refactor: replace chrismellard/docker-credential-acr-env with inline ACR auth

[skevetter]

Summary

chrismellard/docker-credential-acr-env (and its heavy transitive dependency Azure/azure-sdk-for-go) was used in pkg/image/auth.go to provide Azure Container Registry credentials. Replaces it with an inline implementation using go-autorest/adal, which is already in the module graph.

The inline implementation supports the same 3 auth methods as the original: client credentials, federated OIDC JWT, and MSI (managed service identity).

Changes

• New file pkg/image/acr.go: inline ACR credential helper with client credentials, federated token, and MSI support
• pkg/image/auth.go: removed chrismellard import, calls newACRCredentialsHelper() from new file
• go.mod / go.sum: chrismellard/docker-credential-acr-env and Azure/azure-sdk-for-go removed; go-autorest/adal and go-autorest/autorest/azure/auth promoted from indirect to direct
• docs/pages/licenses/devpod.mdx: removed chrismellard entry

[coderabbitai]

Important

Review skipped

Draft detected.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 56263fd2-876a-4209-a38c-5715cdb9b2c9

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch sk/dep-replace-acr-env

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}