Secure and Efficient Environment Variables with Doppler

00:00 This is another tool that I've been absolutely crazy about in the past year or so since I discovered it. It's called Doppler, and it's pretty much an environment variable vault, and a way for you to inject those environment variables directly into your node system or whatever language that you're using, in our case, Node, right?

00:19 It has an amazing CLI. It's super secure. It literally took my code bases from hood life to good life. Basically, it replaces the need for you to have an environment variable file, a .env in the case of Node users, right?

00:33 And if you think about it, that's super insecure, having to share variables over Slack or Discord or whatever, and then, oh, someone on your team changed their environment variable, and now everyone has to also make sure they changed it. Instead, with Doppler, you can manage it all in one place.

00:50 So I'm going to show you a mock project that I have here just to illustrate how it works. So basically, you have an environment. You can create as many environments as you want, and each environment, you can integrate directly either locally or with the tool you're using. So for example, you have great integrations such like Vercel.

01:08 In the case that there's no integration, you can also use Docker, which is pretty awesome, and their documentation is on point. All you have to really do is follow the installation guide. You install the CLI. You log in, which has to do the browser. I'm not going to go through that because, you know, security.

01:26 You could also just set up like your Doppler file directly, which is great. And once you have the Doppler CLI, you add this in your package station to your run script or your start script or your build script. And what that's going to do is that every time you do, for example, yarn start or an npm run start,

01:43 it's going to pull your environment variables from Doppler, and it's going to inject them directly into your Node system, right? So for example, here's what I do. I have a development environment, and we have some variables here. This is a local address, so, you know, it doesn't matter if you see it or not.

02:01 But let's say for my database URL, it's going to be in localhost 5439 slash whatsapp. That's the database URL according to my Docker file. Now what's going to happen, something cool, by the way, is that if you update this and you hit save, it gives you the ability to add it basically in every environment, right,

02:19 which is really cool in case you're adding a new secret. So let's say new secret here and then yada yada. Now, instead of having to go and add in every single environment, you could just say, OK, I'm going to add it to all my environments, right? That's pretty awesome.

02:36 So just to show you kind of how it works, I'm going to go here to the code base. In our package JSON, you can see that I've added Doppler run, the flag to this kind of like script, right? Now this is where we would be using the environment variable file.

02:53 And as you can see, I have no .env file anywhere to be seen, right? So we're going to just very simply console log database URL to kind of show you what it's doing here. I'm going to run yarn dev. You know, I have a lot of aliases.

03:10 And we could see, but here it is, right? So how cool is that? That literally this tool, since I've used it, I've been like ENV who? Like completely forgot what an ENV file is. All my team uses it. Basically, we don't have to be worrying about, oh, did you add this environment variable?

03:29 Did you change this environment variable? Because we all manage it in one single place. And to be honest, it's just super secure. Highly recommend it to everyone.