azuredns: CLI authentication doesn't respect tenant setting

Welcome

[X] Yes, I'm using a binary release within 2 latest releases.
[X] Yes, I've searched similar issues on GitHub and didn't find any.
[X] Yes, I've included all information below (version, config, etc).

What did you expect to see?

I'm using terraform acme provider. I set AZURE_AUTH_METHOD to cli, and AZURE_TENANT_ID to a tenant which is not my primary. I expect it to work and use the specified tenant.

What did you see instead?

The tenant is not respected, and authentication fails.

How do you use lego?

Library

Reproduction steps

resource "acme_certificate" "certificate" {
  # ...
  dns_challenge {
    provider = "azuredns"

    config = {
      AZURE_AUTH_METHOD     = "cli"
      AZURE_TENANT_ID       = "<my-non-primary-tenant>"
      AZURE_RESOURCE_GROUP  = "dns-rg"
      AZURE_ZONE_NAME       = local.root_domain
    }
}

Version of lego

v4.16.1

Logs

Go environment (if applicable)

```console $ go version && go env # paste output here ```

go-acme / lego

azuredns: CLI authentication doesn't respect tenant setting #2178