Learn how to use Doppler with your GitPod workspaces.

In this guide, you'll learn how to use the Doppler CLI in your GitPod workspaces.


You have a GitPod account.

Create a Custom Docker Image

To reduce workspace container startup time, we'll add a custom Dockerfile that creates an image based on GitPod's base image, but also has the Doppler CLI pre-installed. To do that, create a .gitpod.Dockerfile in your project with the contents below:

FROM gitpod/workspace-full

RUN sudo apt-get update && sudo apt-get install -y apt-transport-https ca-certificates curl gnupg \
    && curl -sLf --retry 3 --tlsv1.2 --proto "=https" '' | sudo apt-key add - \
    && echo "deb any-version main" | sudo tee /etc/apt/sources.list.d/doppler-cli.list \
    && sudo apt-get update \
    && sudo apt-get install -y doppler

After creating the Dockerfile, add the following to your .gitpod.yml file:

  file: .gitpod.Dockerfile

After doing this, your workspace containers should startup using GitPod's base image, but with the Doppler CLI installed already. The first time you start a workspace after making this change will result in a relatively lengthy build process, but the resulting container is cached and subsequent starts will just use the prebuilt image. You can also just use a public or private docker image if you'd rather do that as well.

Generate CLI Token


This method involves storing and using your CLI token in GitPod's account variables and workspace containers for your account. This token provides the same level of access to secrets that your Doppler account has from the dashboard. GitPod stores the variable values in an encrypted state, but they're available in plain text inside a workplace (see their note on that here)

The best way to do this is from inside a GitPod workspace. Start up a new workspace using the image we just created above. Once the workspace is open, go ahead and login using the Doppler CLI:

doppler login

Choose No at the prompt (a new browser window can't be opened from inside a GitPod workspace via the CLI) and then open the address that's printed in a new browser tab. Be sure you copy the auth code that's printed because you'll need to that to finish the authorization process.

After doing that you'll be asked to choose your workplace and then asked to give the token a name – just name it GitPod or similar so you can identify it in your Doppler dashboard later.

Switch back to the tab with your open GitPod workspace. Now is the time to set this as an account variable using the GitPod CLI (which is pre-installed on their base image):

gp env DOPPLER_LOCAL_TOKEN=$(doppler configure get token --plain)

Now, open up the account variable settings page and edit the DOPPLER_LOCAL_TOKEN variable you just created. If you want Doppler to work on all your projects, then change the scope from the specific project you created it from to */*.

Update Your .gitpod.yml Files

Add the following to your .gitpod.yml file:

  - name: Start Development Environment
    command: |
      doppler configure set token $DOPPLER_LOCAL_TOKEN
      doppler setup --project YOUR_PROJECT_NAME_HERE --config YOUR_CONFIG_NAME_HERE

Make sure you update YOUR_PROJECT_NAME_HERE and YOUR_CONFIG_NAME_HERE to the actual values for the Doppler project and config you want. Set YOUR_USUAL_COMMAND_HERE to whatever you had been running in the command section previously.


Amazing Work!

Now you are all set up on GitPod. Every time a new workspace is created, it will automatically have Doppler installed and configured for you!