This guide will show you how to use Doppler to provide secrets to pipelines in Azure DevOps.
- You have created a project in Doppler
- You have an Azure Devops account
Using Doppler to manage your CI / CD secrets requires only a single
DOPPLER_TOKEN variable to be stored in Azure DevOps, which is used by the Doppler CLI to fetch the latest version of your secrets during each job run.
We recommend you first migrate any existing pipeline variables from Azure DevOps to Doppler prior to updating your pipeline variables, with most customers opting to organize them under the Staging environment.
Create a Doppler Service Token for the CI / CD config and copy it to your clipboard.
Then in Azure DevOps, go to your pipeline Variables > + (new variable) and add a new variable DOPPLER_TOKEN using the token content copied to the clipboard.
Your Azure DevOps pipeline will now be able to access all the secrets in that Doppler config on each job run.
Now, let's create a simple pipeline to show you how to access secrets from Doppler.
The first step is to install the Doppler CLI, then use
doppler run to fetch the config secrets.
trigger: - master pool: vmImage: ubuntu-latest - script: | (curl -Ls --tlsv1.2 --proto "=https" --retry 3 https://cli.doppler.com/install.sh || wget -t 3 -qO- https://cli.doppler.com/install.sh) | sudo sh -s -- --verify-signature displayName: 'Install Doppler' - script: | doppler --token $(DOPPLER_TOKEN) run -- printenv | grep SECRET_NAME displayName: 'Print Secret "SECRET_NAME"'
Save the pipeline and run it. The Azure DevOps pipeline job shows the successful installation of the CLI and fetching of a secret.
Now you know how to configure Azure DevOps pipelines to fetch secrets from Doppler.
Updated 5 months ago