Allow DOCKER_AUTH_CONFIG to come from secrets/vault

Proposal

Currently, the DOCKER_AUTH_CONFIG variable can be set in a variable block in .gitlab-ci.yml or be provided as a CI variable. See https://docs.gitlab.com/ee/ci/docker/using_docker_images.html#using-statically-defined-credentials

This proposal requests that DOCKER_AUTH_CONFIG be able to come from a Vault secret. Until such a capability exists, customers that require secrets to only come from Vault and prohibit the storage of secrets in GitLab CI variables and .gitlab-ci.yml cannot configure jobs to use Docker images from private Docker registries.

In my opinion, the ideal approach would be to address #250695 (closed) and ensure that when the DOCKER_AUTH_CONFIG variable is set in that way, that it is used early enough in job execution to allow for the retrieval for the image configured for that job to use the DOCKER_AUTH_CONFIG value provided by the secret.