Enable AWS IRSA auth for registry - Migrate from Docker V2 Registry to V3

[ntwkninja]

Is your feature request related to a problem? Please describe.

For registry storage requiring authentication (i.e. S3), it is painful to deal with static credentials, key rotations and related security concerns. Docker v3 registry supports AWS IRSA auth and seems to work great with zarf:

https://github.com/distribution/distribution/releases/tag/v3.0.0-beta.1

Describe the solution you'd like

• Given a cluster
• When you zarf init with an S3 backed registry
• Then authentication is handled by a service account

Describe alternatives you've considered

• Continue maintaining a custom init package

Additional context

Migrating to Docker V3 registry will enhance security by reducing the use of static secrets, enable integration with the AWS-SDK, and provide a more Kubernetes-native way of handling authentication. This aligns with modern best practices for secure, automated container registry access. Existing workflows should be tested for compatibility, and documentation updated to reflect these changes.

Image is not currently added to IronBank: https://repo1.dso.mil/dsop/opensource/docker/registry-v2/-/issues/112

Related Issues

#375
#3001
#2273
#2758

[ntwkninja]

soon™ https://github.com/distribution/distribution/releases/tag/v3.0.0-rc.2