[File Delivery] Read from additional integration sources

[pzl]

What is the problem this PR solves?

Current file-delivery mechanism is for short-lived files (ILM enforced) that are targeted to specific agents (i.e. send this file to this agent).

This addresses the new need for sending files that are not agent-targeted, that may have different ILM settings (or no ILM at all)

How does this PR solve the problem?

• Adds ?source query parameter to file API
• when used, fleet server will locate the file using the alternately requested source
• source indices follow a limited naming pattern to prevent arbitrary reads
• naming pattern also uses product origin header to route to the integration. Currently limited to defend, as the only initial user

Design Checklist

• I have ensured my design is stateless and will work when multiple fleet-server instances are behind a load balancer.
• I have or intend to scale test my changes, ensuring it will work reliably with 100K+ agents connected.
• I have included fail safe mechanisms to limit the load on fleet-server: rate limiting, circuit breakers, caching, load shedding, etc.

Checklist

• I have made corresponding changes to the documentation
• I have added tests that prove my fix is effective or that my feature works
• I have added an entry in ./changelog/fragments using the changelog tool

[mergify]

This pull request does not have a backport label. Could you fix it @pzl? 🙏
To fixup this pull request, you need to add the backport labels for the needed
branches, such as:

• backport-./d./d is the label to automatically backport to the 8./d branch. /d is the digit
• backport-active-all is the label that automatically backports to all active branches.
• backport-active-8 is the label that automatically backports to all active minor branches for the 8 major.
• backport-active-9 is the label that automatically backports to all active minor branches for the 9 major.