refactor(streaming): drop buffered fallback in S3/ECR upload paths

[vieiralucas]

Summary

Pre-1.0 cleanup. PR #782 left two ingestion modes side-by-side: streaming spool plus a buffered `BodySource::Bytes` branch from `req.body`. Now that the streaming dispatch + test helper always wire `body_stream`, the buffered branches are dead. Remove them.

• S3 PutObject / UploadPart: stream is required. No more buffered fallback. SSE-KMS reads spool back once for AES-GCM (unavoidable); non-KMS hands `BodySource::File` straight to the store.
• ECR OCI `PATCH` / `PUT`: stream-only via `append_stream`. `append_bytes_sync` still in use by JSON `UploadLayerPart` (different wire format with inline base64 chunks).
• Tests: `make_request` wires `body_stream` from the same bytes it puts in `body`, so direct service calls hit the streaming path; buffered handlers ignore the stream.

Net: -144 / +93 lines.

Test plan

• `cargo build --workspace`
• `cargo clippy --workspace --all-targets -- -D warnings`
• `cargo fmt`
• `cargo test --workspace --lib` (all green)
• `cargo test -p fakecloud-e2e --test s3` (64 passed)
• `cargo test -p fakecloud-e2e --test s3_streaming_body --test s3_persistence --test s3_sse_kms` (green)
• `cargo test -p fakecloud-e2e --test ecr --test ecr_oci --test ecr_images --test ecr_kms_encryption --test ecr_persistence` (green)

---

Summary by cubic

Require streaming request bodies for S3 and ECR uploads by removing the buffered fallback. This unifies ingestion to a single streaming path, lowers memory pressure, and simplifies the code.

• Refactors

  • fakecloud-s3 PutObject: streaming-only. Spools to a tempfile; SSE-KMS reads the spool back once; non-KMS passes BodySource::File to the store.
  • fakecloud-s3 UploadPart: streaming-only. Spools and computes MD5/size in constant memory.
  • fakecloud-ecr OCI blob PATCH/PUT: streaming-only via append_stream. JSON UploadLayerPart stays buffered (base64 inline).
  • Tests: S3 helper now wires body_stream alongside body so PutObject/UploadPart use the streaming path. Buffered endpoints keep reading body.

• Migration

  • Clients must provide a streaming body for S3 PutObject and UploadPart, and ECR blob PATCH/PUT.
  • Missing streams return errors: S3 → MalformedRequestBody; ECR → BLOB_UPLOAD_INVALID.
  • For direct service calls, set request.body_stream (can be created from the same bytes as request.body).

^{Written for commit 7116cad. Summary will update on new commits.}

[codecov]

Codecov Report

❌ Patch coverage is 56.09756% with 18 lines in your changes missing coverage. Please review.

Files with missing lines	Patch %	Lines
crates/fakecloud-ecr/src/oci.rs	0.00%	8 Missing ⚠️
crates/fakecloud-s3/src/service/objects.rs	57.89%	8 Missing ⚠️
crates/fakecloud-s3/src/service/multipart.rs	81.81%	2 Missing ⚠️

📢 Thoughts on this report? Let us know!

[cubic-dev-ai]

No issues found across 4 files