Implement AuthN and K8S ServiceAccount DockerFile Keychain support

[davidcollom]

This implements the go-containerregistry AuthN Libraries to support fetching and updating credentials from ServiceAccount ImagePullSecrets along with additional kubernetes.io/dockerconfigjson secrets.

There are significant breaking changes here:

• Removal of the Fallback client, as the true fallback should be OCI going forward
• Removal of Self-Hosted, this is an ongoing effort to bring things under the OCI Client
  • This is in turn from the lack of support from go-containerregistries, not supporting the original docker/distribution API.
• Replacing IsHost with Factories for each client, this ensures a clear break from what a "Client" implements vs how we detect "What" Client we need to fetch Tag information.

A few things outstanding:

• [ ] Customization for each hostname, I.E: CA Certs or Timeouts etc.
• [ ] Full testing of the following clients:
  • [ ] GCP / GAR
  • [ ] ACR
  • [ ] ECR
• [ ] Handling for the HelmValues and safe migration of existing credentials that are no longer directly passed in the helmchart

And some more, that I've likely forgotten 🙈

Resolves #322