steampipe plugin install dopplersteampipe plugin install doppler

Doppler + Steampipe

Doppler is a cloud-native secrets management platform that securely centralizes and automates the management of sensitive data across teams and applications.

Steampipe is an open-source zero-ETL engine to instantly query cloud APIs using SQL.

List your Doppler secrets:

select
  project,
  config_name,
  secret_name,
  secret_value_computed
from
  doppler_secret;

+---------------------+-------------+---------------------+-----------------------+
| project             | config_name | secret_name         | secret_value_computed |
+---------------------+-------------+---------------------+-----------------------+
| plugin-test-project | dev_aws     | DOPPLER_PROJECT     | plugin-test-project   |
| plugin-test-project | stg_aws     | DOPPLER_CONFIG      | stg_aws               |
| plugin-test-project | sandbox     | DOPPLER_CONFIG      | sandbox               |
| plugin-test-project | sandbox     | DOPPLER_ENVIRONMENT | sandbox               |
| plugin-test-project | prd         | DOPPLER_CONFIG      | prd                   |
| plugin-test-project | prd         | DOPPLER_PROJECT     | plugin-test-project   |
| plugin-test-project | prd         | DOPPLER_ENVIRONMENT | prd                   |
+---------------------+-------------+---------------------+-----------------------+

Documentation

Table definitions & examples →

Quick start

Install

Download and install the latest Doppler plugin:

steampipe plugin install doppler

Credentials

Item	Description
Credentials	Doppler requires a `project ID` and an Doppler Token
Permissions	The permission scope of access tokens is limited to the projects or environments based on token type.
Radius	Each connection represents a single doppler Installation.
Resolution	1. Credentials explicitly set in a steampipe config file (`~/.steampipe/config/doppler.spc`) 2. Credentials specified in environment variables, e.g., `DOPPLER_TOKEN` and `DOPPLER_PROJECT_ID`.

Configuration

Installing the latest doppler plugin will create a config file (~/.steampipe/config/doppler.spc) with a single connection named doppler:

Configure your account details in ~/.steampipe/config/doppler.spc:

connection "doppler" {
  plugin = "doppler"

  # A token, either a personal or service token is required for requests. Required.
  # For setting a token see instructions at https://docs.doppler.com/reference/auth-token-formats
  # This can also be set via the `DOPPLER_TOKEN` environment variable.
  # token = "dp.pt.BBS2eoMYCQW6fLv2fghbdsjbaczdsffdeBSaap887Xkbdsa"

  # The ID of a project within a workplace is required for requests. Required.
  # This can also be set via the `DOPPLER_PROJECT_ID` environment variable.
  # project_id = "example-project"
}

Alternatively, you can also use the standard Doppler environment variables to obtain credentials only if other arguments (token and project_id) are not specified in the connection:

export DOPPLER_TOKEN=dp.pt.abcdVDI7jCoV92ylJS9yXYZO5CZRiGm0WWWnZgsZZih
export DOPPLER_PROJECT_ID=plugin-test-project

Postgres FDW

This plugin is available as a native Postgres FDW. Unlike Steampipe CLI, which ships with an embedded Postgres server instance, the Postgres FDW can be installed in any supported Postgres database version.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_postgres_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/postgres.sh)" -- doppler

The installer will prompt you for the plugin name and version, download and install the appropriate files for your OS, system architecture, and Postgres version.

To configure the Postgres FDW, you will create an extension, foreign server, and schema and import the foreign schema.

CREATE EXTENSION IF NOT EXISTS steampipe_postgres_doppler;
CREATE SERVER steampipe_doppler FOREIGN DATA WRAPPER steampipe_postgres_doppler OPTIONS (config '<your_config>');
CREATE SCHEMA doppler;
IMPORT FOREIGN SCHEMA doppler FROM SERVER steampipe_doppler INTO doppler;

SQLite Extension

This plugin is available as a SQLite Extension, making the tables available as SQLite virtual tables.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_sqlite_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/sqlite.sh)" -- doppler

The installer will prompt you for the plugin name, version, and destination directory. It will then determine the OS and system architecture, and it will download and install the appropriate package.

To configure the SQLite extension, load the extension module and then run the steampipe_configure_doppler function to configure it with plugin-specific options.

$ sqlite3
sqlite> .load ./steampipe_sqlite_extension_doppler.so
sqlite> select steampipe_configure_doppler('<your_config>');

Export

This plugin is available as a standalone Export CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- doppler

You can pass the configuration to the command with the --config argument:

steampipe_export_doppler --config '<your_config>' <table_name>