Skip to main content

Doppler Real Webhook Runbook

Status: Requires Authorization Audience: Operators Priority: P0

Objective

Validate Doppler internal package with real Doppler webhook payloads.

Prerequisites

  • ✅ Doppler internal package deployed to production
  • ✅ Authorization to perform real webhook validation
  • ✅ Doppler API token
  • ✅ Target webhook endpoint URL

Validation Steps

Step 1: Get Doppler Webhook Data

Get Doppler webhook data:

# From Doppler API
curl -X GET https://api.doppler.com/v3/configs/config-id/secrets

Sample webhook payload:

{
"event": "secret.changed",
"project": "my-app",
"env": "production",
"secret": "DATABASE_PASSWORD",
"changed_at": "2026-06-24T10:00:00Z"
}

Step 2: Send Doppler Webhook

Send webhook to endpoint:

curl -X POST https://your-domain.com/webhooks/doppler -H "Content-Type: application/json" -H "Authorization: Bearer YOUR_TOKEN" -d '{
"event": "secret.changed",
"project": "my-app",
"env": "production",
"secret": "DATABASE_PASSWORD",
"changed_at": "2026-06-24T10:00:00Z"
}'

Check:

  • ✅ Status code is 200
  • ✅ Response is "Success"

Step 3: Verify Delivery to Target

Verify delivery:

curl -X GET https://api.config-logs.com/events?event_id=12345

Check:

  • ✅ Delivery received
  • ✅ Payload matches input
  • ✅ Status code is 200

Step 4: Review Output

Review output:

cat output.json

Expected output:

{
"destination": "config-logs",
"event_type": "secret.changed",
"timestamp": "2026-06-24T10:00:00Z",
"payload": {
"event": "secret.changed",
"project": "my-app",
"env": "production",
"secret": "DATABASE_PASSWORD",
"changed_at": "2026-06-24T10:00:00Z",
"processed_at": "2026-06-24T10:00:00Z"
}
}

Step 5: Validate Against Contract

Validate against contract:

zen package validate doppler-internal --test-data=test-data.json

Check:

  • ✅ Event type matches contract (secret.changed)
  • ✅ Payload matches contract schema
  • ✅ No validation errors

Step 6: Generate Evidence

Generate evidence:

zen package evidence doppler-internal --output=json

Evidence includes:

  • Webhook delivery traces
  • Output traces
  • Validation results
  • Comparison with goldens

Exit Codes

Exit CodeDescription
0Validation successful
1General error
2Authentication error
3Validation error
4Authorization error

Successful Validation

Validation is successful when:

  • ✅ Exit code is 0
  • ✅ Webhook received
  • ✅ Delivery successful
  • ✅ Output format correct
  • ✅ Output matches golden
  • ✅ No validation errors