feature: Scan Remote repository - Azure

[dwertent]

Introduction

Currently, you can scan a remote repository hosted on GitHub as follows:

kubescape scan https://github.com/<org>/<repo>

In the background, kubescape will clone the repository and scan it like scanning a local directory.

Current behavior

This is true only for repositories hosted on github.

Desired behavior

Kubescape should support scanning public/private repositories hosted on Azure

e.g.

kubescape scan https://<>@dev.azure.com/<>/<>/_git/<>

Additional information

Private repositories should be supported as well, the token should be passed using an environment variable

[anubhav06]

If it's still open and if no one else is working on it, then I can take this. ( Since, this is similar to adding support for GitLab API )

[anubhav06]

I've pretty much completed adding this feature.
Only thing that is creating a problem is that, even for scanning public Azure Repos, I need to pass my Personal Access Token.
When I pass my PAT, it successfully scans the repo. Without PAT, it shows an error that authentication required.

This seems to be a problem with go-git. Should I go ahead and create a PR with what's ready ?
"Azure DevOps requires capabilities multi_ack / multi_ack_detailed, which are not fully implemented". The new support which they have added has an example for Private repo cloning, but no example for public repo cloning.

Thus, I believe that it's a problem with go-git, and we need to clone Public repos by passing the PAT, until they fully support Azure DevOps cloning.

[matthyx]

thanks a lot @anubhav06 !