Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/muhlba91/doppler-secrets-buildkite-plugin

Use Doppler secrets in your Buildkite pipelines
https://github.com/muhlba91/doppler-secrets-buildkite-plugin

buildkite buildkite-plugin dopple

Last synced: about 1 month ago
JSON representation

Use Doppler secrets in your Buildkite pipelines

Host: GitHub
URL: https://github.com/muhlba91/doppler-secrets-buildkite-plugin
Owner: muhlba91
License: mit
Created: 2023-05-26T15:30:28.000Z (over 1 year ago)
Default Branch: main
Last Pushed: 2023-12-02T06:21:54.000Z (about 1 year ago)
Last Synced: 2023-12-02T07:25:55.552Z (about 1 year ago)
Topics: buildkite, buildkite-plugin, dopple
Language: Shell
Homepage:
Size: 31.3 KB
Stars: 2
Watchers: 1
Forks: 0
Open Issues: 3
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- License: LICENSE.md
- Codeowners: .github/CODEOWNERS

Awesome Lists containing this project

README

# Doppler Secrets Buildkite Plugin

[![Build status](https://img.shields.io/github/actions/workflow/status/muhlba91/doppler-secrets-buildkite-plugin/verify.yml?style=for-the-badge)](https://github.com/muhlba91/doppler-secrets-buildkite-plugin/actions/workflows/verify.yml)
[![Release](https://img.shields.io/github/v/release/muhlba91/doppler-secrets-buildkite-plugin?sort=semver&style=for-the-badge)](https://github.com/muhlba91/doppler-secrets-buildkite-plugin/releases)
[![Release date](https://img.shields.io/github/release-date/muhlba91/doppler-secrets-buildkite-plugin?style=for-the-badge)](https://github.com/muhlba91/doppler-secrets-buildkite-plugin/releases)
[![License](https://img.shields.io/github/license/muhlba91/doppler-secrets-buildkite-plugin?style=for-the-badge)](LICENSE.md)

A [Buildkite plugin](https://buildkite.com/docs/agent/v3/plugins) for exposing secrets from [Doppler](http://doppler.com) to your build steps.

**Plugin State**: Beta

---

## Requirements

The [`doppler` CLI](https://docs.doppler.com/docs/cli#installation) must be installed!

## Examples

The following pipeline uses a [Service Token](https://docs.doppler.com/docs/service-tokens) to set all secrets as environment variables.
The Service Token is set on the runner through the enviroment variable [`DOPPLER_TOKEN`](https://docs.doppler.com/docs/service-tokens#option-2-the-doppler_token-environment-variable).

```yml
steps:
- command: "echo $MY_SECRET"
plugins:
- muhlba91/doppler-secrets#v1.1.0
```

You can also directly specify the token (insecure!):

```yml
steps:
- command: "echo $MY_SECRET"
plugins:
- muhlba91/doppler-secrets#v1.1.0:
token: dp.XXX
```

Personal Tokens are also supported but require setting `project` and `config`:

```yaml
steps:
- command: "echo $MY_SECRET"
plugins:
- muhlba91/doppler-secrets#v1.1.0:
project: project
project-config: prod
```

If you want to control what secrets are being exposed you can specify the `variables` parameter:

```yml
steps:
- command: "echo $MY_SECRET"
plugins:
- muhlba91/doppler-secrets#v1.1.0:
secrets:
- MY_SECRET
```

### Warning

The plugin does not perform variable sanitation!

---

## Configuration

### Optional

#### `token` (optional, string)

The Buildkite token to use (Service Token, or Personal Token).

Example: `dp.XXX`

### `project` (optional, string)

The Doppler project to read the secrets from.

***Required*** for Personal Tokens!

Example: `project`

### `project-config` (optional, string)

The Doppler configuration within the set project to read the secrets from.

***Required*** for Personal Tokens!

Example: `prod`

### `secrets` (optional, array)

Sets the secrets to be read as environment variables.

***Attention:*** at the moment, this forces multiple calls to Doppler, and incurs performance penalty!

Example: `[ "MY_SECRET1", "MY_SECRET2" ]`

---

## License

MIT (see [LICENSE](LICENSE.md))

## Supporting

If you enjoy the application and want to support my efforts, please feel free to buy me a coffe. :)