Add support for Docker credential helpers

[aaronlehmann]

This adds the ability to retrieve registry credentials from a credential helper specified in credHelpers or credsStore inside ~/.docker/config.json.

[aaronlehmann]

@microsoft-github-policy-service agree company="Netflix"

[samruddhikhandale]

Nice, thanks for putting up this PR! Left some minor comments

[aaronlehmann]

Thanks for the review! I made the suggested changes.

[chrmarti]

Thanks, left a few comments.

[aaronlehmann]

Thanks! I've made these changes.

[chrmarti]

Great, thanks! Left another question and ran the linter.

[aaronlehmann]

Thanks, addressed this latest round of comments.

[joshspicer]

This is awesome, thanks for taking the time (triggered the existing unit tests to run on this PR).

Do you have any suggestions on how to craft unit tests for this? Most of our unit tests run in linux, and we do have a subset of them running in windows. Theoretically we could run against macOS too (if we wanted to...)

Currently familiarizing myself with how this works

[aaronlehmann]

Do you have any suggestions on how to craft unit tests for this?

Great question. The credential helper "protocol" is very simple and it would be easy to mock a credential helper. But to ensure the returned creds are actually used, we'd need an authenticated registry to connect to, and I'm not sure what kind of test infra exists for that.

[joshspicer]

+1 to some of the earlier feedback (which you've addressed). I don't want to block on the tests - I can make it an action item for myself if you don't have the time. There's one minor linting error in CI.

Validated this works well on MacOS with AzureCR creds (this branch is ./devcontainer.js and the current release is on my PATH)

[chrmarti]

Thanks for the update. Left another comment on the use of a sync call. Otherwise 👍

[chrmarti]

Thanks for your contribution!

[aaronlehmann]

Thanks so much for the help geting this through! It's been a great experience.