As the year winds down and the chill sets in, we're heating things up with new updates. Dive in to discover how we're keeping your productivity hot even as the temperatures drop!

‍

Create Personal Configs

The manual handling of personal branches for development often leads to a host of challenges. Teams frequently grapple with the cumbersome process of creating and deleting these branches, and resolving conflicts in config names. We often hear the need for more granular permissions so developers can’t see each other’s personal secrets. This not only consumes valuable time but also introduces potential for errors, confusion, non-ideal security stances, and inefficiencies, hindering both individual and team productivity.

Personal Configs are now available to users on all plans and are designed to alleviate these pain points by automatically creating a branch config for each developer that has access to that environment, such as the dev environment. This personal config is private, accessible only to that developer. Personal configs will also help standardize onboarding by allowing you to add a doppler.yaml file to your repo with dev_personal to auto-configure the Doppler CLI in development.

With Personal Configs automatically enabled in all new dev environments by default, the tedious tasks of manual creation, deletion, and conflict resolution of personal branches are a thing of the past. This not only streamlines your workflow but also bolsters security and individual efficiency, ensuring a smoother, more personalized, and conflict-free config management experience. Check out our documentation for more details and also learn how to enable Personal Configs on existing environments.

Manage Dismissed Secrets

In dynamic team environments, keeping track of dismissed secrets can be a significant challenge, especially when multiple engineers are involved. It's easy for important details to be overlooked when a secret is dismissed and forgotten, leading to potential gaps in project management and security.

To address this, we've introduced the ability to view and 'undo' dismissed secrets. This enhancement brings back crucial oversight, allowing you to easily manage and reintroduce previously dismissed secrets into the 'Action Required' section as well as a new Managed Dismiss Secrets option in the menu on each environment of a project. It's a vital step towards ensuring transparency and efficiency in your team's secrets management, keeping your projects streamlined and secure. Go the secrets editor page in a config to try it for yourself.

What else have we been up to?

• Creating a new role is now simpler with the ability to copy permissions from any existing built-in role. You can also compare the permissions of any role with those of another aiding in more precise access control.
• We’ve added new native sync integrations for Deno Deploy and Harness, making it even easier to manage your secrets within partner ecosystems.
• Kubernetes Operator v1.5.0 has been released with added support for syncing subsets of secrets from Doppler configs via a new secrets property.
• We've fixed a Preview Branch pagination issue with our Vercel integration sync that limited you to choosing from the first 20 branches. All preview branches are now selectable!
• Links in the Integration area of Workplace Settings now take you to the sync management page where you'll find the sync in question, improving workflow efficiency.
• Fixed an issue which was preventing AWS Postgres rotated secret integrations from being reconnected.
• Our React migration is in the final stages with our Integrations page now migrated to React. This expands on our commitment to improving site page performance.
• Fixed an issue where CircleCI syncs would fail with an Unknown Error (400) when attempting to sync to a standalone CircleCI organization with no external VCS attached.
• Improved secret value validation for AWS Parameter Store syncs enhancing visibility of potential issues and workflows.
• Enhanced sync integration error handling for both GitHub Actions and Vercel improving reliability.

Fall is in the air, and we're falling head over heels for our latest product updates and features. Keep reading to harvest the benefits of what we've been cultivating.

Generate Secrets

There’s a new significant enhancement to your Doppler dashboard—the ability to generate secret values directly within the platform. You can now create secure, random secrets without the need to switch between different tools. Simply hover over the secret, then click the 'Generate' button in the action bar. This feature not only simplifies the secret generation process, but it also streamlines secret management for your entire team, centralizing the creation and access of secrets all in one convenient location.

Centralized View of Syncs

You now have centralized visibility of all your integration syncs directly from the Settings page. Gone are the days of clicking into each individual project and drilling down further to find out where your syncs are set up. Now, you can see all this information in one consolidated view, right from Settings. This update not only saves you time but also provides a clearer, more efficient way to view all of your syncs and their status.

Enhanced Secret Search

We've supercharged our global search functionality, located conveniently in the top navigation bar, to allow you to search for secrets by name across your entire Workplace. This isn't just a tweak; it's an enhancement designed to make using Doppler more efficient and user-friendly. No more sifting through projects or environments—find exactly what you're looking for, right when you need it, all from one central location. And we've got some even bigger search improvements on the way!

‍

What Else Have We Been Up To?

