If I need to pass secrets as args (in a Dockerfile) and include them in run commands, these will be printed to the build logs, which isn't secure. Is there a way to suppress certain commands from being printed to the build logs?