dotenv-org
How does this compare to doppler?
Our team currently uses doppler team plan for managing secrets. How does this project compare to that one? What kinds of integrations are available?
Hi @smac89,
Like Doppler, there is a CLI and UI to manage your secrets. Like Doppler, you can add your team and control access to different environments. Unlike Doppler, this project extends the .env file format rather than doing away with it.
Doppler has more integrations. Here's Dotenv's:
However, many teams use the command npx dotenv-vault pull --dotenvME yourDevOpsToken to get around this limitation. They deploy their secrets to places like Kubernetes and custom infra.
What integrations does your team need?
Dotenv is free for small teams and $4/person per month for teams larger than three people.
@motdotla the slack integration for dotenv, does it support pulling secrets from the vault using slack commands, or is it like doppler which only uses slack to display a log of who changed what in the secrets?
It would be nice to be able to view secrets on-the-go rather than depending on the command line. Doppler's slack integration only serves to notify us of when someone changes a config, which is not really that useful.
@smac89 interesting. It is similar right now - it tells you when a config was changed and who changed it.
Can you tell me more about that situation - where you need to view a value on the go?
@motdotla at least being able to see what the change was, from slack would be nice. Like I said, doppler just tells us that a secret was changed...but changed to/from what? I now have to dig into the commandline or open the doppler website to be able to see this.
Being able to download secrets via slack could also be useful when working on a machine other than your dev machine. If I had a need to work on a ticket while away from my dev machine (like say I'm travelling or working from home), it would be nice to instead of having to go through the process of login and setting up a new project, and finally pulling down the configs, I can just type a command in slack, and a bot (dotenvBot?) answers me with just the configurations I needed for a specific environment/project; This way, all I need is to clone the project and without having to install the dotenv cli, I still have access to the configs on-the-go.
Finally, the case of sharing configs with teammates/management. I think it would be much easier if I can instruct some bot to send a particular config as an attachment to another user, rather than having to use the commandline to download it first, then attach it and send. This use-case doesn't come up often, but when it does, I'm always reminded how limited the slack support is for doppler. Doppler has something similar to this via https://share.doppler.com/, but it is very generic.
At least being able to see what the change was, from slack would be nice.
Dotenv's integration does that.
Being able to download secrets via slack could also be useful when working on a machine other than your dev machine..
Great example. Makes sense. Adding to our todos.
Finally, the case of sharing configs with teammates/management. I think it would be much easier if I can instruct some bot to send a particular config as an attachment to another user, rather than having to use the commandline to download it first..
Doesn't the teammate have Doppler though too? Don't they just pull the config the same way you do? Why would you need to send it to them?
@motdotla
Doesn't the teammate have Doppler though too? Don't they just pull the config the same way you do? Why would you need to send it to them?
This one might just be specific to us, but we often have people coming from other teams to integrate a specific feature they've worked on previously. (Most of the products we build are related in some way, so we often reuse those components). In that case they don't have access to doppler (or aren't using doppler in their team), but still need the configs just to start a local development build... If you're wondering why all teams don't just use doppler, the first answer is that it is expensive. The second answer is that only recently did one team (the one I'm with) make the leap to use configuration management tools. The other teams have their (manual) ways of managing configs which works for them, so we tend to just keep it that way.
@smac89 All very logical.
Like Doppler, we're hesitant to make it easy to share over Slack and Email - since .env files tend to get littered everywhere on those platforms.
But unlike Doppler, we do have a solution. At least, I think it is a good solution for you.
Use Dotenv's External Share integration.
Your external team can run that curl command and always have the latest .env file.
And when you are ready to remove access, just delete the integration.
What I see with dotenv vault and not in Doppler, is that dotenv-vault use an encrypted file that you are publishing in the code source so you don't have to make a network request to fetch your envs. For doppler you need to make a fetch request to fetch your envs.
It mean that you do not have any network request and then you are not dependent on the online status of dotenv-vault (If they are down you will still be able to decrypt your envs because you have the file and your secret key) This is one thing that make me use dotenv-vault
I'm speaking for the production environment here not local or dev.
