feat(gitlab): Enable retry on failures while fetching secrets

[chouetz]

What does this PR do?

Alternative to #29087 Change the way we store secrets in script. Instead of

export VAR=$(fetch_secret)

use

VAR=$(fetch secret) || exit $?; export VAR

To be able to use the retry:exit_codes feature from gitlab, we need to throw the error in gitlab configuration. As a consequence, we need to split assignation and export (cf this shell check), otherwise the return value of fetch_secret would be ignored

Motivation

Prevent the failures when emissary container is down before the job starts.

Possible Drawbacks / Trade-offs

Contrary to the solution proposed on #29087, with this implementation we cannot do:

VAR=$(fetch_secret) run_command_needing_VAR

And in some cases (regression_detector) we added more storage on variables because it's not possible to do

$(fetch_secret) | use_secret_from_stdin

neither. However we leverage the PIPESTATUS array to send password on stdin when possible (docker). While the above is the recommended way we can see in #29087 it adds complexity to the gitlab configuration and impacts readability.

Describe how to test/QA your changes

Pipeline is successful