My apologies, but it’s been a while since I blogged. Life’s been getting in the way.
I’ve been doing more and more lately with our Azure Digital Twins solution. The ADT engineering team has a nice visualization tool for visualizing your models, twins, relationships, and query results. One of the biggest challenges for me and my customers, has been getting my environment set up: right version of node, right version of the code, authentication, etc.
Conveniently, the ADT team has some instructions for running the ADT-Explorer tool in a docker container, so you don’t have to worry about the pre-reqs. It generally works great. However, there’s one downside. The ADT-Explorer tool uses the Microsoft.Identity provider, and specifically the DefaultAzureCredential setting to do your authentication. This is usually a great thing, in that it just automatically picks up any cached local azure credentials you may already be logged in with (Azure CLI, VS Code, Visual Studio, ENV vars, etc) and uses them.
The challenge, however, is that ADT-Explorer running in a docker container cannot leverage those local cached credentials. So, what do you do?
The easiest way to handle this is to install the azure cli inside the docker container, do an ‘az login’ in it, and then start ADT explorer. The rest of this post walks you through this. This post assumes you have docker installed on your machine with linux containers enabled.
The first step is to clone the repo with git.
git clone https://github.com/Azure-Samples/digital-twins-explorer
After you do that, navigate to the digital-twins-explorer and create the adt-explorer docker container (Note the dot/period at the end of the command – don’t forget it!)
docker build -t adt-explorer .
So far this follows the instructions provided by the ADT team, but this is where we will deviate. The ADT team provided instructions have you just run the container as-is. However, if you do that, the DefaultAzureCredentials won’t work. Instead, we need to install the azure cli and login into azure before we start the adt-explorer app. The first thing we need to do is run the adt-explorer docker container, but we are going to start in a bash command prompt. Run the following command
docker run -it -p3000:3000 adt-explorer bash
Note that we added ‘bash’ to the end of the command line, to start the container but override the default entrypoint and give us a bash prompt. It should look like this:
Now that we have a prompt, we need to install the azure cli. To install it, run this command
curl -sL https://aka.ms/InstallAzureCLIDeb | bash
This should install the CLI for us. After a successful install, we can now do an ‘az login’ to authenticate to Azure. You will get a ‘code’ to use, and a URL to visit in your browser as shown below
Open your browser, navigate to http://microsoft.com/devicelogin, enter the code, then your azure subscription credentials as shown below
The authentication process will be slightly different for every environment based on your IT department’s set up (i.e. 2-factor auth, etc), but the result should eventually be a successful login
After a successful login, you’ll see a list of your azure subscriptions in the docker container.
Now we can start the adt-explorer app. To do so, run
npm run start
You’ll see this in your container.
You can now open up a browser, navigate to http://localhost:3000. Click on the People icon in the upper right corner, enter your ADT instance URL, and off you go.
Enjoy, and as always, hit me up in the comments if you have any issues.