• We’ve added new native sync integrations for Deno Deploy and Harness, making it even easier to manage your secrets within partner ecosystems.
• Terraform Doppler Provider v1.3.0 is live with support for terraform import along with new resources for managing Doppler groups, service accounts, and project access.
• Updated our AWS Secret Manager integration to allow you to configure Doppler to sync secrets with tags.
• For Team and Enterprise Workplaces using Terraform, we’ve enhanced your experience by doubling the Read Rate Limits on each plan.
• Introduced the capability to permanently redact previous versions of secrets from the version history tab for heightened security and compliance.
• The Workplace Billing page has been updated to allow you to add or update your billing address and Tax ID, such as a European VAT Number, directly—making invoice handling more efficient and compliant.
• As part of our ongoing effort to improve the user experience in Doppler, we've migrated our Users and Tokens pages to React, resulting in faster load times and enhanced responsiveness for more efficient secrets management.
• We've rolled out several new API endpoints, enabling you to fetch and manage individual or custom roles, manage groups, project roles, project members, and handle service accounts with ease.
• Managing members access to environments is now easier with our switch from a column view to a dropdown view, showing all environments available for you to choose from.
• Added an option to disable machine restarts for Fly.io integration syncs, allowing you to have full control over your service’s restart behavior.
• You can now easily search and sort projects by name in the dashboard, making it easier to find what you need.
• Fixed an issue with our DigitalOcean integration where empty env var values would break the sync.
• We've enhanced our webhook capabilities. You can now configure webhooks at the config level within each environment, giving you granular control over event triggers.
• You’ll now see project and config information in API responses when listing an integration’s syncs.
• We've separated Custom Roles into workplace and project categories for a more streamlined user experience.
• To elevate your Netlify sync experience, we've added support for 'all contexts,' enabling seamless synchronization across multiple environments.
• We've enhanced your controls by adding the ability to edit project access for groups and service accounts directly from their details page, simplifying user and service accounts management.

• Doppler Kubernetes Operator v1.4.0 has been released with support for all Kubernetes managed secret types and custom name mapping.
• We’ve added Discord as a notification service via the Discord Slack-compatible webhook. This will allow workplaces to send workplace Activity Logs to a Discord channel. Learn more about our Discord service.
• Added a native Bitbucket sync integration to use with Bitbucket Cloud Pipelines.
• Added a sync integration for Hasura Cloud.
• Added the ability to manage projects from the user detail page. This will allow Admins and Owner roles to manage project access for a specific user in one central place. Learn more about team management.
• Added a new API endpoint for listing service accounts. Learn more about Service Accounts.
• We’ve improved the design and experience on a workplace’s Billing page. We’ve eliminated the tabbed design that separated information and moved to a single-pane view for easier management and allow for easier access to past invoices. There’s more planned for this page, so stay tuned.
• Updated reserved secret names for our Heroku integration sync to include the secrets injected by the Heroku Dyno Metadata labs feature. Learn more about our Heroku integration.
• Fixed an issue where some workplaces were showing Trial Expired when they were on a plan in good standing.

We’ve launched Service Accounts on our Team and Enterprise plans to help companies improve their programmatic experience with Doppler at scale.

Service Accounts are a cross-project authentication mechanism not associated with an individual user. Similar to Doppler users, Service Accounts can be granted project and workplace access, and will soon be compatible with groups. Under the hood, they are comprised of tokens that can be rolled or deleted anytime.

Ready to start using Service Accounts? Head over to your workplace’s “Teams” section to get started or check out our docs to learn more.

• Added a User Access Log section to the User Details page. This allows you to view which configs and active masked secrets any user has accessed.
• We’ve added a new Cloudflare Pages integration. Users can now sync secrets between Doppler and Cloudflare Pages.

New

• We’ve added a tui command to the CLI for editing secrets. This lets you move faster, is even easier to work with, involves less typing, and has all of the power of the CLI behind it. Learn more about the Doppler TUI.
• Added a new keyboard shortcut, Cmd+S, to save secrets when on the Config page.

Improvement

• Implemented Copy as primary action functionality when wanting to copy secrets to prevent downloading a file to the user's filesystem.
• Released a security improvement requiring users to confirm any changes to their workplace’s billing and/or security emails. This prevents workplaces from specifying an email address they don’t control and spamming it with unwanted emails.
• Updated our CircleCI integration's validation for API tokens to account for CircleCI's new token format. Learn more about our integrations.
• Improved visibility of user plan limits for the Developer plan when adding the 6th user to their team. Learn more about our plans and pricing.

• Windows users have been asking us to rethink how our CLI is installed on Windows machines - improving the speed to installation and increasing efficiency. We had been blocked by our tooling support on this but had never forgotten about it. We are excited to announce that we have now added support for Winget to install our CLI using winget install doppler. Learn more about the Doppler CLI.
• Added a new API endpoint for listing a workplace’s currently configured integrations. Learn more about the Integrations List endpoint.

New

• Users can now click to reveal masked secrets in Doppler. This will help limit unnecessary secret reveals and improve audibility by only logging reads for secrets we're confident were seen by a user.

Improvements

• Added support for name transforms with an update to the Terraform Cloud sync. There is now a new option when creating syncs to convert secret names to lowercase to better support Terraform variable naming conventions.