fi;
+else
+    echo "Unsupported package manager. Exiting."
+    exit 1
+fi
+
+missing=""
+[ -z "$INFISICAL_API_URL" ] && missing="$missing INFISICAL_API_URL"
+[ -z "$INFISICAL_CLIENT_ID" ] && missing="$missing INFISICAL_CLIENT_ID"
+[ -z "$INFISICAL_CLIENT_SECRET" ] && missing="$missing INFISICAL_CLIENT_SECRET"
+[ -z "$INFISICAL_PROJECT_ID" ] && missing="$missing INFISICAL_PROJECT_ID"
+[ -z "$INFISICAL_ENVIRONMENT" ] && missing="$missing INFISICAL_ENVIRONMENT"
+if [ -n "$missing" ]; then
+    echo "One or more required environment variables are missing:$missing. Exiting."
+    exit 1
+fi
+export INFISICAL_TOKEN=$(infisical login --method=universal-auth --client-id=$INFISICAL_CLIENT_ID --client-secret=$INFISICAL_CLIENT_SECRET --silent --plain)
+if [ "$1" = "file" ]; then
+    infisical export --projectId=$INFISICAL_PROJECT_ID --env=$INFISICAL_ENVIRONMENT > $2
+elif [ "$1" = "run" ]; then
+infisical run --projectId=$INFISICAL_PROJECT_ID --env=$INFISICAL_ENVIRONMENT -- $2
+else
+    echo "Invalid argument. Use 'file' or 'run'."
+    exit 1
+fi