fix: add image pull secret to authenticate to docker. (#13070)

We had an incident today where we realised the orchestrator does not use docker secrets to pull images. This led to us being rate limited on pulls, causing issues in the EU cluster.

Use the image pull secret so we appear as authenticated and have a higher rate limit.

This is a hot fix. We are currently using the discover secret. we should follow up and plumb the correct configs in.

airbyte-workload-launcher/src/main/kotlin/pods/factories/OrchestratorPodFactory.kt

@@ -12,6 +12,7 @@ import io.fabric8.kubernetes.api.model.CapabilitiesBuilder
 import io.fabric8.kubernetes.api.model.ContainerBuilder
 import io.fabric8.kubernetes.api.model.ContainerPort
 import io.fabric8.kubernetes.api.model.EnvVar
+import io.fabric8.kubernetes.api.model.LocalObjectReference
 import io.fabric8.kubernetes.api.model.Pod
 import io.fabric8.kubernetes.api.model.PodBuilder
 import io.fabric8.kubernetes.api.model.PodSecurityContext
@@ -33,6 +34,7 @@ class OrchestratorPodFactory(
   private val orchestratorEnvSingleton: OrchestratorEnvSingleton,
   @Value("\${airbyte.worker.job.kube.serviceAccount}") private val serviceAccount: String?,
   @Named("orchestratorContainerPorts") private val containerPorts: List<ContainerPort>,
+  @Named("discoverImagePullSecrets") private val imagePullSecrets: List<LocalObjectReference>,
   private val volumeFactory: VolumeFactory,
   private val initContainerFactory: InitContainerFactory,
 ) {
@@ -100,6 +102,7 @@ class OrchestratorPodFactory(
       .withRestartPolicy("Never")
       .withContainers(mainContainer)
       .withInitContainers(initContainer)
+      .withImagePullSecrets(imagePullSecrets)
       .withVolumes(volumes)
       .withNodeSelector<Any, Any>(nodeSelectors)
       .withSecurityContext(podSecurityContext())