Commit
3fbafbeb1b5d1c7f42f462429545658b1cb73b6b
by noreplyfix(nextgen): harden exact image tag lookup auth checks (#4448)
## Summary
- add `oras` to the required tool checks in
`scripts/ops/nextgen/get-next-gen-exact-image-tags.sh`
- authenticate against both `us.gcr.io` and `gcr.io` because tiproxy
trunk still resolves from `gcr.io` while the other next-gen artifacts
use `us.gcr.io`
- update the nextgen README so the prerequisites, tiproxy dual-registry
behavior, and troubleshooting guidance match the script
## Why a follow-up PR
`PingCAP-QE/ci#4446` merged before this extra hardening pass was pushed,
so this change is submitted as a separate follow-up PR.
## Validation
- `bash -n scripts/ops/nextgen/get-next-gen-exact-image-tags.sh`
- `PATH="$PWD/../.cache/bin:$PATH" shellcheck -S error
scripts/ops/nextgen/get-next-gen-exact-image-tags.sh`
- `git diff --check`
## Notes
- Live registry execution is still not exercised in this workspace
because `gcloud` is unavailable here.
---------
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
(commit: 3fbafbe)
