[azure-cli] better default configuration to reduce chances of accidental data leaks

[bebound]

Description

The Azure cli has a tendency to be quite chatty and this can expose secrets stored in Azure in the logs of CI tools that run it.

See:

• https://www.paloaltonetworks.com/blog/prisma-cloud/secrets-leakage-user-error-azure-cli/
• https://github.com/Azure/azure-cli-extensions/pull/6793/

There are a number of sensible configuration settings that can be applied to greatly reduced the chance of this happening:

core.only_show_errors=true
core.error_recommendation=off
core.collect_telemetry=false
logging.enable_log_file=false

These can either be set using az config or registered as environment variables. The latter being more secure as the AzureCLI@2 task in Azure pipelines ignores the global config by default.

Ideally azure-cli would detect it's running on a ci platform, using a package similar to is-ci.

This way command output isn't echo'ed to the log by default and also not written to disk where it can easily be intercepted.

I've suggested the actions-runner team would apply these settings on the GitHub Actions and Azure Pipelines hosted runners, but they feel it's up to the individual tools to act in a proper manner:

• https://github.com/actions/runner-images/issues/8816

Expected behavior

Azure-cli is configured with sane CI/CD defaults.

There is an extension to Azure cli called init which provides sane automation defaults.

Actual behavior

Azure-cli is configured in standard interactive mode.

Repro steps

https://www.paloaltonetworks.com/blog/prisma-cloud/secrets-leakage-user-error-azure-cli/

[github-actions[bot]]

This issue is related to security. Please pay attention.