Upvoted because it's the only answer that mentions that --env-file is the most secure option; you can have a script to run a Docker image checked into VC, but an env file ignored by VC with your credentials in it. There are several factors to consider when browsing through our https://deansdnsm.blogminds.com/o-truque-inteligente-de-movimentação-de-carga-que-ninguém-é-discutindo-29707038
