feat: add feature branch deployments with per-branch isolation

Enable deploying feature branches into isolated environments on the same
k3s cluster. Each branch gets its own namespace (cam-<slug>), PostgreSQL
schema, and OpenSearch index prefix for data isolation while sharing the
underlying infrastructure.

- Make OpenSearch index prefix and DB schema configurable via env vars
  (defaults preserve existing behavior)
- Restructure deploy/ into Kustomize base + overlays (main/feature)
- Extend CI to build Docker images for all branches, not just main
- Add deploy-feature job with namespace creation, secret copying,
  Traefik Ingress routing (<slug>-api/ui.cameleer.siegeln.net)
- Add cleanup-branch job to remove namespace, PG schema, OS indices
  on branch deletion
- Install required tools (git, jq, curl) in CI deploy containers

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

cameleer3-server-app/src/main/resources/application.yml

@@ -3,13 +3,15 @@ server:
 
 spring:
   datasource:
-    url: jdbc:postgresql://localhost:5432/cameleer3
+    url: jdbc:postgresql://localhost:5432/cameleer3?currentSchema=${CAMELEER_DB_SCHEMA:public}
     username: cameleer
     password: ${CAMELEER_DB_PASSWORD:cameleer_dev}
     driver-class-name: org.postgresql.Driver
   flyway:
     enabled: true
     locations: classpath:db/migration
+    schemas: ${CAMELEER_DB_SCHEMA:public}
+    default-schema: ${CAMELEER_DB_SCHEMA:public}
   mvc:
     async:
       request-timeout: -1
@@ -34,6 +36,7 @@ ingestion:
 
 opensearch:
   url: ${OPENSEARCH_URL:http://localhost:9200}
+  index-prefix: ${CAMELEER_OPENSEARCH_INDEX_PREFIX:executions-}
   queue-size: ${CAMELEER_OPENSEARCH_QUEUE_SIZE:10000}
   debounce-ms: ${CAMELEER_OPENSEARCH_DEBOUNCE_MS:2000}