terricain
commented
1 year ago :rofl: I won't ask, I'm well aware of the business pressures to lead one to such ugly solutions :D
I'll need to update this function https://github.com/terrycain/certbot-dns-azure/blob/master/certbot_dns_azure/_internal/dns_azure.py#L135 to cater for it. In theory DefaultAzureCredential would solve a chunk of that logic, but I'm sure I remember having issues trying that in the past. If I get a chance, i'll look at this on the weekend.
swantzter
Hi,
I'm logging in to a service principal using OIDC (using https://github.com/marketplace/actions/azure-login and yes I know how horrible the things are that led me to a solution that include running certbot in a github actions runner, and I am ashamed of doing it, don't ask) and thus don't have a service principal secret - is there a way to use that authentication, basically the authentication of az cli, with this plugin?
I believe the azure SDK:s that provide a
DefaultAzureCredentialwould pick this up (such as the python one), so an option to authenticate using that orAzureCliCredentialwould be really helpful