Keep your Azure CLI credentials isolated

As DevOps or Developer, you can have multiple projects that you need to maintain. I'll share with you the easiest way to keep your Azure CLI credentials isolated with docker-compose volumes.

Here is:

services:
  cli:
    image: mcr.microsoft.com/azure-cli
    working_dir: /root
    volumes:
      - azurecli:/root
      - ./deploy:/root/deploy
    # - ./.bash_history:/root/.bash_history
    # - ./bin/kubectl:/usr/local/bin/kubectl
    # - ./bin/helm:/usr/local/bin/helm
    # - ./bin/kubelogin:/usr/local/bin/kubelogin

volumes:
  ...
  azurecli:
  ...

By adding this service to your compose and running your CLI container with docker-compose run cli.
Compose will create a volume called project_folder_name-azurecli and mount this volume to the runner container called cli once you login to your azure credentials will be saved there. To clean up then you can use or commands

  • Connect CLI with azure account az login
  • Set Subscription Id az account set --subscription your-subscribtion-id

Few more tips:

By uncommenting this line you'll sync your local bash history with the container otherwise you will split and isolate command history between projects.

  # - ./.bash_history:/root/.bash_history

You can save your own version of CLI tools at project and mount them into a base image in the case when your cluster has a different version than inside the base mcr.microsoft.com/azure-cli image.

  # - ./bin/kubectl:/usr/local/bin/kubectl
Great! Next, complete checkout for full access to Azure First.
Welcome back! You've successfully signed in.
You've successfully subscribed to Azure First.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.