doppler-run

doppler run [options] -- command [args]

doppler run executes a command with secrets from Doppler injected as environment variables. This enables applications to access secrets without code changes or local configuration files.Secrets are fetched from the Doppler API and made available only to the executed process. The double-dash separates doppler options from the command to run.Fallback files provide resilience when Doppler is unreachable, while preserve-env prevents overwriting existing environment variables.

-- COMMAND

Command to run with injected secrets.

Configuration environment to use.

Project name.

Fallback file if Doppler unavailable.

Disable fallback behavior.

Preserve existing environment variables. Accepts a comma-separated list of specific secrets (e.g. --preserve-env="FOO,BAR") or "true" for all.

Write secrets to an ephemeral file instead of injecting into the environment. Format auto-detected from file extension.

File format for mounted secrets (e.g. json, env).

Transform secret names from UPPERSNAKECASE (e.g. dotnet-env, tf-var, lower-camel, lower-snake).

Command to execute (alternative to using -- separator).

Exit with a 0 status code when the command is interrupted (SIGINT).

Display help information.

Requires authenticated doppler CLI. Network latency affects startup time. Secrets visible in process environment. Child processes inherit secrets.

doppler run is the primary command for secrets injection in the Doppler CLI, implementing the zero-configuration secrets access that Doppler was designed to provide.

doppler(1), doppler-secrets(1), env(1)