fix: move single-tenant DB record creation from bootstrap to installer

The bootstrap script runs before the SaaS app starts, but the tenants
table only exists after Flyway migrations run in the SaaS app. This
circular dependency caused Phase 12b's psql commands to fail under
set -e, crashing the Logto container on first install in single-tenant
mode.

Now the bootstrap only handles Logto-side setup (org, user roles, OIDC
redirect URIs), and the installer creates the tenant DB record after
verify_health confirms the SaaS app is up. Also makes docker_compose_up
tolerant of transient startup errors since verify_health is the real
health gate.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

docker/logto-bootstrap.sh

@@ -730,20 +730,8 @@ elif [ -n "$TENANT_ORG_NAME" ]; then
       fi
     fi
 
-    # Insert tenant record into cameleer_saas database
-    pgpass
-    EXISTING_TENANT=$(psql -h "$PG_HOST" -U "$PG_USER" -d "$PG_DB_SAAS" -t -A -c \
-      "SELECT id FROM tenants WHERE slug = '$TENANT_SLUG';" 2>/dev/null)
-    if [ -z "$EXISTING_TENANT" ]; then
-      TENANT_UUID=$(cat /proc/sys/kernel/random/uuid 2>/dev/null || python3 -c "import uuid; print(uuid.uuid4())" 2>/dev/null)
-      psql -h "$PG_HOST" -U "$PG_USER" -d "$PG_DB_SAAS" -c \
-        "INSERT INTO tenants (id, name, slug, tier, status, logto_org_id, created_at, updated_at)
-         VALUES ('$TENANT_UUID', '$TENANT_ORG_NAME', '$TENANT_SLUG', 'STANDARD', 'PROVISIONING', '$TENANT_ORG_ID', NOW(), NOW());" >/dev/null 2>&1
-      log "Created tenant record: $TENANT_SLUG (status: PROVISIONING)"
-      log "  The SaaS app will provision the tenant's server on next restart or via the UI."
-    else
-      log "Tenant record already exists for slug: $TENANT_SLUG"
-    fi
+    # NOTE: Tenant DB record is created by the installer after Flyway migrations
+    # have run (the tenants table doesn't exist yet at bootstrap time).
   fi
 
   log "Single-tenant setup complete."