Cache/s3v2: cache S3 client to reduce IMDS requests
What does this MR do?
Each cache operation previously called newRawS3Client, which invoked config.LoadDefaultConfig and potentially detectBucketLocation on every build. Under IAM auth, LoadDefaultConfig resolves credentials via IMDS, so N concurrent builds triggered N simultaneous IMDS requests. AWS limits in-flight IMDS requests to 5, causing AssumeRole calls to time out under load.
Fix this by caching the s3Client keyed on the *CacheS3Config pointer. Each config load allocates a fresh CacheS3Config via TOML unmarshal, so pointer identity naturally invalidates the cache on reload without any explicit timestamp tracking. sync.Once inside a clientInit struct ensures concurrent callers sharing the same pointer issue exactly one newRawS3Client call rather than N. On error the cache entry is removed so subsequent callers can retry.
Relates to:
Why was this MR needed?
Apparently AWS allows up to 5 in-flight IMDS requests at any time: https://gitlab.com/gitlab-com/request-for-help/-/work_items/4098#note_3167315582
What's the best way to test this MR?
Set up S3 caching and use a RoleARN.