The docker-compose secrets are an important feature in terms of securing and industrializing deployments. Be sure to never commit your own secrets to a repository, and keep them ... secrets ^_^.
Files are committed here, but it's an example.
Here is the doc from docker : https://docs.docker.com/engine/swarm/secrets/