Don't generate commented out secrets. Throw an error when can't put the secret in docker

abra

@@ -867,7 +867,7 @@ get_servers() {
 
 get_app_secrets() {
   # FIXME 3wc: requires bash 4, use for loop instead
-  mapfile -t PASSWORDS < <(grep "SECRET.*VERSION.*" "$ENV_FILE")
+  mapfile -t PASSWORDS < <(grep "^SECRET.*VERSION.*" "$ENV_FILE")
 }
 
 load_instance() {
@@ -1601,6 +1601,7 @@ sub_app_secret_insert() {
 
   # shellcheck disable=SC2059
   printf "$PW" | docker secret create "${STACK_NAME}_${SECRET}_${VERSION}" - > /dev/null
+  if [[ $? != 0 ]]; then exit 1; fi     # exit if secret wasn't created
 
   if [ "$STORE_WITH_PASS" == "true" ] && type pass > /dev/null 2>&1; then
     echo "$PW" | pass insert "hosts/$DOCKER_CONTEXT/${STACK_NAME}/${SECRET}" -m > /dev/null