Authenticated Docker Pulls from self-hosted GitLab

I was wondering if anyone can point me in the right direction, we use self hosted GitLab CI/CD. (We manage the runners in EKS) With the recent global Docker pull limits implemented we started occasionally hitting limits. We are planning to purchase a DockerHub team account but I am unsure how to actually make sure the runners are using the team account since they are currently pulling as anonymous.

I was looking into https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ but not sure if this is the right direction…

FWIW We stand up our EKS cluster with terraform and deploy the Gitlab runners with a helm chart