[Update Center] Add archives.jenkins.io as a mirror fallback for JSON metadatas

[dduportal]

#2649 introduced a new Update Center system built on top of mirrorbits.

We want to add the VM archives.jenkins.io as a "mirror fallback" for the Update Center instead of using the US East Cloudflare R2 mirror.

Rationale:

• We have to be resilient against a Cloudflare outage => a non Cloudflare mirror is required
• We need a non-S3 mirror => an HTTP + Rsync service is needed
• HA is not required => a single VM is 👍
• This service is only used when there is a mismatch of all mirrors with the mirrorbits reference + during Cloudflare outages: We need a service where outbound bandwidth is cheap => DigitalOcean is a good candidate
• We want to avoid heavy maintenance as much as possible => archive.jenkins.io DigitalOcean VM is already a download mirror with everything required (webservice, rsync, etc.)

Todo list:

• Check the network routes to archives.jenkins. Fix the security groups and routing if failing (+ updatecli manifest to track IPs if needed):
  • From the trusted agent-1 with rsync (update_center2)
  • From any trusted.ci ephemeral VM agent with rsync (crawler)
  • From mirrorbits services inside publick8s with both rsync and HTTP
• Set up an rsync credential to allow both trusted.ci to rsync from its jobs and mirrorbits to scan the service with rsync
  • Add credential in sops (private key) + kubernetes-management (from sops to mirrorbits pods)
  • Add credential in the trusted.ci ZIP definition (in sops) and update it in trusted.ci
• Set up update_center2 to also rsync to archives.jio (with the updated ZIP credential above)
• Set up crawler to also rsync to archives.jio (with the updated ZIP credential above)
• Once archives.jio is kept up to date, set up mirrorbis instances (both secured and unsecured) to use archives.jio as fallback
• Check metrics to monitor in DigitalOcean to track outbound bandwidth