Issue
When pushing container images to the Heroku registry, how are these secured?
Resolution
Docker images hosted in our container registry can only be accessed by collaborators on the app that you're pushing images for. There are no other sharing mechanisms available. Under certain circumstances, Heroku staff can access these subject to our policies and internal controls, for example when a customer requests assistance with diagnosing an issue involving the container runtime.
Instead of storing sensitive data in the image itself, we recommend that you use configuration variables as these provide an easier option for rotating credentials etc. without having to rebuild and redeploy the image. The ENV command in the container image is intended for configuring the runtime, not providing access to resources, when running on Heroku.