Add Doppler CLI shell plugin#562
Conversation
Authenticate the Doppler CLI using Touch ID and other unlock options with 1Password Shell Plugins. The plugin supports: - Personal Access Token authentication - Environment variable import from DOPPLER_TOKEN - Automatic provisioning as DOPPLER_TOKEN - CLI authentication detection Signed-off-by: Zachary Miller <codebyzach@gmail.com>
|
Friendly follow up |
1 similar comment
|
Friendly follow up |
|
Kindly following up |
scottisloud
left a comment
There was a problem hiding this comment.
Thanks for putting this together — the overall plugin structure looks right, and using DOPPLER_TOKEN matches the Doppler CLI docs.
A few things I'd like to see before we merge:
- Remove
plugins/plugins.gofrom the PR. That file is generated bymake registryand is gitignored in this repo. Adding it will conflict with other plugin changes; CI/maintainers regenerate it when needed. - Align naming with the token type you're modeling. The file is
service_token.goand the constructor isServiceToken(), but the credential usescredname.PersonalAccessToken, the description says "Personal Token", and the prefix isdp.pt.(personal). Please rename to match (e.g.personal_access_token.go/PersonalAccessToken()) or split credentials if you intend to support both. - Fix the management URL.
https://dashboard.doppler.com/workplace/<workplace-id>/tokens/personalwon't work as a link — use a real dashboard or docs URL without placeholders. - Service tokens (
dp.st.). Doppler documents service tokens as the common choice for non-interactive use viaDOPPLER_TOKEN(token formats). Right now the schema only acceptsdp.pt.. Could you add support for service tokens (second credential or broader composition) or call out clearly if this plugin is personal-token-only?
nit: consider adding a fixed length hint (40–44 chars after the prefix) per Doppler's format docs, and a config-file importer for ~/.doppler if you want smoother imports after doppler login.
Happy to take another look once these things are addressed! :)
- Rename ServiceToken -> PersonalAccessToken (models personal + CLI tokens) - Replace placeholder management URL with the dashboard URL - Add ~/.doppler/.doppler.yaml importer, filtered to dp.pt./dp.ct. - Skip auth for shell completion (__complete) and inline --token - Remove generated plugins/plugins.go from version control
|
Thanks for the review! Addressed everything:
|
|
Kindly bumping @scottisloud |
|
This will appear (along with many other recently-contributed plugins) in a future release of the 1Password CLI. |
Overview
This PR adds a shell plugin for the Doppler CLI, enabling secure authentication using 1Password and biometric unlock.
The plugin allows Doppler CLI users to:
dp.pt.or CLI tokendp.ct.) securely in 1PasswordDOPPLER_TOKENenvironment variable and the Doppler CLI config file (~/.doppler/.doppler.yaml)DOPPLER_TOKENType of change
Related Issue(s)
N/A
How To Test
You'll be prompted to import a token the plugin detects, or to paste a Doppler token (Personal or CLI) and save it to 1Password.
3. Confirm authentication works (you should get a 1Password/biometric prompt):
Changelog
Authenticate the Doppler CLI using Touch ID and other unlock options with 1Password Shell Plugins.