test: add registry-camunda-cloud pull secret to camunda component integration values

[eamonnmoloney]

Which problem does the PR fix?

Camunda-image pods in chart-full-setup integration/nightly deploys fail with ImagePullBackOff whenever a component image is overridden to a registry.camunda.cloud build (e.g. registry.camunda.cloud/team-connectors/connectors-bundle:8.8.14-stable-8.8-run<id>). The kubelet reports pull access denied … no basic auth credentials.

Root cause: camundaPlatform.subChartImagePullSecrets (templates/common/_helpers.tpl) is an else if, not a merge — a component-level image.pullSecrets fully replaces global.image.pullSecrets. The global camunda default is only index-docker-io, so any component whose image is overridden to the Camunda registry but lacks an explicit registry-camunda-cloud entry authenticates anonymously and fails to pull. First observed on connectors (namespace camunda-id-connectors-int-…): in the same pod set, web-modeler-restapi got both secrets (inline in base.yaml) while connectors got only the global one. The same gap exists for every other camunda component that has no inline image.pullSecrets.

What's in this PR?

Mirror the webModeler/console pattern for the remaining camunda components in each version's chart-full-setup/values/base.yaml, adding both index-docker-io and registry-camunda-cloud to image.pullSecrets:

• 8.8 – 8.10: connectors, identity, optimize, orchestration
• 8.7 (pre-unified split): connectors, identity, operate, optimize, tasklist, zeebe, zeebeGateway

(index-docker-io is repeated because component-level pull secrets replace rather than merge with global, so the Docker-Hub default pull must stay covered. A global fix is not viable uniformly — 8.9/8.10 have no global.image.pullSecrets key at all.)

Values-file-only change — no chart templates touched, so no golden snapshots are affected.

Verified: helm lint passes for all four versions, and helm template … -f base.yaml now renders every camunda workload (identity, optimize, connectors, console, web-modeler-*, orchestration/zeebe, plus 8.7 operate/tasklist/zeebe-gateway) with both index-docker-io and registry-camunda-cloud.

Checklist

Before opening the PR:

• In the repo's root dir, run make go.update-golden-only.
• There is no other open pull request for the same update/change.
• Tests for charts are added (if needed).
• In-repo documentation are updated (if needed).

After opening the PR:

• Did you sign our CLA (Contributor License Agreement)?

[Copilot]

Pull request overview

This PR updates the chart-full-setup integration scenario base values so the Connectors pod template renders with both Docker Hub (index-docker-io) and Camunda Cloud registry (registry-camunda-cloud) imagePullSecrets when Connectors images are overridden to registry.camunda.cloud.

Changes:

• Add connectors.image.pullSecrets entries for index-docker-io and registry-camunda-cloud in the chart-full-setup base values.
• Apply the same change consistently across chart versions 8.7, 8.8, 8.9, and 8.10.

Reviewed changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated no comments.

File	Description
charts/camunda-platform-8.7/test/integration/scenarios/chart-full-setup/values/base.yaml	Adds Connectors image.pullSecrets for Docker Hub + Camunda Cloud registry in chart-full-setup base values.
charts/camunda-platform-8.8/test/integration/scenarios/chart-full-setup/values/base.yaml	Same Connectors pull secret addition for 8.8 chart-full-setup base values.
charts/camunda-platform-8.9/test/integration/scenarios/chart-full-setup/values/base.yaml	Same Connectors pull secret addition for 8.9 chart-full-setup base values.
charts/camunda-platform-8.10/test/integration/scenarios/chart-full-setup/values/base.yaml	Same Connectors pull secret addition for 8.10 chart-full-setup base values.