Upvoted because it's the only answer that mentions that --env-file is the most secure option; you can have a script to run a Docker image checked into VC, but an env file ignored by VC with your credentials in it. I have a different take on this. I could do https://mudanafrete52950.ambien-blog.com/38659887/the-ultimate-guide-to-caminhao-munck