test(cli): cover cors parser edge cases

[overtrue]

Summary

This change adds focused regression coverage for two untested helper paths in the new bucket CORS command parser. The new tests confirm that blank optional header lists are normalized away during JSON parsing and that conflicting input-source arguments are rejected consistently at the helper layer.

Background

Bucket CORS support was added recently, and the first pass included solid happy-path coverage for command parsing and CORS document normalization. A few narrow branches in the helper logic were still untested, which left low-level behavior around source selection and optional-field cleanup dependent on manual reasoning instead of executable checks.

Root Cause

The CORS parser tests covered successful JSON/XML parsing, invalid methods, and missing sources, but they did not exercise the branch that rejects simultaneous positional and --file inputs or the branch that collapses whitespace-only optional header collections to None.

Solution

I added two targeted unit tests in crates/cli/src/commands/cors.rs:

• verify parse_cors_configuration drops blank allowedHeaders and exposeHeaders entries while still normalizing method case
• verify cors_input_source rejects conflicting positional and --file inputs

The implementation is unchanged; this PR only tightens regression coverage for the newly added CORS command helpers.

Validation

I attempted make pre-commit, but this repository currently has no pre-commit make target.

I then ran the equivalent required checks directly:

• cargo fmt --all --check
• cargo clippy --workspace -- -D warnings
• cargo test --workspace

[Copilot]

Pull request overview

Adds additional unit test coverage for bucket CORS CLI helper parsing logic, focusing on edge cases around empty/blank inputs and input-source selection.

Changes:

• Added regression tests ensuring empty allowedOrigins / allowedMethods entries are rejected.
• Added regression test ensuring whitespace-only allowedHeaders / exposeHeaders normalize to None while methods are still uppercased.
• Added regression test ensuring conflicting positional vs --file inputs are rejected by cors_input_source.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

PR description says this change adds two targeted unit tests, but this diff adds four new tests (two additional cases for empty allowed origins/methods). Please update the PR description (or trim the change) so the summary matches what’s actually being added.