turbot/doppler

GitHub
steampipe plugin install dopplersteampipe plugin install doppler

Doppler + Steampipe

Doppler is a cloud-native secrets management platform that securely centralizes and automates the management of sensitive data across teams and applications.

Steampipe is an open source CLI to instantly query cloud APIs using SQL.

List your Doppler secrets:

select
project,
config_name,
secret_name,
secret_value_computed
from
doppler_secret;
+---------------------+-------------+---------------------+-----------------------+
| project | config_name | secret_name | secret_value_computed |
+---------------------+-------------+---------------------+-----------------------+
| plugin-test-project | dev_aws | DOPPLER_PROJECT | plugin-test-project |
| plugin-test-project | stg_aws | DOPPLER_CONFIG | stg_aws |
| plugin-test-project | sandbox | DOPPLER_CONFIG | sandbox |
| plugin-test-project | sandbox | DOPPLER_ENVIRONMENT | sandbox |
| plugin-test-project | prd | DOPPLER_CONFIG | prd |
| plugin-test-project | prd | DOPPLER_PROJECT | plugin-test-project |
| plugin-test-project | prd | DOPPLER_ENVIRONMENT | prd |
+---------------------+-------------+---------------------+-----------------------+

Documentation

Quick start

Install

Download and install the latest Doppler plugin:

steampipe plugin install doppler

Credentials

ItemDescription
CredentialsDoppler requires a project ID and an Doppler Token
PermissionsThe permission scope of access tokens is limited to the projects or environments based on token type.
RadiusEach connection represents a single doppler Installation.
Resolution1. Credentials explicitly set in a steampipe config file (~/.steampipe/config/doppler.spc)
2. Credentials specified in environment variables, e.g., DOPPLER_TOKEN and DOPPLER_PROJECT_ID.

Configuration

Installing the latest doppler plugin will create a config file (~/.steampipe/config/doppler.spc) with a single connection named doppler:

Configure your account details in ~/.steampipe/config/doppler.spc:

connection "doppler" {
plugin = "doppler"
# A token, either a personal or service token is required for requests. Required.
# For setting a token see instructions at https://docs.doppler.com/reference/auth-token-formats
# This can also be set via the `DOPPLER_TOKEN` environment variable.
# token = "dp.pt.BBS2eoMYCQW6fLv2fghbdsjbaczdsffdeBSaap887Xkbdsa"
# The ID of a project within a workplace is required for requests. Required.
# This can also be set via the `DOPPLER_PROJECT_ID` environment variable.
# project_id = "example-project"
}

Alternatively, you can also use the standard Doppler environment variables to obtain credentials only if other arguments (token and project_id) are not specified in the connection:

export DOPPLER_TOKEN=dp.pt.abcdVDI7jCoV92ylJS9yXYZO5CZRiGm0WWWnZgsZZih
export DOPPLER_PROJECT_ID=plugin-test-project

Get involved