In this, a blog post I will show you how to login to Azure Container Registry using Azure AD username and password and not receive the unencrypted warning message.
The actual name of what I am about to show is called Credentials store, where docker is using the external store to authenticate credentials and not using a clear text store on the local machine to save the login details.
For more information, please visit.
You probably, have seen the warning message below when you log in to ACR using the Docker login command.
WARNING! Your password will be stored unencrypted in
To overcome this security issue and protect you Azure ACR account we can use Azure AD for ACR login.
Download and Install Azure CLI
To get started, I will install Azure CLI latest version; if you already have it installed, you can skip this step.
Run from PowerShell
Next, I will run the following PowerShell command.
iex ([System.Text.Encoding]::UTF8.GetString((Invoke-WebRequest -Uri https://aka.ms/acr/installaad/win).Content))
Login to Azure using Azure CLI
Next, I will log in to Azure using the command below.
To test the login is working and secured using Azure AD, I will download the sample Hello-World app.
docker run -it hello-world
Tag and Push
The follwing two commands will tag and push the container to ACR.
docker tag hello-world deploy.azurecr.io/hello-world
docker push myregistry.azurecr.io/hello-world
As you can see I was not asked by docker login to provide a username and password to ACR.
To confirm that the image was uploaded, I will run the Azure acr command below
az acr repository list