Proxy-runner is ignoring imagePullSecrets

[jez4]

Bug description

The mcpserver definition are containing the imagePullSecrets. Also the custom helm values of the toolhive-operator chart are including the imagePullSecrets. The proxyrunner could not be pulled from custom registry with authorization. The imagePullSecrets are not added to proxyrunner deployment nor the proxy-runner service account.

Steps to reproduce

Deploy the mcpserver kind with imagePullSecrets in spec.

apiVersion: toolhive.stacklok.dev/v1alpha1
kind: MCPServer
metadata:
  name: sequentialthinking
  namespace: toolhive-operator
spec:
  image: custom-registry/mcp-servers/sequentialthinking:0.0.1
  transport: streamable-http
  proxyPort: 8080
  mcpPort: 8080
  podTemplateSpec:
    spec:
      imagePullSecrets:
        - name: regsec
      containers:
        - name: mcp # This name must be "mcp"

Expected behavior

The proxyrunner should be downloaded from custom registry using the imagePullSecrets.
The proxyrunner deployment should be specifying the imagePullSecrets or proxy-runner service account should do so.

Actual behavior

The proxyrunner is failing to pull the image.

Environment (if relevant)

• OS/version: Kubernetes v1.33.5
• ToolHive-operator version: v0.7.2
• Chart version: v0.5.25

Additional context

The toolhive-operator is deployed by the helm chart with custom values where the imagePullSecrets are specified.

[jez4]

The helm chart custom values :

namespace: toolhive-operator
fullnameOverride: "toolhive-operator"

operator:
  features:
    experimental: false
  replicaCount: 1

  # -- List of image pull secrets to use
  imagePullSecrets:
    - name: regsec