Changes

refactor(tikv/pd): migrate downloading artifacts from fileserver to OCI registry (#4266)

Removes all `fileserver.pingcap.net` references from tikv/pd
pipelines/jobs, replacing with OCI artifact pulls/pushes via
`hub.pingcap.net`.

## Consumer pipelines (downloads)

- **`latest/pull_integration_realcluster_test`**: Replace
`fetchAndExtractArtifact` for tidb/tikv/tiflash with
`download_pingcap_oci_artifact.sh`
- **`release-7.5/8.1/8.5/9.0-beta` `pull_integration_copr_test`**:
Migrate tikv download to OCI, matching the release-7.1 pattern already
in place
- **`latest/pull_unit_test`**: Drop unused `FILE_SERVER_URL` and dead
commented-out fileserver code
- All affected pod templates: add `utils` container
(`ghcr.io/pingcap-qe/cd/utils/release`) for `oras`/`yq` tooling

## Producer pipelines (uploads)

- **`release-6.5/6.5-fips/7.1/7.5/8.1/8.5` `ghpr_build`**: Replace `curl
-F ... fileserver/upload` with `oras push` to
`hub.pingcap.net/tikv/pd/package`
- **`release-9.0-beta` `ghpr_build`**: Drop unused `FILE_SERVER_URL` (no
upload stage existed)
- All `pod-ghpr_build.yaml`: add `utils` container; uses
`harbor-pingcap` Jenkins credential for push auth

## OCI paths

| Artifact | OCI path |
|----------|----------|
| tikv | `hub.pingcap.net/tikv/tikv/package:{branch}_linux_amd64` |
| tidb | `hub.pingcap.net/pingcap/tidb/package:{branch}_linux_amd64` |
| tiflash |
`hub.pingcap.net/pingcap/tiflash/package:{branch}_linux_amd64` |
| pd PR build |
`hub.pingcap.net/tikv/pd/package:pr-{number}_linux_amd64` |

Branch tags are resolved via
`component.computeArtifactOciTagFromPR(...)`, supporting `pd=pr/N`
overrides in PR titles. The mirror `hub-zot.pingcap.net/mirrors/hub` is
used for downloads (consistent with other migrated repos).

<!-- START COPILOT ORIGINAL PROMPT -->



<details>

<summary>Original prompt</summary>

> 
> ----
> 
> *This section details on the original issue you should resolve*
> 
> <issue_title>fileserver: migrate artifacts for tikv/pd</issue_title>
> <issue_description>Replace fileserver.pingcap.net usage for tikv/pd
with OCI artifacts in a standard registry.
> 
> Acceptance criteria:
> - No fileserver.pingcap.net references in jobs/pipelines for tikv/pd
> - Artifacts pulled via OCI registry with documented paths
> </issue_description>
> 
> ## Comments on the Issue (you are @copilot in this section)
> 
> <comments>
> </comments>
> 


</details>



<!-- START COPILOT CODING AGENT SUFFIX -->

- Fixes PingCAP-QE/ci#4213

<!-- START COPILOT CODING AGENT TIPS -->
---

🔒 GitHub Advanced Security automatically protects Copilot coding agent
pull requests. You can protect all pull requests by enabling Advanced
Security for your repositories. [Learn more about Advanced
Security.](https://gh.io/cca-advanced-security)

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: wuhuizuo <2574558+wuhuizuo@users.noreply.github.com>
Co-authored-by: wuhuizuo <wuhuizuo@126.com>
 (commit: d830b86)