The Doppler CLI provides a consistent experience between developing locally and production. It is a lightweight binary that comes provided in a number of package managers and Docker images. Check out the Doppler CLI repository on GitHub!
brew install dopplerhq/cli/doppler
# Add Doppler's scoop repo scoop bucket add doppler https://github.com/DopplerHQ/scoop-doppler.git # Install latest doppler cli scoop install doppler
# this installation method does not use a package manager and is only recommended for ephemeral environments (e.g. CI jobs) # supports Linux, BSD, and macOS (curl -Ls https://cli.doppler.com/install.sh || wget -qO- https://cli.doppler.com/install.sh) | sh
# All tags: https://hub.docker.com/r/dopplerhq/cli/tags FROM dopplerhq/cli:3
# Add Bintray's GPG key sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 379CE192D401AB61 # Add Doppler's apt repo echo "deb https://dl.bintray.com/dopplerhq/doppler-deb stable main" | sudo tee /etc/apt/sources.list.d/dopplerhq-doppler.list # Update packages and install latest doppler cli sudo apt-get update && sudo apt-get install doppler
# Add Doppler's yum repo sudo wget https://bintray.com/dopplerhq/doppler-rpm/rpm -O /etc/yum.repos.d/bintray-dopplerhq-doppler.repo # Update packages and install latest doppler cli sudo yum update && sudo yum install doppler
Now let's verify the Doppler CLI was installed correctly.
The Doppler CLI requires an API key for authentication. Access can be granted via the login flow for local development OR by using a service token. Service tokens should be used when running your service on a cloud provider (Azure, AWS, GCP, etc).
doppler configure set token <SERVICE TOKEN> # OR # Auto-configure your Enclave project and config doppler setup --token=<SERVICE TOKEN> --no-prompt
The Doppler CLI supports multiple workplaces by allowing you to scope your login to a specific directory. Any applications inside your chosen directory (and its sub-directories) will automatically use the correct API key.
# authenticate your company's workplace doppler login --scope ~/boring-apps/ # authenticate your side project's workplace doppler login --scope ~/exciting-ideas/
Whether developing locally or in prod, your can run your app via the
doppler run command. This will execute your app with your latest secrets injected into the environment. It will use your current shell.
doppler run -- printenv DOPPLER_CONFIG
Running aliased commands is currently not supported. To use an alias, source your aliases file before executing your app.
doppler run --command="source ~/.bash_aliases && my_aliased_command"
When using the
--command flag, the Doppler CLI will determine what shell to use based on the
SHELL environment variable. The CLI currently supports
csh. If you are using an alternative shell, the CLI will fall back to
sh. You can manually specify your preferred shell.
# e.g. use zsh2 doppler run -- zsh2 -c "printenv DOPPLER_CONFIG"
The Doppler CLI supports updating itself via the
doppler update command. This will automatically download and install the latest version of the CLI.
The Doppler CLI will also prompt you to update whenever a new version is released:
This command is not supported on Windows. Instead, you may update via
scoop update doppler.
When starting out with Doppler, you've likely got an existing app config file (e.g.
config.json) and you can use the
doppler secrets upload command to populate the secrets for a new project without leaving the terminal.
Below is an example of how to set up a Doppler project ready for local development in three simple commands using an existing
doppler projects create new-project doppler setup --project new-project --config dev doppler secrets upload .env
The official Doppler CLI Usage: doppler [flags] doppler [command] Available Commands: activity Get workplace activity logs configs Manage configs configure View the config file environments Manage environments feedback Provide feedback about the Doppler CLI help Help about any command login Authenticate to Doppler logout Log out of the CLI open open a web page in your browser projects Manage projects run Run a command with secrets injected into the environment secrets Manage secrets settings Get workplace settings setup Setup the Doppler CLI for managing secrets update update the Doppler CLI Flags: --api-host string The host address for the Doppler API (default "https://api.doppler.com") --configuration string config file (default "/Users/thomas/.doppler/.doppler.yaml") --dashboard-host string The host address for the Doppler Dashboard (default "https://dashboard.doppler.com") --debug output additional information -h, --help help for doppler --json output json --no-read-env do not read config from the environment --no-timeout disable http timeout --no-update disable checking for Doppler CLI updates --no-verify-tls do not verify the validity of TLS certificates on HTTP requests (not recommended) --print-config output active configuration --scope string the directory to scope your config to (default ".") --silent disable output of info messages --timeout duration max http request duration (default 10s) -t, --token string doppler token -v, --version Get the version of the Doppler CLI Use "doppler [command] --help" for more information about a command.
Updated 22 days ago