Add Doppler CLI shell plugin#562
Open
CodeByZach wants to merge 1 commit into
Open
Conversation
Authenticate the Doppler CLI using Touch ID and other unlock options with 1Password Shell Plugins. The plugin supports: - Personal Access Token authentication - Environment variable import from DOPPLER_TOKEN - Automatic provisioning as DOPPLER_TOKEN - CLI authentication detection Signed-off-by: Zachary Miller <codebyzach@gmail.com>
Author
|
Friendly follow up |
1 similar comment
Author
|
Friendly follow up |
|
Kindly following up |
scottisloud
requested changes
Jun 19, 2026
scottisloud
left a comment
scottisloud
left a comment
Contributor
There was a problem hiding this comment.
Thanks for putting this together — the overall plugin structure looks right, and using DOPPLER_TOKEN matches the Doppler CLI docs.
A few things I'd like to see before we merge:
- Remove
plugins/plugins.gofrom the PR. That file is generated bymake registryand is gitignored in this repo. Adding it will conflict with other plugin changes; CI/maintainers regenerate it when needed. - Align naming with the token type you're modeling. The file is
service_token.goand the constructor isServiceToken(), but the credential usescredname.PersonalAccessToken, the description says "Personal Token", and the prefix isdp.pt.(personal). Please rename to match (e.g.personal_access_token.go/PersonalAccessToken()) or split credentials if you intend to support both. - Fix the management URL.
https://dashboard.doppler.com/workplace/<workplace-id>/tokens/personalwon't work as a link — use a real dashboard or docs URL without placeholders. - Service tokens (
dp.st.). Doppler documents service tokens as the common choice for non-interactive use viaDOPPLER_TOKEN(token formats). Right now the schema only acceptsdp.pt.. Could you add support for service tokens (second credential or broader composition) or call out clearly if this plugin is personal-token-only?
nit: consider adding a fixed length hint (40–44 chars after the prefix) per Doppler's format docs, and a config-file importer for ~/.doppler if you want smoother imports after doppler login.
Happy to take another look once these things are addressed! :)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Overview
This PR adds a shell plugin for the Doppler CLI, enabling secure authentication using 1Password and biometric unlock.
The plugin allows Doppler CLI users to:
DOPPLER_TOKENType of change
Related Issue(s)
N/A
How To Test
Build and install the plugin:
Initialize the plugin:
op plugin init doppler
Test authentication:
doppler me
You should be prompted to paste your Doppler Personal Access Token and save it to 1Password.
Verify biometric auth works:
doppler projects list
Changelog
Authenticate the Doppler CLI using Touch ID and other unlock options with 1Password Shell Plugins.