I am trying to deploy stacks using build-in secret management. I understand why secrets are not exposed as ENV vars, so:
What is the recommended way to use secrets in services not ready to read it from files?
As I understand a custom
entrypoint.sh could read the file then export the secret as ENV var, but this approach:
- is as unsafe as using ENVs directly
- will require to manually customize mostly of images out there