Feature: Pinned Dependency checks support for Azure DevOps Pipelines

[balteravishay]

Is your feature request related to a problem? Please describe.

Pinned dependency checks only check shell scripts and GitHub workflows and misses out on many open source repositories that implement their CI builds using ADO Pipelines.

Describe the solution you'd like
Pinned dependencies checks should collect the same pinning checks it does from GH workflows from ADO Pipelines yaml files.

Describe alternatives you've considered
NA

Additional context
Add any other context or screenshots about the feature request here.

[spencerschrock]

This could be good to consider as progress is made on #4177. Can you share an ADO pipeline example?

[balteravishay]

This could be good to consider as progress is made on #4177. Can you share an ADO pipeline example?

agree that this would be a good pair, even though the implementation is different.
the work that is done in #4177 is aimed at supporting ADO as a source repository. the work that is suggested in this feature is supporting ADO pipeline when parsing the "runtime" for pinned dependencies.
Today this is using the GitHub Action linter golangci-lint-action and in implementing this feature one would have to consider an alternative that would support ADO pipelines (which are actually quite similar)

ADO pipeline samples:

https://github.com/SonarSource/sonar-scanner-msbuild/blob/master/azure-pipelines.yml