Fix fetch_assets to authenticate skopeo inspect for private registries

What does this MR do and why?

Backport of !2944 (merged) to 18-11-stable.

Fixes the fetch_assets function in build-scripts/build.sh to pass CI_JOB_TOKEN credentials to skopeo inspect when polling for the assets image.

On the security mirror, the assets image lives at a private registry path that requires authentication. Without --creds, skopeo inspect returns empty stdout even when the image is available, causing the polling loop to run until job timeout.

This is a direct backport from !2944 (merged), and as such will be pulled back verbatim unless there are conflicts.

MR acceptance checklist

  • This MR is backporting a bug fix, documentation update, or spec fix, previously merged in the default branch.
  • The original MR has been deployed to GitLab.com (not applicable for documentation or spec changes).
  • This MR has a [severity label] assigned (if applicable).
Edited by Robert Marshall

Merge request reports

Loading