diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml
index f16f6b5..283fc29 100644
--- a/.github/workflows/docker.yml
+++ b/.github/workflows/docker.yml
@@ -50,9 +50,9 @@ jobs:
           push: true
           tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}
-        env:
-          SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
-          SENTRY_PROJECT: ${{ secrets.SENTRY_PROJECT }}
+          secrets: |
+            SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
+            SENTRY_PROJECT: ${{ secrets.SENTRY_PROJECT }}
 
       # This step generates an artifact attestation for the image, which is an unforgeable statement about where and how it was built. It increases supply chain security for people who consume the image. For more information, see "[AUTOTITLE](/actions/security-guides/using-artifact-attestations-to-establish-provenance-for-builds)."
       - name: Generate artifact attestation
diff --git a/Dockerfile b/Dockerfile
index 11c0a9d..846169a 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -15,7 +15,11 @@ RUN --mount=type=cache,id=pnpm,target=/pnpm/store pnpm install --frozen-lockfile
 
 FROM build-deps AS build
 COPY . .
-RUN export $(cat .env.example) && export DOCKER=true && pnpm run build
+RUN export $(cat .env.example) && \
+    export $(cat /run/secrets/SENTRY_AUTH_TOKEN) && \
+    export $(cat /run/secrets/SENTRY_PROJECT) && \
+    export DOCKER=true && \
+    pnpm run build
 
 FROM base AS runtime
 # COPY --from=prod-deps /app/node_modules ./node_modules