feat(storage): sccache S3 build cache with scoped SeaweedFS identity

Add sunbeam-sccache bucket and a dedicated sccache S3 identity scoped
to Read/Write/List/Tagging on that bucket only. Bump volume server
max from 50 to 100 (was full, blocking all new writes).

base/lasuite/seaweedfs-buckets.yaml

@@ -30,7 +30,8 @@ spec:
                 sunbeam-git-lfs \
                 sunbeam-game-assets \
                 sunbeam-ml-models \
-                sunbeam-stalwart; do
+                sunbeam-stalwart \
+                sunbeam-sccache; do
                 mc mb --ignore-existing "weed/$bucket"
                 echo "Ensured bucket: $bucket"
               done

base/storage/seaweedfs-volume.yaml

@@ -17,13 +17,13 @@ spec:
       terminationGracePeriodSeconds: 60
       containers:
         - name: volume
-          image: chrislusf/seaweedfs:latest
+          image: chrislusf/seaweedfs:4.18
           args:
             - volume
             - -port=8080
             - -mserver=seaweedfs-master.storage.svc.cluster.local:9333
             - -dir=/data
-            - -max=50
+            - -max=100
             - -metricsPort=9091
           ports:
             - name: http

base/storage/vault-secrets.yaml

@@ -84,4 +84,4 @@ spec:
       excludeRaw: true
       templates:
         "s3.json":
-          text: '{"identities":[{"name":"seaweed","credentials":[{"accessKey":"{{ index .Secrets "access-key" }}","secretKey":"{{ index .Secrets "secret-key" }}"}],"actions":["Admin","Read","Write","List","Tagging"]}]}'
+          text: '{"identities":[{"name":"seaweed","credentials":[{"accessKey":"{{ index .Secrets "access-key" }}","secretKey":"{{ index .Secrets "secret-key" }}"}],"actions":["Admin","Read","Write","List","Tagging"]},{"name":"sccache","credentials":[{"accessKey":"{{ index .Secrets "sccache-access-key" }}","secretKey":"{{ index .Secrets "sccache-secret-key" }}"}],"actions":["Read:sunbeam-sccache","Write:sunbeam-sccache","List:sunbeam-sccache","Tagging:sunbeam-sccache"]}]}'