Which command does BuildKit utilize to manage secrets without hard-coding them in Dockerfiles?

BuildKit, an advanced build subsystem for Docker, facilitates the management of secrets during the build process to enhance security. The command used to manage secrets without hard-coding them in Dockerfiles is "docker build --secret". This command allows developers to securely pass sensitive information, such as API keys or passwords, to the build context, ensuring that these secrets are not exposed in the final image or within the Dockerfile itself.

By utilizing "docker build --secret", developers can refer to these secrets during the build process while keeping them secure, thus preventing unauthorized access and ensuring that the sensitive information is not hard-coded into the Dockerfile, which would lead to potential security vulnerabilities. This approach aligns with best practices in secure software development and offers a streamlined way to handle secrets in multi-stage builds.

The other commands do not pertain specifically to the build process or handling secrets directly within Dockerfiles, underscoring why "docker build --secret" is the suitable choice for this scenario.