add tokens/pwds for quay.io (and/or for registry.redhat.io) to your openshift's global or per-project pull secret

oc-pull-secret-update-global.sh

#!/bin/bash

# set your own logins!
#QUAY_USER="****"
#QUAY_TOKEN="****"
#RRIO_USERNAME="****"
#RRIO_PASSWORD="****"

# login to quay.io
REGISTRY="quay.io"
echo -n "[INFO]: Log into $REGISTRY ... "
echo "${QUAY_TOKEN}" | skopeo login -u="${QUAY_USER}" --password-stdin ${REGISTRY}

# login to registry.redhat.io
REGISTRY="registry.redhat.io"
echo -n "[INFO]: Log into $REGISTRY ... "
echo "${RRIO_PASSWORD}" | skopeo login -u="${RRIO_USERNAME}" --password-stdin ${REGISTRY}

# if you're an admin on the cluster, you can get the global secret and update it for your personal registry logins
# this is not recommmended on a shared cluster but fine on clusterbot or CRC or other cluster for which you're admin
oc get secret/pull-secret -n openshift-config --template='{{index .data ".dockerconfigjson" | base64decode}}' >/tmp/oc_secret
oc registry login --registry="quay.io" --auth-basic="$QUAY_USER:$QUAY_TOKEN" --to=/tmp/oc_secret
oc registry login --registry="registry.redhat.io" --auth-basic="$RRIO_USERNAME:$RRIO_PASSWORD" --to=/tmp/oc_secret
oc set data secret/pull-secret -n openshift-config --from-file=.dockerconfigjson=/tmp/oc_secret

oc-pull-secret-update-project.sh

# alternative approach, for non-admin user

# copy your quay secret to a file and set metadata.name == rhdh-pull-secret (not the default exported from quay.io!!)

cat <<EOF > /tmp/my_quay_secret
apiVersion: v1
kind: Secret
metadata:
  name: rhdh-pull-secret
data:
  .dockerconfigjson: ==your-quay-login-secret-goes-here===
type: kubernetes.io/dockerconfigjson
EOF

# now add the secret to your backstage project
oc new-project mybackstage
oc create -f /tmp/my_quay_secret -n mybackstage