[kots] load dockerConfigJson reigstry names into privateBaseImageAllowList

Follow upto #12174

This PR updates the installer logic to also load the auth's reigstry
URL's into `.containerRegistry.privateBaseImageAllowList`.

Signed-off-by: Tarun Pothulapati <[email protected]>

Author: Pothulapati

install/kots/manifests/gitpod-installer-job.yaml

@@ -178,6 +178,14 @@ spec:
                 yq e -i ".containerRegistry.privateBaseImageAllowList += \"docker.io\"" "${CONFIG_FILE}"
               fi
 
+              if [ '{{repl ConfigOptionNotEquals "reg_docker_config" "" }}' = "true" ];
+              then
+                DOCKER_CONFIG='{{repl ConfigOptionData "reg_docker_config" | Base64Encode }}'
+                echo "${DOCKER_CONFIG}" | base64 -d  > /tmp/userconfig.json
+                # Add the registies to the server allowlist
+                yq e -i ".containerRegistry.privateBaseImageAllowList += $(cat /tmp/userconfig.json | jq '.auths' | jq -rc 'keys')" "${CONFIG_FILE}"
+              fi
+
               # Output the local registry secret - this is proxy.replicated.com if user hasn't set their own
               echo "{{repl LocalRegistryImagePullSecret }}" | base64 -d > /tmp/kotsregistry.json
 
@@ -360,9 +368,6 @@ spec:
                   | base64 -d \
                   > /tmp/currentconfig.json
 
-                DOCKER_CONFIG='{{repl ConfigOptionData "reg_docker_config" | Base64Encode }}'
-                echo "${DOCKER_CONFIG}" | base64 -d  > /tmp/userconfig.json
-
                 export REGISTRY_SECRET=$(jq -s '.[0] * .[1]' /tmp/userconfig.json /tmp/currentconfig.json | base64 -w 0)
 
                 echo "Gitpod: update the in-cluster registry secret"