Doppler Internal Package
Ownership: Community Maturity: Preview Visibility: Internal/Private Public Listing: No Canonical Layer: Data Canonical Area: Configuration Management
Overview
The Doppler internal package processes Doppler webhook events and delivers them to downstream systems. This is an internal/private package for V1 and is not part of a public marketplace.
Supported Event Types
- ✅
secret.changed - ✅
env.var.changed - ✅
config.changed - ✅
deployment.started - ✅
deployment.completed - ✅
deployment.failed
YAML/DAG Contract
package:
name: doppler-internal
version: 1.0.0
provider: doppler
visibility: internal/private
description: "Doppler webhook processing package for configuration management"
canonical_layer: data
canonical_area: configuration-management
endpoints:
- name: doppler-webhook
provider: doppler
url: https://your-domain.com/webhooks/doppler
auth: {type: bearer, token: {{DOPPLER_TOKEN}}}
events:
- secret.changed
- env.var.changed
- config.changed
- deployment.started
- deployment.completed
- deployment.failed
targets:
- name: config-logs
provider: doppler
url: https://api.config-logs.com/events
auth: {type: bearer, token: {{CONFIG_LOGS_TOKEN}}}
events:
- secret.changed
- env.var.changed
- config.changed
- deployment.started
- deployment.completed
- deployment.failed
flows:
- name: doppler-events
provider: doppler
endpoint: doppler-webhook
target: config-logs
events:
- secret.changed
- env.var.changed
- config.changed
- deployment.started
- deployment.completed
- deployment.failed
Authentication
Endpoint Authentication
auth:
type: bearer
token: {{DOPPLER_TOKEN}}
Uses Doppler API token for webhook authentication.
Target Authentication
auth:
type: bearer
token: {{CONFIG_LOGS_TOKEN}}
Uses bearer token for config logs delivery.
Fixtures
Test input data for validation.
Example: fixtures/doppler/secret/changed.json
{
"event": "secret.changed",
"project": "my-app",
"env": "production",
"secret": "DATABASE_PASSWORD",
"changed_at": "2026-06-24T10:00:00Z"
}
Goldens
Expected output data.
Example: goldens/doppler/secret/changed.json
{
"destination": "config-logs",
"event_type": "secret.changed",
"timestamp": "2026-06-24T10:00:00Z",
"payload": {
"event": "secret.changed",
"project": "my-app",
"env": "production",
"secret": "DATABASE_PASSWORD",
"changed_at": "2026-06-24T10:00:00Z",
"processed_at": "2026-06-24T10:00:00Z"
}
}
Sandbox Validation State
✅ Sandbox Validated
- All event types validated
- Authentication boundaries verified
- Output format validated against goldens
- No errors or warnings
Production Revalidation
⚠️ Pending
Full production deployment and validation requires:
- Controlled deployment to production
- Explicit approval from operators
- Production evidence collection
- Production validation against real data
Real Webhook Runbook
Runbook not yet available for production validation.
Known Nonclaims
- ❌ NOT a public marketplace package
- ❌ NOT production-validated
- ❌ NOT part of a public package listing
- ❌ NOT Zen-cross
Usage
Validate the package:
zen package validate doppler-internal
Inspect the package:
zen package inspect doppler-internal
Get package evidence:
zen package evidence doppler-internal