Solution 1:

Docker won't know it. For example, if I made a script that says:

#!/bin/sh

if [ -n "$SUPER_SECRET_VAR" ]; then
  echo "Super secret mode enabled"
else
  echo "Hello world"
fi

And packaged that inside of a container, there's nothing in the docker packaging that requires you to tell docker about $SUPER_SECRET_VAR and since docker can package apps written in lots of languages, there's no universal way to parse every possible application to extract this.

You're left with:

  1. Reading the docs on the image/application.
  2. Reading the scripts, particularly the entrypoint script.
  3. Reading the code.