I am working to containerize a .NET Core MVC application. This application currently accesses Key Vault to fetch the Client Secret for the app. This all works fine when deployed to an Azure App Service.
Now I'm working to containerize and test locally prior to pushing to my first Azure Kubernetes Service. Where I am running into problems is with debugging from inside the container. Inside the container I do not have access the ManagedIdentityCredential nor the VisualStudioCredential. The CLI doesn't exist on the the container so that Credential will fail in the chain as well. The only Credential object that looks viable is the EnvironmentCredential.
The problem with the EnvironmentCredential is that I have to pass the Client Secret as an environment variable. This makes it very likely for developers to check a secret into source control which is the entire problem I am trying to solve.
See https://github.com/Azure/azure-sdk-for-net/tree/master/sdk/identity/Azure.Identity#environment-variables
What are the best practices here for debugging Azure.Identity related code inside a local docker container?