Direnv
Learn how to automatically load environment variables in your development environment.
direnv
is a tool that automatically loads environment variables when you cd
into a directory and then unsets them when you leave that directory. This guide will show you how to use it with Doppler.
Doppler does not recommend or endorse loading all secrets into your shell environment like this. However, some developers may need this functionality. This is purely a guide on how to use Doppler with
direnv
and should not be read as an endorsement of that tool or workflow.
Prerequisites
- direnv installed
- A shell compatible with
direnv
Configure Your Doppler Project
For this to work, you need to perform a doppler setup
in the project first. Make sure you do that and follow the setup process to connect the directory with a Doppler project and config.
Create a .envrc file
In the root of your project directory, create a .envrc
file with the following contents:
set -a
source <(doppler secrets download --no-file --format env)
set +a
The set -a
makes it so any variable assignments following that are exported and set +a
disables that functionality. After saving this, you may get a warning like this from direnv
:
direnv: error /path/to/project/.envrc is blocked. Run `direnv allow` to approve its content
By default, direnv
won't load what's in a .envrc
file until you approve it. In this case, you just created it so you can allow it by running direnv allow
. After doing that, you should see direnv
load the environment variables:
direnv: loading /path/to/project/.envrc
direnv: export +DOPPLER_CONFIG +DOPPLER_ENVIRONMENT +DOPPLER_PROJECT +YOUR_VARIABLE
When you leave the directory, you'll see direnv
unload the variables:
direnv: unloading
The above solution isn't guaranteed to work with all secret values. Notably, it may fail with some multi-line secrets. Direnv also seems to have issues with secrets that contain
?
,*
, and ``. There may be other characters that cause problems as well (e.g.,
$and
#` could potentially cause problems in some scenarios).
Overriding Specific Variables
In some situations, you may want to have a local override that it doesn't make sense to simply use branch configs for. In that case, you can modify the .envrc
to look for another file, and if it exists source it after loading your secrets from Doppler. In this case, we'll name that file .env.local
and your .envrc
would end up looking something like this:
set -a
source <(doppler secrets download --no-file --format env)
test -f .env.local && source .env.local
set +a
It will work exactly like it did before, but if a .env.local
file exists, any environment variables defined there will take precedence over what was loaded from Doppler.
Updated 6 months ago