Doppler Secrets Buildkite Plugin
A Buildkite plugin for exposing secrets from Doppler to your build steps.
Plugin State: Beta
Requirements
The doppler CLI must be installed!
Examples
The following pipeline uses a Service Token to set all secrets as environment variables.
The Service Token is set on the runner through the enviroment variable DOPPLER_TOKEN.
steps:
- command: "echo $MY_SECRET"
plugins:
- muhlba91/doppler-secrets#v1.1.0You can also directly specify the token (insecure!):
steps:
- command: "echo $MY_SECRET"
plugins:
- muhlba91/doppler-secrets#v1.1.0:
token: dp.XXXPersonal Tokens are also supported but require setting project and config:
steps:
- command: "echo $MY_SECRET"
plugins:
- muhlba91/doppler-secrets#v1.1.0:
project: project
project-config: prodIf you want to control what secrets are being exposed you can specify the variables parameter:
steps:
- command: "echo $MY_SECRET"
plugins:
- muhlba91/doppler-secrets#v1.1.0:
secrets:
- MY_SECRETWarning
The plugin does not perform variable sanitation!
Configuration
Optional
token (optional, string)
The Buildkite token to use (Service Token, or Personal Token).
Example: dp.XXX
project (optional, string)
The Doppler project to read the secrets from.
Required for Personal Tokens!
Example: project
project-config (optional, string)
The Doppler configuration within the set project to read the secrets from.
Required for Personal Tokens!
Example: prod
secrets (optional, array)
Sets the secrets to be read as environment variables.
Attention: at the moment, this forces multiple calls to Doppler, and incurs performance penalty!
Example: [ "MY_SECRET1", "MY_SECRET2" ]
License
MIT (see LICENSE)
Supporting
If you enjoy the application and want to support my efforts, please feel free to buy me a coffe. :)
seek-oss 
