how is the ImagePullPolicy handled for the inner container, does it follow the Kube defaults outlined here?

if CODER_INNER_PULL_SECRET is supported, then the ImagePullPolicy should be configurable as well.

envbox performs a plain old docker pull, so it follows the default behavior depending on how the image & tag is specified, as outlined here: https://docs.docker.com/engine/reference/commandline/pull/