feat: graceful degradation for setBucketPolicy, enableVersioning, setLifecycleRules + MinIO integration tests

[pyramation]

Summary

Completes graceful degradation coverage for BucketProvisioner. Three methods — setBucketPolicy, enableVersioning, setLifecycleRules — were still hard-throwing on unsupported S3-compatible backends (MinIO free, edge-cicd). This PR adds the same error-code matching pattern (XmlParseException, NotImplemented, message substring checks) already used by setPublicAccessBlock, setCors, and deleteBucketPolicy on main.

Also adds a MinIO integration test suite (20 tests) that exercises the full provisioning pipeline end-to-end and skips gracefully when MinIO is not reachable.

Files changed: 3 (1 new integration test file, 1 updated unit test file, 1 updated provisioner source)

Replaces closed PR #966 which used a blanket provider !== 's3' approach that diverged from main's error-code matching convention.

Updates since last revision

• Fixed CI failure: MinIO edge-cicd returns MissingContentMD5 for PutBucketLifecycleConfiguration (requires Content-MD5 header the SDK doesn't always send). Added MissingContentMD5 error code/name and Content-Md5 message substring to the setLifecycleRules catch block.
• Added unit test covering the MissingContentMD5 case (now 13 graceful degradation unit tests total).

Review & Testing Checklist for Human

• setBucketPolicy catch includes err.message?.includes('policy') — this is a broad substring. Unlike 'VersioningConfiguration' and 'LifecycleConfiguration' (specific API config names), 'policy' could match legitimate errors like "policy syntax error" or "policy size exceeds limit". Consider narrowing to 'BucketPolicy' or 'PutBucketPolicy'.
• Verify the error-code list is sufficient for your target providers — the catch blocks match XmlParseException, NotImplemented, MissingContentMD5, and specific message substrings. If you deploy against R2, GCS, or DigitalOcean Spaces, they may return different error shapes. Consider a quick smoke test against your actual non-AWS provider.
• Integration tests run on CI — CI's MinIO service is confirmed wired up (the MissingContentMD5 failure proved the tests hit real MinIO). Verify the 20 integration tests are passing (not just skipping) in CI output.

Notes

• The existing "error propagation" unit tests (e.g., wraps PutBucketVersioning failure as VERSIONING_FAILED) still pass — they use generic error messages that don't match any graceful degradation pattern, confirming genuine errors still throw.
• Pre-existing build failure in graphile-settings (unrelated TS2307 for @constructive-io/bucket-provisioner module resolution) — exists on main, not introduced by this PR.

Link to Devin session: https://app.devin.ai/sessions/4c882ba2dfbf4045adf85fb83cde6f77
Requested by: @pyramation

[devin-ai-integration]

🤖 Devin AI Engineer

I'll be helping with this pull request! Here's what you should know:

✅ I will automatically:

• Address comments on this PR. Add '(aside)' to your comment to have me ignore it.
• Look at CI failures and help fix them

Note: I can only respond to comments from users who have write access to this repository.

⚙️ Control Options:

• Disable automatic comment and CI monitoring