/ruby-doppler-env

Automatically inject Doppler secrets as environment variables for use during local development.

Primary LanguageRubyApache License 2.0Apache-2.0

doppler-env

The doppler-env gem automates the injection of Doppler secrets as environment variables into any Ruby application and works in the terminal, RubyMine, and Visual Studio Code.

NOTE: This is not meant to be used in production deployments. For production deployments, we recommend using our Integrations or our standard run methods for Docker and CLI.

Motivation

The Doppler CLI provides the easiest method of injecting secrets into your application:

doppler run -- ruby app.rb

But when debugging with RubyMine or Visual Studio Code, a vendor-specific Ruby entry-point is used, preventing the Doppler CLI from acting as the application runner. At Doppler, we go to great lengths to prevent secrets ending up on developer's machines so downloading secrets to a .env file wasn't an option.

You can replicate dotenv gem behavior by requiring doppler-env in your project to inject Doppler secrets.

Setup

Ensure you have installed the Doppler CLI locally and have created a Doppler Project. Then authorize the Doppler CLI to retrieve secrets from your workplace by running:

doppler login

Then add doppler-env to your Bundler Gemfile:

gem "doppler-env"

Configuration

Rails

For Rails applications, all you need to do is require doppler-env in your config/environments/development.rb file:

require "doppler-env/load"

Make sure it's the first require in that file.

General

First, require doppler-env in your project. Make sure it's required and loaded before any other libraries. To do this you can require the library and manually call Doppler.load:

# will cause your Doppler secrets to get injected into ENV for your application,
# but will not override any pre-existing ENV variables.
require "doppler-env"
DopplerEnv.load

or

require "doppler-env/load"

You can also force it to override pre-existing ENV variables with:

require "doppler-env"
DopplerEnv.load!

After you have the library loading in your application, you need to configure which secrets to fetch for your application by either using the CLI in the root directory of your application:

doppler setup

or by setting the DOPPLER_PROJECT and DOPPLER_CONFIG environment variables in your debug configuration within RubyMine or Visual Studio Code.

Now whenever the Ruby interpreter is invoked for your application, secrets will be injected prior to your application being run:

ruby app.rb

[doppler-env]: DOPPLER_ENV environment variable set. Fetching secrets using Doppler CLI.
[doppler-env]: Secrets loaded successfully:
[doppler-env]:   {"DOPPLER_CONFIG"=>"dev", "DOPPLER_ENVIRONMENT"=>"dev", "DOPPLER_PROJECT"=>"example"}

In restrictive environments where the use of the Doppler CLI isn't possible, set a DOPPLER_TOKEN environment variable with a Service Token to fetch secrets directly from the Doppler API:

ruby app.rb

[doppler-env]: DOPPLER_TOKEN environment variable set. Fetching secrets from Doppler API.
[doppler-env]: Secrets loaded successfully:
[doppler-env]:   {"DOPPLER_CONFIG"=>"dev", "DOPPLER_ENVIRONMENT"=>"dev", "DOPPLER_PROJECT"=>"example"}

Acknowledgements

This approach to injecting environment variables was inspired by dotenv.

Issues

For any bug reports, issues, or enhancements, please create a repository issue.

Support

You can get support in the Doppler community forum, find us on Twitter, and for bugs or feature requests, create an issue on the DopplerHQ/ruby-doppler-env GitHub repository.

If you need help, either use our in-product support or head over to the Doppler Community Forum to get your questions answered by a member of the Doppler support team or