gitlab-ci: Only run the image jobs if we have credentials

The image jobs should only run if there are valid credentials for
pushing the images to the respective registries, to avoid false
negatives in the test pipeline.

This can happen when the gitlab CI is run on projects that aren't set up
to push docker images, either because they're clones of the official
repo, or they are under a different gitlab instance (e.g. Debian's
salsa).

We do it by using a "rules:if" clause on specific variables:
- for Docker, $DOCKER_REGISTRY_USER which is set externally
- for GitLab, $CI_REGISTRY_IMAGE which has the address of the registry
  tied to the project.

Note that for GitLab we can't use the credentials for conditional
execution directly, since they are "persisted variables" which are not
available in this context (see [1] for more details). The
$CI_REGISTRY_IMAGE should be good enough to determine whether image
registry is enabled for the repo.

[1]: https://docs.gitlab.com/ee/ci/variables/where_variables_can_be_used.html#persisted-variables

.gitlab-ci.yml

@@ -68,6 +68,8 @@ integration_latest:
 # Build docker image, upload to gitlab registry.
 gitlab:
   stage: image
+  rules:
+    - if: '$CI_REGISTRY_IMAGE'
   image: docker:stable
   services:
     - docker:dind
@@ -80,6 +82,8 @@ gitlab:
 # Build docker image, upload to dockerhub registry.
 dockerhub:
   stage: image
+  rules:
+    - if: '$DOCKER_REGISTRY_USER'
   image: docker:stable
   services:
     - docker:dind