Current the install-config.yaml requires to define the pull-secret as part of the configuration file itself.

In many scenarios this is not ideal, because the content of install-config.yaml may be accidentally leaked (for example, when added as an artifact to a CI job result, or when stored in a cvs), thus requiring additional procedures to sanitize its content.

In other scenarios the pull-secret may be provided by an external actor (for example, as it happens in the CI by the ci-operator, which retrieves the pull-secret from a vault) and already available in the installer execution environment. In such case an additional step is required to copy its content within the install-config.yaml.

For these reasons, it'd be useful to retrieve automatically the pull-secret content if not defined in the install-config, and if referenced by a REGISTRY_AUTH_FILE env var (if not, fallback to the previous behavior)