Add support for private package registries (python, npm, ...)

[vdel]

It would be great to have native support for accessing (read) private package registries in order to host our private libraries and re-use them across various projects.

Gitlab has a Python registry already: https://docs.gitlab.com/ee/user/packages/pypi_repository/

Both Gitlab and Github have a npm registry as well.

I imagine a dedicated section where we could expose our personal tokens through environment variables, e.g.:

registries:
  - python:
      target: ~/.pypirc
      username: ${PYTHON_REGISTRY_USER}
      token: ${PYTHON_REGISTRY_TOKEN}
  - npm:
      target: /app/.npmrc
      token: ${NPM_REGISTRY_TOKEN}

The build server could do the same with its own CI tokens.

Regarding the target, it is unclear if it is necessary, it would be even better in terms of dev UX if we avoid it.

[thomas-riccardi]

Technically the need is to pass secrets to the build & shell steps.

• for build: use buildkit new dockerfile mount type=secret
• for shell: we can already pass as env vars/volume mounts (bonus: improve gcp creds passing: Support gcloud local GCP Application Default Credentials in dmake shell/test #536)