Doppler Secrets Sync for Pipedream

Prerequisites

Created a Doppler project

Custom Environment

As Pipedream's secrets don't necessarily fit into the typical environments, we'll create a dedicated Pipedream environment.

Head to the Project page and click Options > Create Environment, then name it Pipedream and optionally change the order of the environments.

Service Token

To fetch secrets, a Doppler Service Token exposed as a DOPPLER_TOKEN environment variable is required which provides read-only access to a specific config.

Create the Service Token and copy the value to use in the proceeding step.

Workflow

Navigate to the Pipedream Doppler app page and click on the Connect Doppler SecretOps Platform and run button to add a new Doppler workflow.

Once configured, Doppler secrets will be exported to be used in subsequent steps.

Node.js workflow:

import { providers } from 'gitops-secrets'
 
export default defineComponent({
  props: {
    doppler_secretops: {
      type: "app",
      app: "doppler_secretops",
    }
  },
  async run({steps, $}) {
    process.env.DOPPLER_TOKEN = `${this.doppler_secretops.$auth.service_token}`;
    const secrets = await providers.doppler.fetch();
    $.export('secrets', secrets);
  },
})

Python workflow:

import os
from pipedream.script_helpers import (steps, export)
import requests

secrets = requests.get(
  'https://api.doppler.com/v3/configs/config/secrets/download?format=json', 
  auth=(os.environ['DOPPLER_TOKEN'], '')
).json()

export("secrets", secrets)

👍
Awesome Work!
Now you know how to inject Doppler secrets into your Pipedream steps.

Prerequisites

Custom Environment

Service Token

Workflow

👍Awesome Work!

👍
Awesome Work!