The Quay registry integration test function (Test() method in pkg/registries/quay/quay.go) creates an HTTP client that doesn't respect the insecure configuration flag when using robot account credentials (username/password). This causes test validation to fail when connecting to Quay instances with self-signed certificates, even though the actual integration works correctly for image scanning operations.

Problem Description
In pkg/registries/quay/quay.go around line 158, the Test() method has conditional logic:

    if q.config.GetOauthToken() != "" {
        return q.Registry.Test()  // This works correctly with insecure flag
    }
    // When using robot credentials (no OAuth token), this path is taken:
    url := urlfmt.FormatURL(q.config.GetEndpoint(), urlfmt.HTTPS, urlfmt.NoTrailingSlash)
    discoveryURL := url + "/api/v1/discovery"
    client := http.Client{
        Timeout: timeout,  // Missing TLS configuration!
    }

The issue occurs specifically when:

• Using robot account credentials (username/password) instead of OAuth token

• insecure: true is set in the Quay integration config

Expected Behavior
The test function should respect the insecure configuration flag when using robot account credentials, similar to how it works with OAuth token authentication.

Current Workaround
Currently, users must set skipTestIntegration: true to avoid test failures, which disables validation entirely.

Proposed Solution
The Test() function should configure the HTTP client's TLS settings when using robot credentials:

client := &http.Client{
    Timeout: timeout,
}

if q.config.GetInsecure() {
    transport := &http.Transport{
        TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
    }
    client.Transport = transport
}