Pipedream

Learn how to inject Doppler secrets into your Pipedream steps.

Injecting Doppler secrets

Prerequisites

Custom Environment

As Pipedream's secrets don't necessarily fit into the typical environments, we'll create a dedicated Pipedream environment.

Head to the Project page and click Options > Create Environment, then name it Pipedream and optionally change the order of the environments.

Create a new environment

Service Token

To fetch secrets, a Doppler Service Token exposed as a DOPPLER_TOKEN environment variable is required which provides read-only access to a specific config.

Create the Service Token and copy the value to use in the proceeding step.

Generate a service token Creating a servie token

Workflow

Navigate to the Pipedream Doppler app page and click on the Connect Doppler SecretOps Platform and run button to add a new Doppler workflow.

Once configured, Doppler secrets will be exported to be used in subsequent steps.

Node.js workflow:

import { providers } from 'gitops-secrets'
 
export default defineComponent({
  props: {
    doppler_secretops: {
      type: "app",
      app: "doppler_secretops",
    }
  },
  async run({steps, $}) {
    process.env.DOPPLER_TOKEN = `${this.doppler_secretops.$auth.service_token}`;
    const secrets = await providers.doppler.fetch();
    $.export('secrets', secrets);
  },
})

Python workflow:

import os
from pipedream.script_helpers import (steps, export)
import requests

secrets = requests.get(
  'https://api.doppler.com/v3/configs/config/secrets/download?format=json', 
  auth=(os.environ['DOPPLER_TOKEN'], '')
).json()

export("secrets", secrets)
👍

Awesome Work!

Now you know how to inject Doppler secrets into your Pipedream steps.