Cloudflare Workers

reading time 3 mins

This guide will show how to sync secrets from Doppler to Cloudflare Workers.

Prerequisites

  • Experience with Cloudflare Worker secrets
  • Wrangler CLI installed and authenticated
  • The jq CLI installed

Import Secrets

You'll need to perform the one-time operation of adding your secrets from Cloudflare to Doppler before continuing as there is no way to export your current secrets using the Wrangler API.

Service Tokens

To sync your secrets to Cloudflare as part of a CI/CD job e.g. GitHub Actions, the Doppler CLI requires a Service Token to provide read-only access to a specific config and is exposed to the CLI via the DOPPLER_TOKEN environment variable. This would normally be set by the environment, e.g GitHub Secret, but for this guide, we'll provide it manually.

export DOPPLER_TOKEN="dp.st.prd.xxxx"

Secrets Sync

You can upload your secrets to Cloudflare using the below command:

 wrangler secret:bulk <(doppler secrets --json | jq -c 'with_entries(.value = .value.computed)')

You should see a confirmation message in your shell for every secret synced to Cloudflare.

πŸ‘

Awesome Work!

Now you know to use Doppler to easily sync secrets to Cloudflare Workers in CI/CD environments.