feat: Decompose CRT default chain into individual wrappers

[sichanyoo]

Issue #

2380

Description of changes

• Instead of using CRT's .defaultChain credential resolver, just directly use SDK-side wrappers for each individual CRT credential provider in the same order that .defaultChain uses. This sets the stage for moving off of CRT credential provider one by one, by replacing individual provider's internals that currently uses CRT, with SDK side implementation.

New/existing dependencies impact assessment, if applicable

Conventional Commits

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

[dayaffe]

will this always throw the IMDS error if all resolver factories fail? If so this was a huge pain from the user perspective when we used CRT so we should take this opportunity to throw a more descriptive error

[sichanyoo]

That's a great point, should we include that as part of the final breaking change PR tho? To maintain error behavior the same for now.

[dayaffe]

@jbelkins what do you think? Change this now or change this later

[jbelkins]

I tend to agree with changing this now. The error should give some info about the specific providers in the chain that failed. Returning an IMDS error just because that’s the last in the chain does not make it clear what has really happened

[jbelkins]

After discussion, I recommend changing this error along with other breaking changes, i.e. adding to or reordering the chain.

[jbelkins]

Let's add a "chain failed" error at the same time we add providers to the chain

[sichanyoo]

After team discussion, decided to add more descriptive error throwing behavior at the end of the default chain overhaul project. The final breaking change PR for the project will re-order credential resolvers to match the SEP as well as throw more descriptive error at the end of the chain if every resolver failed to get credentials.