fix: use separate CH credentials, remove dead bootstrap code

- ClickHouse: pass user/password via ProvisioningProperties instead of
  baking into JDBC URLs. All consumers (InfrastructureService,
  TenantDataCleanupService, DockerTenantProvisioner) use the same source.
- Bootstrap: remove dead tenant config (CAMELEER_AUTH_TOKEN, t-default
  org, example tenant vars) — tenants are created dynamically by vendor.
- Bootstrap JSON: remove unused fields (tenantName, tenantSlug,
  bootstrapToken, tenantAdminUser, organizationId).

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

src/main/resources/application.yml

@@ -50,7 +50,9 @@ cameleer:
       publichost: ${CAMELEER_SAAS_PROVISIONING_PUBLICHOST:localhost}
       publicprotocol: ${CAMELEER_SAAS_PROVISIONING_PUBLICPROTOCOL:https}
       datasourceurl: ${CAMELEER_SAAS_PROVISIONING_DATASOURCEURL:jdbc:postgresql://postgres:5432/cameleer3}
-      clickhouseurl: ${CAMELEER_SAAS_PROVISIONING_CLICKHOUSEURL:jdbc:clickhouse://clickhouse:8123/cameleer?user=default&password=cameleer_ch}
+      clickhouseurl: ${CAMELEER_SAAS_PROVISIONING_CLICKHOUSEURL:jdbc:clickhouse://clickhouse:8123/cameleer}
+      clickhouseuser: ${CAMELEER_SAAS_PROVISIONING_CLICKHOUSEUSER:default}
+      clickhousepassword: ${CAMELEER_SAAS_PROVISIONING_CLICKHOUSEPASSWORD:${CLICKHOUSE_PASSWORD:cameleer_ch}}
       oidcissueruri: ${cameleer.saas.provisioning.publicprotocol}://${cameleer.saas.provisioning.publichost}/oidc
       oidcjwkseturi: http://logto:3001/oidc/jwks
       corsorigins: ${cameleer.saas.provisioning.publicprotocol}://${cameleer.saas.provisioning.publichost}