Instead of creating variables one by one in GH action like so:

   - name: 'Create env file'
        run: |
          touch .env
          echo API_ENDPOINT="https://xxx.execute-api.us-west-2.amazonaws.com" >> .env
          echo API_KEY=${{ secrets.API_KEY }} >> .env
          cat .env

You can base64 encode the entire .env file and c/p it into the Github secrets variable.

Encode the file:

cat apps/myapp/.env | base64 -w 0

Now c/p the output from above command to GH secrets, go to repository Settings > Secrets and variables > Actions > New repository secret.

Next in the github workflow decode the secret and redirect it to the .env e.g.

...
      - name: Create .env
        env:
          ENV_SECRET: ${{ secrets.DOTENV_STY }}
        run: |
          echo "$ENV_SECRET" | base64 --decode > apps/myapp/.env
...

• Github actions 2025.02

• Github actions examples

• https://stackoverflow.com/a/64452700/6881647