Doppler: A Brief Introduction to Secrets Managers

Author’s note:

This blog post walks you through the basic usage and popular integrations of Doppler, and makes a comparison between Doppler and other equivalents. Basic DevOps knowledge is required, for example, Kubernetes, kubectl, helm, minikube, 12-factor app, etc.

1 A Brief History of Secrets

1.1 Secrets in the Software Development Lifecycle (SDLC)

OK, I’ll cut to the chase and get straight to the point:

If you are in the software engineering business, you are gonna have to deal with secrets. I’m not kidding.

• When you are developing an app, the app itself might need access to a database, so it needs the password. Maybe the app talks to another API that requires authentication, so you need a token, which is a secret.
• When you launch your virtual machine, you might need to provide an initial password too.
• In your continuous integration system, you might want to do something in your pipeline to write something to somewhere, but that somewhere is…