Managing Secrets in Docker Compose – A Developer's Guide

[ldng]

That is very debatable. It depends on ones assessment on the risk of passively leaking a file on a poorly cleaned up "cloud" disk is lower or higher from an actual intruder getting access to environment variable.