Every time you run
doppler run -- ./your-command-here the command-line tool will automatically create a snapshot of your latest secrets and store it in an encrypted file. Then when we are unable to connect to the API, like if you are doing local development on a plane, the Doppler CLI will smartly fallback to this snapshot. The snapshot lives outside of your working directory in a dedicated folder managed by Doppler to ensure it is never committed to your git history.
You can specify the fallback file location manually. This will tell Doppler where to read and write that fallback file.
doppler run --fallback=/tmp -- ./your-command-here
If your application is running in an environment with read-only file permissions, you can instruct the Doppler CLI to only read from an existing fallback file and never write a new one.
doppler run --fallback-readonly -- ./your-command-here
There may be a case where you would only like to fetch your secrets from the encrypted snapshot instead of Doppler's API. You can instruct the CLI to only read from the fallback file.
doppler run --fallback-only -- ./your-command-here
Updated about 1 year ago