Having the secrets for a registry in a file is not really secure. First of all, it is written to a disk, and second it might end up in a git repository.
We would like to use key vaults, since we have pipelines running in our cloud. Having the possibility to pass the credentials as parameter would make things easier an more secure.