6

I have a shell script that deploys containers to Azure Container Instances that runs fine locally using the Azure CLI (on Linux) but I'm having trouble performing the login to Azure from a pipeline task.

Locally the following command will open a browser to login:

docker login azure

The docs suggest that to do the same in a pipeline task I can pass in a client id and client secret. I think that it should look like this:

docker login azure --client-id $servicePrincipalId --client-secret $servicePrincipalKey --tenant-id $tenantId

However, when I run this in my pipeline I get this error:

unknown flag: --client-id

docker login azure --help run locally tells me that --client-id is a valid flag, so I'm wondering is there another way to do this in an Azure DevOps pipeline?

Improve this question
2
  • Hi, have you found a solution for this? Commented Dec 15, 2021 at 13:42
  • No, in this case I just deployed to an Azure VM instead, that I configure to be a remote docker host. Would love to find a solution though Commented Dec 16, 2021 at 14:21

2 Answers 2

Reset to default
4

At the moment the problem is that there is no docker cli azure module installed on Microsoft Hosted agents, Installation instructions can be found here: https://docs.docker.com/cloud/aci-integration/

The workaround I have used to solve the problem:

- script: |
    # Add the compose-cli module; 
    curl -L https://raw.githubusercontent.com/docker/compose-cli/main/scripts/install/install_linux.sh | sh

    # Login to Azure using docker CLI, you can use variables here;
    # Note: Docker@2 task with Login Action will not help here;
    docker login azure --client-id xxx --client-secret yyy --tenant-id zzz

    # Check Context list;
    docker context aci list

    # Create ACI Context;
    docker context create aci myaci --location <Azure Location> --resource-group <RG NAME> --subscription-id <subscription ID>

    # Check It again.
    docker context list
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

2

The Azure pipeline task for Docker allows you to use a service connection for the 'docker login' style task. To use a username / password combination, you'll start by creating a Service Connection of type 'Docker Registry'. Then specify 'other' for type. Here you can enter your credentials. The password is obfuscated for security as you would expect.

Now you can use this service connection in your azure devops pipeline docker tasks.

Sources cited:

https://learn.microsoft.com/en-us/azure/devops/pipelines/library/service-endpoints?view=azure-devops&tabs=yaml#docker-registry-service-connection

https://learn.microsoft.com/en-us/azure/devops/pipelines/library/service-endpoints?view=azure-devops&tabs=yaml#docker-hub-or-others

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.