Docs: Add instructions on how to specify and use secrets

[kimdre]

Secrets should never be committed to your Git Repositories.

Instead either

• use secret files and bind/mount them to a specifc directory/destination inside the doco-cd container so you can access them in your deployments: https://docs.docker.com/compose/use-secrets/
• or use docker secrets and let docker store the secrets for you: https://docs.docker.com/engine/swarm/secrets/ or Docker Secrets : Beginners Guide

Maybe also add support for SOPS to the app so that sensitive data can be stored encrypted directly in the Git Repo? Since SOPS is also written in Go, the package could easily be integrated in the app.

[maxexcloo]

I think it would be cool to be able to assign secrets using the tool - I currently push docker secrets to the server using terraform (they’re generated there) and it would be nice to read them out using this tool to avoid having to mess around with the images themselves - not sure how this would work though, what was your idea for the second option?

[kimdre]

Currently you can use these examples to use secrets:

• https://docs.docker.com/compose/use-secrets/
• https://stackoverflow.com/a/42151570