Hello John, thanks a lot. Yeah you are completely right, but through the deployment file you can choose which secrets you want to use in the FE docker instance. And while FE only working in browser the developer should be careful about which secrets that can be used and exposed in an FE project.
Or maybe we should find a way to encrypt these variables and decrypt them using FE code. But again it’s not that safe.
That solution actually helped me a lot for some parameters that is not so secret especially when I have multiple environments and CI/CD working on these environments. Like urls, Facebook application id only … etc