feat: add STS Token support for the SLS sink

[yuguorui]

Use STS(Security Token Service[1]) Token can reduce the risk of long-term access key (AccessKey) leakage. The token will automatically expire after expiration date, so it need to be periodically refreshed.

There 2 ways for a user to retrieve a STS token:

• AssumeRole/AssumeRoleWithSAML/AssumeRoleWithOIDC [2]
• Access ECS metadata server [3] on an ECS instance,

So we create a new credentialprovider to execute commands to allow end users to extend the STS refreshment without modifying the loggie itself.

1. https://www.alibabacloud.com/help/en/ram/product-overview/what-is-sts
2. https://www.alibabacloud.com/help/en/ram/developer-reference/api-sts-2015-04-01-dir-role-assuming/
3. https://www.alibabacloud.com/help/en/ecs/user-guide/obtain-a-temporary-authorization-token

Proposed Changes:

• Allow to use SLS sink but without the access key
• A CredentialProvider for users to extend its logic to refresh the STS token

Which issue(s) this PR fixes:

Fixes #

Additional documentation:

Collect Logs on ECS without persistent credentials

Refer to Deploy on hosts. When the user has a RAM identity bound to ECS, and the RAM identity has SLS write permissions, it can be configured in this way to eliminate persistent credentials.

The pipeline configuration example is as follows:

pipelines:
  - name: test
    sources:
      - type: file
        name: demo
        addonMeta: true
        paths:
          - /tmp/log/*.log
    sink:
      type: sls
      endpoint: cn-hangzhou.log.aliyuncs.com
      cridentialProviderCommand: curl
      credentialProviderArgs:
        - "http://100.100.100.200/latest/meta-data/ram/security-credentials/${RAM_NAME}"
      project: loggietest
      logstore: demo1
      topic: myservice