This guide is designed specifically for installing the Doppler CLI for local development environment all the way through to production. If your engineering team has yet to create a project, head over to the Create a Project page to get started.
The Doppler CLI provides a consistent experience when developing locally to in production. It is a lightweight binary that comes in a number of package managers and Docker images.
brew install dopplerhq/cli/doppler
# Add Doppler's scoop repo scoop bucket add doppler https://github.com/DopplerHQ/scoop-doppler.git # Install latest doppler cli scoop install doppler
# this installation method does not use a package manager and is only recommended for ephemeral environments (e.g. CI jobs) # supports Linux, BSD, and macOS (curl -Ls https://cli.doppler.com/install.sh || wget -qO- https://cli.doppler.com/install.sh) | sh
# Add Bintray's GPG key sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 379CE192D401AB61 # Add Doppler's apt repo echo "deb https://dl.bintray.com/dopplerhq/doppler-deb stable main" | sudo tee /etc/apt/sources.list.d/dopplerhq-doppler.list # Update packages and install latest doppler cli sudo apt-get update && sudo apt-get install doppler
# Add Doppler's yum repo sudo wget https://bintray.com/dopplerhq/doppler-rpm/rpm -O /etc/yum.repos.d/bintray-dopplerhq-doppler.repo # Update packages and install latest doppler cli sudo yum update && sudo yum install doppler
Now, verify the Doppler CLI was installed correctly. Any version with the format
vX.X.X is valid.
The Doppler CLI requires an API Key to authenticate. Access can be generated via the login flow used for local development or by using a service token. Service tokens are recommended to be used only when running your service on a cloud provider (Azure, AWS, GCP, etc).
# skip this step
For each project, you need to run the setup command once which sets the project and config for your current directory. This allows you to work on multiple projects at the same time by just changing directories.
# Change to your project's directory cd ./your/project/directory # Select project and config doppler setup
# In non-local environments, service tokens should be used. # A service token is authorized to a single config which the # CLI configures automatically. doppler setup --no-prompt --silent --token=<SERVICE TOKEN>
Run your program with the CLI in your project directory, which will securely fetch your secrets from and inject them into the environment.
doppler run -- ./your-command-here
doppler run --command="./first-command && ./second-command; ./cleanup-command"
Now, you should be able to access your secrets securely through environment variables.
const secret = process.env["SECRET_NAME"]
secret = os.getenv("SECRET_NAME")
secret = ENV["SECRET_NAME"]
secret := os.Getenv("SECRET_NAME")
String secret = System.getenv().get("SECRET_NAME")
$secret = $_ENV["SECRET_NAME"]
secret = env::var("SECRET_NAME")
var secret: String = System.getenv("SECRET_NAME")
def secret = System.getenv("SECRET_NAME")
char const* secret = getenv("SECRET_NAME");
Now that you have local development running, let’s set up authentication for staging and production with Service Tokens.
Updated 2 days ago