I was wondering if there is a way to mount Doppler credentials from my host machine into a Docker container when I’m logged in using the CLI on my host machine?
I use a lot of docker containers during development and was wondering if there is an easier way to do this rather than creating service tokens every time I want to use doppler in a container.
Similar to how we can mount aws credentials onto a docker container by mounting the ~/.aws directory.
Hey Pranav,
There’s a few different options covered in our docs, but if I understand you correctly, you want to use your CLI token so it can work in any project/container?
If so, the only drawback here is that you’ll need to specify the project and config to use as part of the doppler run command.
For example, using this Dockerfile which puts the doppler run command in the CMD:
FROM alpine
RUN (curl -Ls https://cli.doppler.com/install.sh || wget -qO- https://cli.doppler.com/install.sh) | sh
CMD ["doppler", "run", "--", "your-command"]
You simply need to pass in the CLI token and override the CMD to include the --project and --config options:
docker run --rm \
-e DOPPLER_TOKEN=$(doppler configure get token --plain) \
your-image \
doppler run --project your-project --config dev -- your-command
If you’re using the ENTRYPOINT form:
FROM alpine
RUN (curl -Ls --tlsv1.2 --proto "=https" --retry 3 https://cli.doppler.com/install.sh || wget -t 3 -qO- https://cli.doppler.com/install.sh) | sh
ENTRYPOINT ["doppler", "run", "--"]
CMD ["your-command"]
Then you’ll need to override ENTRYPOINT and CMD:
docker run --rm -it \
-e DOPPLER_TOKEN=$(doppler configure get token --plain) \
--entrypoint /usr/local/bin/doppler \
your-image \
run --project your-project --config dev -- your-command
Does that answer your question?
I also should’ve stated that the reason you can’t mount the ~/.doppler directory from your host into the container is that we store credentials in the keyring of your OS.
