Load secrets to the container filesystem as an encrypted file at runtime.

Secrets are created in the Docker configuration and can be exposed to a service. When a secret mapping is created for a service, the secret is mounted as an encrypted file at /run/secrets on the container's host node's disk using the filename specified.

You can see in this example in the container shell how the FB_TOKEN.secret file was created at the /run/secrets path on the disk.