Browsing for an alternative to our current solution right now and stumbled across this question. It'll highlight as an error, but I promise it works if you put it at the end of your devcontainer.json:

  "runArgs": ["--env-file", "${localWorkspaceFolder}/.devcontainer/.env"]
}

I'll be back if I find something better/official