It's not container hell. The container has to be [partially] recreated when the application changes. It's a miracle that it can be done this fast and one of the main selling point for using docker.
Build a new image in minutes. Deploy it in seconds.
The packaging step was 1 order of magnitude longer before there was docker. Same for the deployment step.
> Injecting secrets during build process
You can package into the image during the build process, but that's mostly for non secret stuff.
Otherwise, the way to do it is to mount files into the container, during the deployment.
e.g. mount /etc/server/key.crt to /etc/myapp/key.crt
It's not container hell. The container has to be [partially] recreated when the application changes. It's a miracle that it can be done this fast and one of the main selling point for using docker.
Build a new image in minutes. Deploy it in seconds.
The packaging step was 1 order of magnitude longer before there was docker. Same for the deployment step.
> Injecting secrets during build process
You can package into the image during the build process, but that's mostly for non secret stuff.
Otherwise, the way to do it is to mount files into the container, during the deployment.
e.g. mount /etc/server/key.crt to /etc/myapp/key.crt