doppler-workflows | devops-tools | ClaudePluginHub

Skill

Community

doppler-workflows

From devops-tools

1

Description

Manages credentials and publishing workflows via Doppler. Use when publishing Python packages to PyPI, rotating AWS credentials, or managing secrets with Doppler.

Tool Access

2 tools

Limited to specific tools

Supporting Files

6 files

Additional assets for this skill

Tool Access

This skill is limited to using the following tools:

ReadBash

Supporting Assets

AWS_SPECIFICATION.yaml

AWS_WORKFLOW.md

PYPI_REFERENCE.yaml

references/aws-credentials.md

references/multi-service-patterns.md

references/pypi-publishing.md

Skill Content

name: doppler-workflows description: Manages credentials and publishing workflows via Doppler. Use when publishing Python packages to PyPI, rotating AWS credentials, or managing secrets with Doppler. allowed-tools: Read, Bash

Doppler Credential Workflows

Quick Reference

When to use this skill:

Publishing Python packages to PyPI
Rotating AWS access keys
Managing credentials across multiple services
Troubleshooting authentication failures (403, InvalidClientTokenId)
Setting up Doppler credential injection patterns
Multi-token/multi-account strategies

Core Pattern: Doppler CLI

Standard Usage:

doppler run --project <project> --config <config> --command='<command>'

Why --command flag:

Official Doppler pattern (auto-detects shell)
Ensures variables expand AFTER Doppler injects them
Without it: shell expands $VAR before Doppler runs → empty string

Quick Start Examples

PyPI Publishing

doppler run --project claude-config --config dev \
  --command='uv publish --token "$PYPI_TOKEN"'

AWS Operations

doppler run --project aws-credentials --config dev \
  --command='aws s3 ls --region $AWS_DEFAULT_REGION'

Best Practices

Always use --command flag for credential injection
Use project-scoped tokens (PyPI) for better security
Rotate credentials regularly (90 days recommended)
Document with Doppler notes: doppler secrets notes set <SECRET> "<note>"
Use stdin for storing secrets: echo -n 'secret' | doppler secrets set
Test injection before using: echo ${#VAR} to verify length
Multi-token naming: SERVICE_TOKEN_{ABBREV} for clarity

Reference Documentation

For detailed information, see:

Bundled Specifications:

PYPI_REFERENCE.yaml - Complete PyPI spec
AWS_SPECIFICATION.yaml - AWS credential architecture

PyPI Publishing Policy

For PyPI publishing, see pypi-doppler skill for LOCAL-ONLY workspace policy.

Do NOT configure PyPI publishing in GitHub Actions or CI/CD pipelines.

Links

GitHub Stats

0 forks

Updated 17 hours ago

Related Skills

Writing Hookify Rules

This skill should be used when the user asks to "create a hookify rule", "write a hook rule", "configure hookify", "add a hookify rule", or needs guidance on hookify rule syntax and patterns.

From hookify

frontend-design

Create distinctive, production-grade frontend interfaces with high design quality. Use this skill when the user asks to build web components, pages, or applications. Generates creative, polished code that avoids generic AI aesthetics.

From frontend-design

claude-opus-4-5-migration

Migrate prompts and code from Claude Sonnet 4.0, Sonnet 4.5, or Opus 4.1 to Opus 4.5. Use when the user wants to update their codebase, prompts, or API calls to use Opus 4.5. Handles model string updates and prompt adjustments for known Opus 4.5 behavioral differences. Does NOT migrate Haiku 4.5.

From claude-opus-4-5-migration