Would love to be able to mark certain secret files as build-only. I don't want to risk a runtime security bug exposing secrets that can -- for example -- clone certain private Git repositories.

I'm using the Docker builder.