Docker Secret concept - non cluster requirement

Hello there all,

Could anyone guide me on Docker secret concept? following my observation.

Docker secret required swarm mode to be enabled. But I am not seeing that as a problem when we have monolithic containers not joining any cluster. By default, swarm mode enables a manager, and it has the capability to encrypt/decrypt the secrets. Also, I could see we can control access the secret to specific services.

Any suggestion on using Docker secret as part of non clustered join docker instance. We have a problem in securing the secrets for an image. I don’t see runtime supplying the secret to environment variables as a good choice, as it accidentally leaks thru logging.

No HSM, no Vault allowed due to memory constraints in our solution.

Any suggestion would be appreciated :). How to secure/ supply secret as part of Docker.