I would like to propose new functionality (which I'm willing to implement) to load individual arguments from file:

type StringFlag struct {
	Name        string
	Usage       string
	EnvVar      string
+	FilePath    string
	Hidden      bool
	Value       string
	Destination *string
}

When declaring flags one could specify an optional path for loading the value:

cli.StringFlag{
	Name: "mysql-password",
	EnvVar: "MYSQL_PASSWORD",
+	File: "/run/secrets/mysql_password",
}

This is functionally similar to loading a flag value from environment variable. If you follow the 12-factor pattern loading values from environment variable can be very helpful. If you are using systems like Docker Swarm and Kubernetes you may desire to load parameters from the contents of mounted files [1][2]

An example use case would be starting my server with a mysql password. When using Kubernetes or Docker swarm I might choose to load this parameter value from the filesystem using the built-in secret stores.

So for local development I might provide the mysql password using a flag:

$ ./app --mysql-password=<value>

For a 12 factor deployment I might provide the mysql password using an environment variable:

$ MYSQL_PASSWORD=<value> ./app

And for a Kubernetes or Swarm deployment I might source the mysql password using the built-in secret capabilities of the platform, from the file system.

$ docker secret create mysql_password <value>
$ docker run --secret=mysql_password ...

The implementation would be pretty straightforward:

if envVal, ok := flagFromFileEnv(f.FilePath, f.EnvVar); ok {
	envValDuration, err := time.ParseDuration(envVal)
	if err != nil {
		return fmt.Errorf("could not parse %s as duration for flag %s: %s", envVal, f.Name, err)
	}

	f.Value = envValDuration
}

[1] https://docs.docker.com/engine/swarm/secrets/#simple-example-get-started-with-secrets
[2] https://kubernetes.io/docs/user-guide/secrets/#using-secrets-as-files-from-a-pod