Summary

Fixes #3379

When get_all_credentials() iterates over credential stores (both the default credsStore and per-registry credHelpers), a StoreError from any single store propagates as a DockerException and aborts the entire operation. This causes image builds to fail even when the failing credentials are not required — for example, when expired gcloud auth tokens exist in the local Docker config but the image being built only uses publicly accessible base images.

This change wraps each call to _resolve_authconfig_credstore inside get_all_credentials with a try/except that:

• Catches DockerException (which wraps the underlying StoreError)
• Logs a warning with the store name, registry, and error details
• Skips the failing entry and continues collecting other valid credentials

All other valid credentials are still collected and returned as before.

Changes

• docker/auth.py: Modified AuthConfig.get_all_credentials() to catch errors.DockerException per-entry in both the credsStore loop and the credHelpers loop, logging a warning and continuing instead of propagating the error.
• tests/unit/auth_test.py: Added two new tests:
  • test_get_all_credentials_credstore_error_skipped — verifies that a failing credHelper entry is skipped while valid entries from the default store are still returned.
  • test_get_all_credentials_default_store_error_skipped — verifies that a failing entry in the default credsStore is skipped while other valid entries from the same store are still returned.
  • Added FailingStore and PartiallyFailingStore test helper classes.

Test plan

• All existing unit tests in tests/unit/auth_test.py continue to pass (58/58)
• Two new unit tests pass covering both credsStore and credHelpers failure scenarios
• Manual verification: configure a Docker config.json with a credential helper that fails (e.g., expired gcloud auth), then run client.images.build() for a public image and confirm it no longer raises