It’s not exactly what you’re looking for, but as an intermediate option, you may want to look into docker user namespaces.
https://docs.docker.com/engine/security/userns-remap/
It effectively transforms the containers’ root user into a non-root user outside the container (e.g. for filesystem accesses).
In cryptography, there’s a difference between “secrets” (like passwords and encryption keys), and hiding / obscuring something (like steganography or changing your web server to run on a different port)