[refactor](fe) Add typed filesystem properties for S3

[CalvinKirs]

What problem does this PR solve?

Issue Number: None

Related PR: None

Problem Summary: Add provider-owned typed filesystem properties and bind S3 runtime paths through S3FileSystemProperties, preparing for S3Properties removal from fe-core.

Release note

None

Check List (For Author)

• Test: Unit Test

  • mvn -Dmaven.build.cache.enabled=false -f fe/pom.xml -pl fe-filesystem/fe-filesystem-s3 -am -DfailIfNoTests=false test

  • mvn -Dmaven.build.cache.enabled=false -f fe/pom.xml -pl fe-filesystem/fe-filesystem-oss,fe-filesystem/fe-filesystem-cos,fe-filesystem/fe-filesystem-obs -am -DfailIfNoTests=false test

  • mvn -Dmaven.build.cache.enabled=false -f fe/pom.xml -pl fe-filesystem/fe-filesystem-s3,fe-filesystem/fe-filesystem-oss,fe-filesystem/fe-filesystem-cos,fe-filesystem/fe-filesystem-obs -am -DfailIfNoTests=false test

  • mvn -Dmaven.build.cache.enabled=false -f fe/pom.xml -pl fe-filesystem/fe-filesystem-s3 -am -DskipTests validate

  • env MAVEN_OPTS=-Xmx5g MVN_OPT=-Dmaven.build.cache.enabled=false FE_MAVEN_THREADS=1 FE_MAVEN_RETRY_THREADS=1 CUSTOM_UI_DIST=/mnt/disk1/gq/idea/incubator-doris/ui/dist ./build.sh --fe

• Behavior changed: No

• Does this need documentation: No

What problem does this PR solve?

Issue Number: close #xxx

Related PR: #xxx

Problem Summary:

Release note

None

Check List (For Author)

• Test

  • Regression test
  • Unit Test
  • Manual test (add detailed scripts or steps below)
  • No need to test or manual test. Explain why:
    • This is a refactor/code format and no logic has been changed.
    • Previous test can cover this change.
    • No code files have been changed.
    • Other reason

• Behavior changed:

  • No.
  • Yes.

• Does this need documentation?

  • No.
  • Yes.

Check List (For Reviewer who merge this PR)

• Confirm the release note
• Confirm test cases
• Confirm document
• Add branch pick label

[hello-stephen]

Thank you for your contribution to Apache Doris.
Don't know what should be done next? See How to process your PR.

Please clearly describe your PR:

1. What problem was fixed (it's best to include specific error reporting information). How it was fixed.
2. Which behaviors were modified. What was the previous behavior, what is it now, why was it modified, and what possible impacts might there be.
3. What features were added. Why was this function added?
4. Which code was refactored and why was this part of the code refactored?
5. Which functions were optimized and what is the difference before and after the optimization?

[CalvinKirs]

run buildall

[hello-stephen]

TPC-H: Total hot run time: 29180 ms

machine: 'aliyun_ecs.c7a.8xlarge_32C64G'
scripts: https://github.com/apache/doris/tree/master/tools/tpch-tools
Tpch sf100 test result on commit bf360bb94b28d58c61db4accf1741dc1378fb21e, data reload: false

------ Round 1 ----------------------------------
orders	Doris	NULL	NULL	0	0	0	NULL	0	NULL	NULL	2023-12-26 18:27:23	2023-12-26 18:42:55	NULL	utf-8	NULL	NULL	
============================================
q1	17724	4135	3842	3842
q2	q3	10683	874	618	618
q4	4665	453	352	352
q5	7438	1319	1145	1145
q6	205	170	137	137
q7	933	939	766	766
q8	9697	1423	1211	1211
q9	6166	5411	5299	5299
q10	6299	2098	1792	1792
q11	476	275	249	249
q12	686	422	302	302
q13	18184	3307	2739	2739
q14	298	287	268	268
q15	q16	897	862	783	783
q17	1154	1040	727	727
q18	6458	5694	5539	5539
q19	1650	1250	969	969
q20	535	407	265	265
q21	4587	2295	1876	1876
q22	420	357	301	301
Total cold run time: 99155 ms
Total hot run time: 29180 ms

----- Round 2, with runtime_filter_mode=off -----
orders	Doris	NULL	NULL	150000000	42	6422171781	NULL	22778155	NULL	NULL	2023-12-26 18:27:23	2023-12-26 18:42:55	NULL	utf-8	NULL	NULL	
============================================
q1	4210	4067	4072	4067
q2	q3	4627	4786	4178	4178
q4	2092	2164	1382	1382
q5	4933	4950	5236	4950
q6	203	164	133	133
q7	2016	1981	1733	1733
q8	3436	3226	3182	3182
q9	8450	8431	8369	8369
q10	4472	4517	4251	4251
q11	662	447	405	405
q12	755	757	539	539
q13	3222	3628	2895	2895
q14	301	311	273	273
q15	q16	767	815	677	677
q17	1320	1316	1272	1272
q18	8177	7142	7077	7077
q19	1119	1139	1177	1139
q20	2371	2248	1943	1943
q21	6171	5446	4925	4925
q22	570	511	441	441
Total cold run time: 59874 ms
Total hot run time: 53831 ms

[hello-stephen]

TPC-DS: Total hot run time: 172570 ms

machine: 'aliyun_ecs.c7a.8xlarge_32C64G'
scripts: https://github.com/apache/doris/tree/master/tools/tpcds-tools
TPC-DS sf100 test result on commit bf360bb94b28d58c61db4accf1741dc1378fb21e, data reload: false

query5	4309	645	507	507
query6	340	213	199	199
query7	4266	524	297	297
query8	328	234	213	213
query9	8797	4000	3962	3962
query10	464	336	311	311
query11	5810	2387	2204	2204
query12	188	128	129	128
query13	1302	629	423	423
query14	6771	5391	5050	5050
query14_1	4379	4397	4355	4355
query15	207	204	193	193
query16	1014	476	432	432
query17	1349	735	606	606
query18	2756	472	348	348
query19	226	203	155	155
query20	137	135	128	128
query21	212	138	118	118
query22	13641	14173	14429	14173
query23	17275	16488	16300	16300
query23_1	16461	16352	16373	16352
query24	7905	1753	1348	1348
query24_1	1357	1332	1353	1332
query25	584	479	419	419
query26	818	311	164	164
query27	2713	613	338	338
query28	4332	1940	1928	1928
query29	964	617	503	503
query30	296	232	196	196
query31	1092	1071	947	947
query32	88	74	66	66
query33	529	348	287	287
query34	1168	1134	646	646
query35	759	783	724	724
query36	1349	1314	1156	1156
query37	143	96	86	86
query38	3178	3110	3062	3062
query39	918	925	925	925
query39_1	878	878	872	872
query40	223	151	134	134
query41	62	60	59	59
query42	110	106	105	105
query43	326	317	277	277
query44	
query45	206	196	192	192
query46	1105	1162	755	755
query47	2287	2312	2146	2146
query48	398	418	282	282
query49	615	522	424	424
query50	693	298	232	232
query51	4492	4272	4280	4272
query52	103	106	99	99
query53	254	291	209	209
query54	327	284	262	262
query55	94	96	86	86
query56	315	307	296	296
query57	1434	1388	1317	1317
query58	286	272	267	267
query59	1504	1658	1385	1385
query60	346	331	327	327
query61	167	154	154	154
query62	662	628	559	559
query63	238	192	206	192
query64	1638	838	672	672
query65	
query66	1663	518	407	407
query67	30143	30028	29860	29860
query68	
query69	471	349	307	307
query70	1013	959	946	946
query71	310	270	277	270
query72	3184	2861	2598	2598
query73	825	746	427	427
query74	5064	4942	4742	4742
query75	2784	2686	2350	2350
query76	2306	1114	770	770
query77	429	438	350	350
query78	13058	13056	12474	12474
query79	2890	990	722	722
query80	1770	583	488	488
query81	529	292	241	241
query82	936	153	121	121
query83	353	281	246	246
query84	291	135	111	111
query85	918	526	438	438
query86	458	335	311	311
query87	3398	3321	3187	3187
query88	3568	2666	2630	2630
query89	454	385	333	333
query90	1906	183	176	176
query91	177	169	143	143
query92	82	75	76	75
query93	1280	966	555	555
query94	743	360	303	303
query95	676	390	437	390
query96	990	767	339	339
query97	2668	2745	2539	2539
query98	241	231	231	231
query99	1122	1119	958	958
Total cold run time: 256853 ms
Total hot run time: 172570 ms

[hello-stephen]

FE Regression Coverage Report

Increment line coverage 0.00% (0/125) 🎉
Increment coverage report
Complete coverage report

[CalvinKirs]

/review

[github-actions]

Review result: request changes.

Critical checkpoints:

• Goal/test: The PR adds provider-owned typed S3 filesystem properties and routes S3 runtime paths through them. The added tests cover the new typed binding path, but they also encode behavior changes that conflict with existing S3 runtime compatibility.
• Focus/scope: The implementation is mostly focused on the S3 filesystem migration, but two runtime behaviors regress.
• Concurrency/lifecycle: No new shared mutable concurrency or special lifecycle risk found in the reviewed S3 property/provider changes.
• Configuration/compatibility: Blocking issues found. DEFAULT credentials no longer uses the full AWS SDK default chain, and endpoint-only custom S3 configurations now fail where the old runtime path fell back to us-east-1.
• Parallel paths: FE-core S3Properties has similar typed validation, but this PR specifically changes fe-filesystem S3ObjStorage runtime behavior, so existing map-based callers are affected.
• Tests: Unit tests were added, but they do not cover AWS profile/default-chain compatibility and they explicitly remove the endpoint-only fallback coverage.
• Observability/transactions/persistence/data writes: No transaction or persistence changes in this PR; no additional observability issue identified for the reviewed paths.
• Performance: No obvious hot-path performance regression found.

User focus: No additional user-provided focus points were present.

[github-actions]

This changes the meaning of the default credentials mode. The old S3ObjStorage fallback used DefaultCredentialsProvider.create() before anonymous fallback, so AWS profile credentials, process credentials, and any other providers in the SDK's default chain worked. This hand-built chain omits those providers, so an existing deployment that relies on ~/.aws/credentials / AWS_PROFILE and does not set AK/SK will now fail to resolve credentials. Please keep the SDK default provider in the DEFAULT path (and only append anonymous when requested) instead of replacing it with a partial chain.

[github-actions]

This validation rejects existing custom S3-compatible configurations that set only an endpoint. Before this migration, S3ObjStorage.buildClient() explicitly allowed a missing region, logged a warning, and used us-east-1 as the SigV4 placeholder when an endpoint override was present; the removed buildClient_missingRegionLogsWarnAndFallsBack test covered that compatibility path. Now new S3ObjStorage(Map.of("AWS_ENDPOINT", "https://minio.local")) fails during binding before the client can be built. Since the PR says there is no behavior change, please preserve the previous endpoint-only fallback for the runtime filesystem path or document and gate this as an intentional incompatible change.